| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google Ergebnisse, Weiterleitung auf falsche SeitenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.06.2012, 13:01
| #1 |
 |  Google Ergebnisse, Weiterleitung auf falsche Seiten Hallo Leute, ich habe da echt ein problem mit meinem Rechner. Laut Malwarebytes und Kaspersky ist mein Rechner nicht befallen aber bei Google Ergebnissen werde ich regelmäßig auf andere Seiten umgeleitet. Könnt Ihr mir helfen Bitte? Hier mein OTL Log:OTL Logfile:OTL Logfile: Code:
ATTFilter OTL logfile created on: 10.06.12 13:33:48 - Run 1 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Dokumente und Einstellungen\******\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yy 3,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 69,70% Memory free 4,84 Gb Paging File | 3,95 Gb Available in Paging File | 81,51% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 48,83 Gb Total Space | 11,80 Gb Free Space | 24,17% Space Free | Partition Type: NTFS Drive D: | 100,22 Gb Total Space | 28,19 Gb Free Space | 28,13% Space Free | Partition Type: NTFS Computer Name: MG-107315 | User Name: ****** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.10 13:16:27 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\******\Desktop\OTL.exe PRC - [2011.10.24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2011.08.04 14:44:24 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEUPDT.EXE PRC - [2011.08.04 14:41:44 | 001,637,496 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE PRC - [2011.07.25 11:10:34 | 000,468,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe PRC - [2011.07.19 05:53:07 | 002,567,272 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE PRC - [2011.03.08 13:21:18 | 000,138,168 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\ZOOM\TpScrex.exe PRC - [2011.03.08 13:20:58 | 000,267,624 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe PRC - [2010.12.03 10:57:38 | 000,099,328 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\tphkload.exe PRC - [2010.12.02 12:55:54 | 000,064,440 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe PRC - [2010.11.29 16:32:44 | 000,069,560 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe PRC - [2010.04.01 14:50:44 | 000,043,960 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe PRC - [2009.12.15 12:20:48 | 000,081,920 | R--- | M] (Microsoft) -- C:\Programme\Pc Camera\3288.exe PRC - [2009.07.23 03:11:00 | 000,124,248 | ---- | M] (Lenovo Group Limited) -- C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE PRC - [2009.05.15 17:29:38 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\System Update\SUService.exe PRC - [2008.08.25 13:01:05 | 000,211,568 | ---- | M] (Kaspersky Lab) -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe PRC - [2008.08.05 11:35:22 | 000,520,192 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe PRC - [2008.06.26 10:25:07 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.03.04 10:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe PRC - [2008.03.04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe PRC - [2008.02.19 13:05:08 | 000,842,304 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Client Security Solution\password_manager.exe PRC - [2008.01.09 12:32:08 | 000,789,008 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe PRC - [2008.01.09 12:28:58 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe PRC - [2007.11.29 17:56:34 | 000,722,232 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe PRC - [2007.11.26 15:58:10 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe PRC - [2007.11.26 15:58:08 | 000,264,800 | ---- | M] (Broadcom Corporation.) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe PRC - [2007.08.11 01:30:40 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe PRC - [2007.03.09 18:12:14 | 000,091,265 | ---- | M] (Kaspersky Lab) -- C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe PRC - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe PRC - [2006.06.29 21:57:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe PRC - [2004.06.08 09:41:14 | 000,282,624 | ---- | M] (iPass Inc) -- C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe PRC - [2004.05.17 13:27:28 | 000,032,859 | ---- | M] (Novell, Inc.) -- C:\WINDOWS\system32\dpmw32.exe PRC - [2003.10.24 06:37:56 | 000,217,194 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [2002.03.12 09:37:28 | 000,028,672 | ---- | M] (Novell, Inc.) -- C:\WINDOWS\system32\nwtray.exe ========== Modules (No Company Name) ========== MOD - [2012.05.21 09:14:15 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8dc4a28c456f81ee7399da21bd9d55aa\System.ServiceProcess.ni.dll MOD - [2012.05.20 23:03:38 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MOD - [2012.05.20 23:01:54 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012.05.20 23:01:43 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll MOD - [2009.01.14 17:37:00 | 001,486,848 | ---- | M] () -- C:\WINDOWS\system32\nview.dll MOD - [2009.01.14 17:37:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll MOD - [2008.08.05 11:35:22 | 000,520,192 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe MOD - [2008.08.05 11:33:28 | 000,073,728 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\K2NPROXY.dll MOD - [2008.06.26 10:25:07 | 000,048,640 | ---- | M] () -- C:\WINDOWS\mmfs.dll MOD - [2008.06.26 10:25:07 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008.01.11 01:30:00 | 000,073,728 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\PWRMGRIF.DLL MOD - [2008.01.11 01:30:00 | 000,049,152 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL MOD - [2007.11.26 15:56:04 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll MOD - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe MOD - [2006.06.29 21:57:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe MOD - [2006.05.24 14:12:44 | 000,245,843 | ---- | M] () -- C:\WINDOWS\system32\nwshlxnt.dll MOD - [2005.01.13 08:50:00 | 000,121,660 | ---- | M] () -- C:\WINDOWS\system32\nls\DEUTSCH\nwshlxnr.dll MOD - [2004.06.15 15:33:10 | 000,651,264 | ---- | M] () -- C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\libeay32.dll MOD - [2003.05.15 03:15:50 | 000,753,664 | ---- | M] () -- C:\Programme\Adobe\Acrobat 6.0\Distillr\AdistRes.DEU MOD - [2001.07.31 02:17:12 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\zxjaux.dll -- (jsenujoft) SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\zxjaux.dll -- (bxlst) SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\zxjaux.dll -- (bpsyorcy) SRV - [2011.10.24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.12.03 10:57:38 | 000,099,328 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD) SRV - [2010.12.02 12:55:54 | 000,064,440 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC) SRV - [2010.11.24 16:34:24 | 000,045,496 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE) SRV - [2009.05.15 17:29:38 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\System Update\SUService.exe -- (SUService) SRV - [2008.08.25 13:01:05 | 000,211,568 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe -- (AVP) SRV - [2008.06.26 10:25:07 | 000,002,560 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Runservice.exe -- (LicCtrlService) SRV - [2008.05.05 10:58:22 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service) SRV - [2008.03.04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler) SRV - [2008.01.09 12:30:08 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2007.11.29 17:56:34 | 000,722,232 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service) SRV - [2007.11.26 15:58:08 | 000,264,800 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins) SRV - [2007.03.09 18:12:14 | 000,091,265 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe -- (klnagent) SRV - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing) SRV - [2006.08.11 14:51:04 | 000,028,672 | ---- | M] (Novell, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\cusrvc.exe -- (cusrvc) SRV - [2006.06.29 21:57:50 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\TpKmpSvc.exe -- (TpKmpSVC) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2011.10.18 02:43:42 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV - [2011.10.18 02:43:42 | 000,078,136 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV - [2010.09.07 14:09:06 | 000,013,680 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\smiif32.sys -- (lenovo.smi) DRV - [2010.03.02 07:45:36 | 000,030,976 | R--- | M] (usb camera) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbcamcl.sys -- (usbcamcl) DRV - [2009.04.08 08:24:28 | 000,187,168 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\klif.sys -- (TSP) DRV - [2009.04.08 08:24:28 | 000,187,168 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2009.01.19 20:31:56 | 000,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\acedrv11.sys -- (acedrv11) DRV - [2008.05.30 15:13:26 | 000,027,704 | ---- | M] (Canopus Co,. Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrblock.sys -- (cdrblock) DRV - [2008.05.29 08:54:29 | 000,112,144 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1) DRV - [2008.05.05 13:59:21 | 000,008,256 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x) DRV - [2008.04.30 16:43:04 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd) DRV - [2008.01.11 01:30:00 | 000,004,442 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF) DRV - [2007.11.29 02:17:56 | 000,036,368 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007.11.29 02:17:48 | 000,035,088 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2007.11.27 15:40:00 | 000,539,512 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio) DRV - [2007.11.27 15:40:00 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2007.11.26 23:37:00 | 002,236,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R) DRV - [2007.11.21 10:51:00 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL) DRV - [2007.11.01 16:26:36 | 000,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2007.11.01 16:25:32 | 000,211,456 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2007.11.01 16:25:22 | 000,731,520 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2007.08.14 15:46:36 | 000,010,896 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys -- (smihlp) SMI Helper Driver (smihlp) DRV - [2007.06.29 11:38:00 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS) DRV - [2007.05.22 14:59:38 | 000,030,336 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C) DRV - [2007.04.13 08:50:42 | 000,090,888 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrsce.sys -- (zebrsce) DRV - [2007.04.13 08:50:38 | 000,108,424 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdmc.sys -- (zebrmdmc) Sony Ericsson mRouter Port (WDM) DRV - [2007.04.13 08:50:38 | 000,108,296 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdm.sys -- (zebrmdm) Sony Ericsson Port (WDM) DRV - [2007.04.13 08:50:36 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdfl.sys -- (zebrmdfl) DRV - [2007.04.13 08:50:30 | 000,083,080 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrbus.sys -- (zebrbus) DRV - [2007.04.13 08:50:30 | 000,062,984 | R--- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\zebrceb.sys -- (zebrceb) Sony Ericsson Cable Emulation Bus (WDM) DRV - [2007.04.04 14:58:26 | 000,024,344 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2007.03.31 12:02:00 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid) DRV - [2007.03.21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007.02.24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007.01.23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006.11.22 11:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock) DRV - [2006.11.09 09:38:22 | 000,506,159 | ---- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\nwfs.sys -- (NetwareWorkstation) DRV - [2006.09.25 11:44:52 | 000,043,280 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwdns.sys -- (NWDNS) DRV - [2006.09.25 08:54:54 | 000,160,209 | ---- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\srvloc.sys -- (SRVLOC) DRV - [2006.03.03 16:50:48 | 000,038,416 | ---- | M] (Novell, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nicm.sys -- (NICM) DRV - [2005.11.22 09:51:22 | 000,018,353 | ---- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\nwdhcp.sys -- (NWDHCP) DRV - [2005.10.27 15:15:14 | 000,039,731 | ---- | M] (Novell, Inc.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\NetWare\nwsipx32.sys -- (NWSIPX32) DRV - [2005.10.12 12:12:18 | 000,009,297 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwhost.sys -- (NWHOST) DRV - [2005.10.12 12:11:32 | 000,006,128 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwsns.sys -- (NWSNS) DRV - [2005.05.26 17:14:00 | 000,015,891 | ---- | M] (Novell, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\NetWare\nwfilter.sys -- (NWFILTER) DRV - [2005.01.28 15:36:00 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus) DRV - [2005.01.03 13:51:38 | 000,020,332 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwslp.sys -- (NWSLP) DRV - [2004.06.01 17:19:34 | 000,027,249 | ---- | M] (Novell, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\NetWare\resmgr.sys -- (RESMGR) DRV - [2004.03.10 16:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k) DRV - [2003.02.26 13:51:18 | 000,023,232 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\NetWare\nwsap.sys -- (NWSAP) DRV - [2002.03.19 10:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ds-technologie.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 51 BA 3B 0B 7C CA 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{6221EBD2-4870-4CC4-9778-E6576CED9E43}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGIH_deDE274 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = mg-proxy:8080 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442 FF - prefs.js..network.proxy.backup.ftp: "mg-proxy" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "mg-proxy" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "mg-proxy" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "mg-proxy" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "mg-proxy" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "mg-proxy" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "mg-proxy" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: "" FF - prefs.js..network.proxy.socks: "mg-proxy" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "mg-proxy" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: "" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.03.19 11:10:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.03.19 11:10:08 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FCF36B88-1BBA-487f-B64B-D2E8980A9293}: C:\Programme\Lenovo\Client Security Solution\PWM Firefox Extension [2008.05.07 16:08:41 | 000,000,000 | ---D | M] [2009.04.16 13:11:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Extensions [2008.05.28 21:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2012.05.08 09:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions [2011.06.29 10:18:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.03.19 11:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.12.07 09:31:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.03.13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2011.10.24 00:49:22 | 001,826,192 | ---- | M] (Caminova, Inc.) -- C:\Programme\mozilla firefox\plugins\npdjvu.dll [2003.09.04 14:37:44 | 000,892,928 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\NPSWF32.dll [2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdjvu.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Google Updater (Enabled) = C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - File not found O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - File not found O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - File not found O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - File not found O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - File not found O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - File not found O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - File not found O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - File not found O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - File not found O4 - HKLM..\Run: [3288] C:\Programme\Pc Camera\3288.exe (Microsoft) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL () O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) O4 - HKLM..\Run: [iPCCheck] C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe (iPass Inc) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited) O4 - HKLM..\Run: [LPMailChecker] C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NexusServer] C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [NWTRAY] C:\WINDOWS\System32\nwtray.exe (Novell, Inc.) O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe () O4 - HKLM..\Run: [PSQLLauncher] C:\Programme\ThinkVantage Fingerprint Software\launcher.exe (UPEK Inc.) O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited) O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (Lenovo) O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) O4 - HKCU..\Run: [iecfgRpl] rundll32.exe "C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\iecfgRpl\SecurityMapServ.dll", appMapTrust msWebnt5 File not found O4 - HKCU..\Run: [SkypePM] C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Skype\SkypePM.exe File not found O4 - HKCU..\Run: [TomTomHOME.exe] "C:\Programme\TomTom HOME 2\HOMERunner.exe" File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: CompatibleRUPSecurity = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Programme\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Programme\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm () O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office2003\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Save page in SuperOffice - C:\Programme\SuperOffice\SoIeExtensions.dll (SuperOffice AS) O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Programme\Free Download Manager\dlfvideo.htm () O9 - Extra Button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\SCIEPlgn.dll (Kaspersky Lab) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: SuperOror - {CC88D81F-6166-4F46-AC89-B75CD9CEB292} - Reg Error: Key error. File not found O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\NetWare\nwws2nds.dll (Novell, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\NetWare\nwws2sap.dll (Novell, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\NetWare\nwws2slp.dll (Novell, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} https://photoservice.fujicolor.de/ips-opdata/objects/jordan-canvasx.cab (JordanUploader Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209556674671 (WUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = starrag.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{007E9E8C-277D-49B5-8454-B8FE8ED9DCD8}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\adialhk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\WINDOWS\System32\vrlogon.dll (UPEK Inc.) O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O20 - Winlogon\Notify\psfus: DllName - (C:\WINDOWS\system32\psqlpwd.dll) - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O30 - LSA: Authentication Packages - (nwv1_0) - C:\WINDOWS\System32\nwv1_0.dll (Novell, Inc.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.04.30 15:52:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{0074100d-2ce7-11dd-ab94-001e4cdace2a}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell - "" = AutoRun O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{8a22bd91-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\StartPortableApps.exe O33 - MountPoints2\{8a22bdf9-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\pstart.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.06.10 13:38:57 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\******\Desktop\TDSSKiller.exe [2012.06.10 13:19:37 | 000,000,000 | ---D | C] -- C:\_OTL [2012.06.10 13:16:18 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\******\Desktop\OTL.exe [2012.06.09 15:46:49 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2012.06.08 10:53:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******\Startmenü\Programme\Google Chrome [2012.06.08 10:48:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Deployment [2012.06.04 14:28:33 | 000,000,000 | ---D | C] -- C:\IMTS 2012 [2012.06.02 15:28:06 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJSolutionMenuEX [2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEPPEX2 [2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonEPP [2012.06.02 15:27:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Canon [2012.06.02 15:27:32 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter [2012.06.02 15:17:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM [2012.06.02 15:15:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canon IJ Network Tool [2012.06.02 15:14:16 | 000,337,920 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZC.dll [2012.06.02 15:14:16 | 000,122,880 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZU.dll [2012.06.02 15:14:16 | 000,107,520 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZI.dll [2012.06.02 15:14:15 | 000,424,448 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZL.dll [2012.06.02 15:14:15 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll [2012.06.02 15:14:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\medias [2012.06.02 15:14:04 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJFAX [2012.06.02 15:12:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Benutzerregistrierung [2012.06.02 15:09:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\CANON [2012.06.02 15:09:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJWSpt [2012.06.02 15:05:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon Utilities [2012.06.02 15:04:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Manual [2012.06.02 15:03:08 | 000,257,536 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCALAZ.DLL [2012.06.02 15:03:05 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2012.06.02 15:02:51 | 000,311,296 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMAZ.DLL [2012.06.02 15:02:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information [2012.06.02 15:02:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series [2012.06.02 15:02:27 | 000,184,832 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIUAZ.DLL [2012.06.02 15:02:01 | 000,000,000 | -H-D | C] -- C:\Programme\CanonBJ [2012.06.02 15:01:30 | 000,363,520 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPPM.DLL [2012.06.02 15:01:30 | 000,035,840 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPUI.DLL [2012.06.02 15:01:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\STRING [2012.05.15 16:57:53 | 000,000,000 | ---D | C] -- C:\DST ========== Files - Modified Within 30 Days ========== [2012.06.10 13:40:17 | 270,357,280 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2012.06.10 13:38:57 | 010,354,720 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2012.06.10 13:32:43 | 000,168,834 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001 [2012.06.10 13:32:32 | 000,185,449 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012.06.10 13:32:23 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2012.06.10 13:32:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.06.10 13:32:06 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.06.10 13:28:02 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.06.10 13:27:11 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2012.06.10 13:26:09 | 000,001,977 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys [2012.06.10 13:25:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.06.10 13:25:42 | 3219,415,040 | -HS- | M] () -- C:\hiberfil.sys [2012.06.10 13:24:43 | 003,636,356 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2012.06.10 13:24:43 | 000,984,260 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2012.06.10 13:18:24 | 002,108,959 | ---- | M] () -- C:\Dokumente und Einstellungen\******\Desktop\tdsskiller.zip [2012.06.10 13:16:27 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\******\Desktop\OTL.exe [2012.06.10 11:10:54 | 000,444,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.06.09 22:54:01 | 000,001,230 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job [2012.06.09 17:42:42 | 000,000,183 | ---- | M] () -- C:\WINDOWS\hpbafd.ini [2012.06.08 10:54:01 | 000,001,178 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job [2012.06.06 16:06:08 | 000,001,004 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2012.06.06 14:13:49 | 000,168,834 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat [2012.06.04 11:12:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012.06.02 15:09:09 | 000,001,686 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk [2012.06.02 15:04:40 | 000,001,935 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk [2012.05.31 15:22:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2012.05.23 10:36:41 | 000,004,608 | ---- | M] () -- C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.05.21 16:40:50 | 002,127,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\******\Desktop\TDSSKiller.exe [2012.05.21 08:17:56 | 000,453,030 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.05.21 08:17:56 | 000,436,080 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.05.21 08:17:56 | 000,081,810 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.05.21 08:17:56 | 000,068,976 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.05.20 23:05:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK ========== Files Created - No Company Name ========== [2012.06.10 13:18:17 | 002,108,959 | ---- | C] () -- C:\Dokumente und Einstellungen\******\Desktop\tdsskiller.zip [2012.06.10 13:08:47 | 3219,415,040 | -HS- | C] () -- C:\hiberfil.sys [2012.06.08 10:49:47 | 000,001,230 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job [2012.06.08 10:49:46 | 000,001,178 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job [2012.06.02 15:14:15 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\CNC175ED.TBL [2012.06.02 15:09:09 | 000,001,686 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk [2012.06.02 15:04:40 | 000,001,935 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk [2012.05.23 10:34:01 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.17 09:19:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.09.20 21:13:00 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\{CE2EE4B6-4EE3-456B-A851-2F4B01E978E5} [2011.03.01 10:16:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\SoIds.ini [2011.03.01 10:13:07 | 000,000,041 | ---- | C] () -- C:\WINDOWS\souser.ini [2011.02.20 13:40:56 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.02.17 20:55:33 | 000,038,469 | ---- | C] () -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Kommagetrennte Werte (Windows).ADR [2011.01.26 09:42:20 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CmdFile.INI [2011.01.17 15:12:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI [2010.08.24 12:00:16 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\CoUninstall.dll [2010.08.24 11:35:45 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010.08.24 11:24:39 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\camera.ini [2010.07.07 13:37:54 | 000,155,700 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.DLL < End of report > --- --- --- Hier die Extra TXTOTL Logfile: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 10.06.12 13:33:48 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Dokumente und Einstellungen\******\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yy
3,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 69,70% Memory free
4,84 Gb Paging File | 3,95 Gb Available in Paging File | 81,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 11,80 Gb Free Space | 24,17% Space Free | Partition Type: NTFS
Drive D: | 100,22 Gb Total Space | 28,19 Gb Free Space | 28,13% Space Free | Partition Type: NTFS
Computer Name: MG-107315 | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
htmlfile [print] -- "C:\Programme\Microsoft Office2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"UacDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
"UpdatesDisableNotify" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications]
"Enabled" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\empirum\swdepot.exe:localsubnet:enabled:SoftwareDepot for Windows" = %windir%\system32\empirum\swdepot.exe:localsubnet:enabled:SoftwareDepot for Windows
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"15000:UDP" = 15000:UDP:LocalSubNet:Enabled:Kaspersky Administration Kit
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"15000:UDP" = 15000:UDP:LocalSubNet:Enabled:Kaspersky Administration Kit
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpmw32.exe" = C:\WINDOWS\system32\dpmw32.exe:*:Disabled:NDPS RPM & Notification Listener -- (Novell, Inc.)
"C:\Programme\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe" = C:\Programme\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Disabled:mRouterRuntime Module -- (Intuwave Ltd.)
"C:\Dokumente und Einstellungen\******\temp\TeamViewer\Version5\TeamViewer.exe" = C:\Dokumente und Einstellungen\******\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer -- (TeamViewer GmbH)
"C:\Program Files\WS_FTP Pro\ftp95pro.exe" = C:\Program Files\WS_FTP Pro\ftp95pro.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player -- ()
"D:\Dreambox\DM 800\Programme\Dreambox Control Center\DCC_E2.exe" = D:\Dreambox\DM 800\Programme\Dreambox Control Center\DCC_E2.exe:*:Enabled:Dreambox Control Center -- (BernyR)
"C:\Novell\GroupWise\grpwise.exe" = C:\Novell\GroupWise\grpwise.exe:*:Enabled:Novell GroupWise -- (Novell, Inc.)
"C:\Novell\GroupWise\notify.exe" = C:\Novell\GroupWise\notify.exe:*:Enabled:Novell Notify -- (Novell, Inc.)
"C:\Programme\Microsoft Office2003\OFFICE11\OUTLOOK.EXE" = C:\Programme\Microsoft Office2003\OFFICE11\OUTLOOK.EXE:*:Enabled:Outlook -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"D:\Dreambox\DM 800\Programme\DCC Enigma2\DCC_E2.exe" = D:\Dreambox\DM 800\Programme\DCC Enigma2\DCC_E2.exe:*:Disabled:Dreambox Control Center -- (BernyR)
"D:\Dreambox\Programme\DreamTSman\DreamTSman\DreamTSman.exe" = D:\Dreambox\Programme\DreamTSman\DreamTSman\DreamTSman.exe:*:Disabled:DreamTSman -- (7soft)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B1C701-5B73-4a25-BB9B-9F5178349E7B}" = EDIUS Neo 2 Settings
"{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}" = Macromedia Dreamweaver MX 2004
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{10CD702D-CEB4-4602-B0B0-B921181A7916}" = Setup
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX890_series" = Canon MX890 series MP Drivers
"{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1" = Free Video Joiner 1.1
"{16E217EA-C3E0-402D-8D4F-6189DB74497A}" = Studio 9.4 Patch
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav"
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E76BE75-F256-4BA4-A9A3-F433AD3D2D00}" = Sony Ericsson PC Suite for Smartphones
"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = Dienstprogramm 'ThinkPad-Tastaturanpassung'
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{2281AB85-0000-4C6C-B4B8-D9ABB29B720B}" = Handy Safe Desktop Professional 2.03
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2CC982C0-7EAE-11D4-ACC3-0050568AD318}" = Avery Zweckform DesignPro
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{44E9D4C2-946C-4378-9354-558803C47A68}" = Client Security - Password Manager
"{4509D9E5-57F8-45B0-9091-4676D709FD7A}" = Microsoft SQL Server Native Client
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AC1E1A2-D7E3-42D6-AD54-69158C49AA6F}" = Visual Basic for Applications (R) Core
"{4D8E1ADE-CEA6-4A35-8D73-963F16C40FD3}" = Document Express DjVu Plug-in
"{53673F31-91EE-4EDE-A3BA-0E861811940B}" = Mobile2Day
"{5567A669-15A7-4C32-95E4-F8C8DC953428}" = SOGroupWiseLink 1.2.21
"{58D4FB3A-98E9-4B9B-B01E-7F005AEFE019}" = WEBCAM
"{58F8C6D9-5B55-486A-A322-4E8D87670031}" = Canon MP-Treiber
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{663118ED-6E80-45D6-9484-6830798B8B86}" = ProCoder 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D9B3F4-52F1-4C66-835F-A703BFE16AE1}" = GroupWise
"{772E9146-D676-4869-A298-047FF2A2B92D}" = Canopus Codec Option
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79B986AD-54D8-4498-AA06-89808829ACC0}" = Kaspersky Anti-Virus 6.0 for Windows Workstations
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C72AAB5-8A7D-4882-950C-A1F26A949DA3}" = Kaspersky Network Agent
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4AE751-7055-4518-87B0-E148A8D50D0A}" = Macromedia FreeHand MX
"{900A92BA-19EF-4A34-86CF-7B6C85BDD971}" = VC_MergeModuleToMSI
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{939740B5-0064-4779-854A-8C1086181C05}" = Macromedia FreeHand MXa
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4D095B-B81E-4938-9BC9-E9EF9F3AE85A}" = Visual Basic for Applications (R) Core - German
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{9F1675A9-9FD7-49F8-A5DB-BF4D1DED13C9}" = SOGroupWiseLink Templates 1.2.22
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager
"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" =
"{A2289997-10A3-48F2-AA03-99180D761661}" = ThinkVantage Fingerprint Software 5.6
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB6FFA58-F491-11D3-8951-000000026279}" = T-Online Internationaler Zugang
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-0000-7EC8-7489-000000000603}" = Adobe Acrobat and Reader 6.0.3 Update
"{AC76BA86-0000-7EC8-7489-000000000604}" = Adobe Acrobat and Reader 6.0.4 Update
"{AC76BA86-0000-7EC8-7489-000000000605}" = Adobe Acrobat and Reader 6.0.5 Update
"{AC76BA86-0000-7EC8-7489-000000000606}" = Adobe Acrobat and Reader 6.0.6 Update
"{AC76BA86-1033-F400-7760-000000000001}" = Adobe Acrobat 6.0.1 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.5 - Deutsch
"{AC76BA86-7AD7-1031-7B44-A81300000003}_814" = KB408682
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.1 - Deutsch
"{AC76BA86-7AD7-2447-0000-800000000003}" = Chinese Simplified Fonts Support For Adobe Reader 8
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B20B3E91-5E94-11D4-B650-00500488DA92}" = TWAIN FieryScan
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BD60F72D-3F2F-4AE1-9C41-3CF75B2CA59A}" = DVR-Studio Pro 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime SP1
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D1ADE2BF-32D3-4EC3-9BF4-F5E1A740F92E}" = Color Network ScanGear Ver.2.42
"{D728E945-256D-4477-B377-6BBA693714AC}" = Ergänzung zu Productivity Center für ThinkPad
"{D7EC8A27-CDA2-46AE-8A26-4104A04FA5BE}" = 32 Bit HP CIO Components Installer
"{D972F309-7376-4B25-10AA-04C80D13E1F0}" = iGrafx 2009
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.8.320
"{E1252473-6306-4d5d-904D-B06AA7F38161}" = Sony Ericsson PC Suite for Smartphones
"{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}" = Corel Paint Shop Pro Photo XI
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E583ED6F-BD99-4066-A420-C815BF692B69}" = Macromedia Fireworks MX 2004
"{F02DBC5D-33E3-45E9-B0F8-B7745229ED1C}" = NICI (Shared) U.S./Worldwide (128 bit) (2.7.0-2)
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FA8B6532-78E9-490B-B97D-32379E16810E}" = EDIUS Neo 2 (SetupManager)
"ABC Amber Audio Converter" = ABC Amber Audio Converter
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Any Video Converter_is1" = Any Video Converter 3.0.1
"AVMFBox" = AVM FRITZ!Box Dokumentation
"BattlEye" = BattlEye Uninstall
"Canon MX890 series Benutzerregistrierung" = Canon MX890 series Benutzerregistrierung
"Canon MX890 series On-screen Manual" = Canon MX890 series On-screen Manual
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem
"dm Digi Foto" = dm Digi Foto
"DreamBoxEdit" = DreamBoxEdit -- The one and only settings editor for your Dreambox
"DreamTSman_is1" = DreamTSman
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ElsterFormular für Unternehmer 12.1.1.6214u" = ElsterFormular-Update
"EnigmEdit" = EnigmEdit (remove only)
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.3
"Free Download Manager_is1" = Free Download Manager 2.5
"Google Updater" = Google Updater
"HandySafePro" = Handy Safe Pro
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"iGrafx 2009" = iGrafx 2009
"Image Composer" = Microsoft Image Composer 1.5
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{7C72AAB5-8A7D-4882-950C-A1F26A949DA3}" = Administrationsagent
"InstallWIX_{79B986AD-54D8-4498-AA06-89808829ACC0}" = Kaspersky Anti-Virus 6.0 for Windows Workstations
"JDownloader" = JDownloader
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"MP Navigator EX 5.1" = Canon MP Navigator EX 5.1
"MP3-Check_is1" = MP3-Check (v1.0.39.0)
"Mp3tag" = Mp3tag v2.47b
"mRouterRuntime" =
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6
"Neue deutsche Rechtschreibung für Microsoft Office 9x" = Neue deutsche Rechtschreibung für Microsoft Office 9x
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Novell Client for Windows" = Novell Client für Windows 2000
"NVIDIA Drivers" = NVIDIA Drivers
"Office8.0" = Microsoft Office 97, Professional Edition
"OnScreenDisplay" = Anzeige am Bildschirm
"OpenAL" = OpenAL
"Panzerkrieg Bundle" = Panzerkrieg Bundle
"Power Management Driver" = ThinkPad Power Management Driver
"proDAD-Mercalli-1.0" = proDAD Mercalli 1.0
"proDAD-Vitascene-1.0" = proDAD Vitascene 1.0
"PROSet" = Intel(R) PRO Network Connections Drivers
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RealPlayer 6.0" = RealPlayer
"Sony Ericsson" = Sony Ericsson Symbian 9 Drivers
"Speed Dial Utility" = Canon Kurzwahlprogramm
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"SystemRequirementsLab" = System Requirements Lab
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"Visio Standard" = Visio Standard
"VLC media player" = VLC media player 1.0.0
"Warfare Incorporated(TM) for Pocket PC" = Warfare Incorporated(TM) for Pocket PC
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMS" = Windows NT Messaging
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"WS_FTPPro" = Ipswitch WS_FTP Pro Uninstall
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XMedia Recode" = XMedia Recode 3.0.1.6
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.06.12 09:19:22 | Computer Name = MG-107315 | Source = Userenv | ID = 1054
Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt
werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung
hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.
Error - 09.06.12 09:19:24 | Computer Name = MG-107315 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. Die Registrierung
wird nicht durchgeführt.
Error - 09.06.12 09:35:33 | Computer Name = MG-107315 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul mshtml.dll, Version 8.0.6001.19222, Fehleradresse 0x00100420.
Error - 09.06.12 17:19:00 | Computer Name = MG-107315 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. Die Registrierung
wird nicht durchgeführt.
Error - 10.06.12 05:11:25 | Computer Name = MG-107315 | Source = Userenv | ID = 1054
Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt
werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung
hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.
Error - 10.06.12 05:11:27 | Computer Name = MG-107315 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. Die Registrierung
wird nicht durchgeführt.
Error - 10.06.12 07:09:15 | Computer Name = MG-107315 | Source = Userenv | ID = 1054
Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt
werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung
hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.
Error - 10.06.12 07:09:16 | Computer Name = MG-107315 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. Die Registrierung
wird nicht durchgeführt.
Error - 10.06.12 07:26:12 | Computer Name = MG-107315 | Source = Userenv | ID = 1054
Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt
werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung
hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.
Error - 10.06.12 07:26:12 | Computer Name = MG-107315 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. Die Registrierung
wird nicht durchgeführt.
[ Kaspersky Event Log Events ]
Error - 10.06.12 07:26:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt
Error - 10.06.12 07:26:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt
Error - 10.06.12 07:26:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Error 1192 (Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt) occured while replicating settings for application Kaspersky Anti-Virus
6.0 for Windows Workstations. Operation code: _LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.
Storage
file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt Error information: 1192/0 (Data is corrupted or has an unknown format),
O:\CS AdminKit\development2\std\par\parserialize.cpp, 558
Error - 10.06.12 07:26:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Tasks replication failed Product ='KAVWKS6' Version ='6.0.0.0' Storage
file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt Error information: 1192/0 (Data is corrupted or has an unknown format),
O:\CS AdminKit\development2\std\par\parserialize.cpp, 558
Error - 10.06.12 07:31:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt
Error - 10.06.12 07:31:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt
Error - 10.06.12 07:31:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt
Error - 10.06.12 07:31:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Error 1192 (Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt) occured while replicating settings for application Kaspersky Anti-Virus
6.0 for Windows Workstations. Operation code: _LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.
Storage
file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt Error information: 1192/0 (Data is corrupted or has an unknown format),
O:\CS AdminKit\development2\std\par\parserialize.cpp, 558
Error - 10.06.12 07:31:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Tasks replication failed Product ='KAVWKS6' Version ='6.0.0.0' Storage
file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt Error information: 1192/0 (Data is corrupted or has an unknown format),
O:\CS AdminKit\development2\std\par\parserialize.cpp, 558
Error - 10.06.12 07:41:50 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
is corrupt
[ System Events ]
Error - 10.06.12 07:19:43 | Computer Name = MG-107315 | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 10.06.12 07:24:16 | Computer Name = MG-107315 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 29 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 10.06.12 07:26:12 | Computer Name = MG-107315 | Source = NETLOGON | ID = 5719
Description = Es steht kein Domänencontroller für die Domäne LAN aus folgendem Grund
zur Verfügung: %%1311. Stellen Sie sicher, dass der Computer mit dem Netzwerk verbunden
ist, und versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator, wenn
das
Problem weiterhin besteht.
Error - 10.06.12 07:26:12 | Computer Name = MG-107315 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 15 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 10.06.12 07:26:12 | Computer Name = MG-107315 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 15 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 10.06.12 07:27:12 | Computer Name = MG-107315 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Treiber für parallelen Anschluss" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 10.06.12 07:27:12 | Computer Name = MG-107315 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Manager Image" wurde mit folgendem Fehler beendet: %%126
Error - 10.06.12 07:27:12 | Computer Name = MG-107315 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Helper Image" wurde mit folgendem Fehler beendet: %%126
Error - 10.06.12 07:27:12 | Computer Name = MG-107315 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Image Driver" wurde mit folgendem Fehler beendet: %%126
Error - 10.06.12 07:41:14 | Computer Name = MG-107315 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 29 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
< End of report >
--- --- --- Tausend dank für Eure Hilfe Geändert von robee (10.06.2012 um 13:12 Uhr) |
|
12.06.2012, 14:46
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Google Ergebnisse, Weiterleitung auf falsche Seiten Trotzdem bitte alle Logs von Malwarebytes posten
__________________In so einem Log stehen schon ein paar mehr Infos drin als nur Fund oder kein Fund! Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
12.06.2012, 21:32
| #3 |
| | Google Ergebnisse, Weiterleitung auf falsche Seiten Hier das Log
__________________Code:
ATTFilter 12.06.12 20:44:01
mbam-log-2012-06-12 (20-44-01).txt
Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 418716
Laufzeit: 1 Stunde(n), 23 Minute(n), 21 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
Grüße |
|
12.06.2012, 22:32
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google Ergebnisse, Weiterleitung auf falsche Seiten - Log von Malwarebytes ist unvollständig - einfach so drauflos fixen ohne zu wissen was genau welcher Eintrag ist gefährlich, da kann man nur strikt von abraten  - wenn du schon ohne Absprache den TDSS-Killer laufen lässt, kann man auch ohne dass ich nochmal nachhaken muss das Log gleich posten
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
13.06.2012, 10:38
| #5 |
| | Google Ergebnisse, Weiterleitung auf falsche Seiten Hmm, jetzt bin ich etwas ratlos, das Log von Malwarbytes soll unvollständig sein ? Ich habe alles gepostet was im Log stand, da fehlt nichts, ich kann Dir gerne die TXT Datei senden. Und Bitte nicht falsch vestehen, aber ich versuche natürlich auch nach Lösungen zu suchen und verlasse mich nicht nur Blind auf Eure tolle Arbeit hier. In den zwei Tagen bis zu Deiner Antwort, habe ich versucht dem Problem auch Herr zu werden. Der Hinweis auf einen Redirect Trojaner hatte ich ja bekommen, auch den Hinweis auf TDSSKILLER, der nicht startete bei mir, und in einem Englischen Forum den Hinweis auf das Tool von Symantec , der zumindest für mich vorerst zu funktionieren schien. Mir ist klar, dass damit die Gefahr und der Infekt auf meinem Rechner nicht unbedingt beseitigt ist, darum wäre ich für jede weitere Hilfe dankbar. Das Log von TDSSKILLER reiche ich mit einem Sorry nach: Code:
ATTFilter 11:35:39.0426 1564 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
11:35:41.0426 1564 ============================================================
11:35:41.0426 1564 Current date / time: 2012/06/13 11:35:41.0426
11:35:41.0426 1564 SystemInfo:
11:35:41.0426 1564
11:35:41.0426 1564 OS Version: 5.1.2600 ServicePack: 3.0
11:35:41.0426 1564 Product type: Workstation
11:35:41.0426 1564 ComputerName: MG-107315
11:35:41.0426 1564 UserName: Schedler-M
11:35:41.0426 1564 Windows directory: C:\WINDOWS
11:35:41.0426 1564 System windows directory: C:\WINDOWS
11:35:41.0426 1564 Processor architecture: Intel x86
11:35:41.0426 1564 Number of processors: 2
11:35:41.0426 1564 Page size: 0x1000
11:35:41.0426 1564 Boot type: Normal boot
11:35:41.0426 1564 ============================================================
11:35:44.0301 1564 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
11:35:44.0301 1564 ============================================================
11:35:44.0301 1564 \Device\Harddisk0\DR0:
11:35:44.0301 1564 MBR partitions:
11:35:44.0301 1564 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A9E11
11:35:44.0316 1564 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A9E8F, BlocksNum 0xC86E881
11:35:44.0316 1564 ============================================================
11:35:44.0363 1564 C: <-> \Device\Harddisk0\DR0\Partition0
11:35:44.0394 1564 D: <-> \Device\Harddisk0\DR0\Partition1
11:35:44.0410 1564 ============================================================
11:35:44.0410 1564 Initialize success
11:35:44.0410 1564 ============================================================
11:35:50.0957 3692 ============================================================
11:35:50.0957 3692 Scan started
11:35:50.0957 3692 Mode: Manual;
11:35:50.0957 3692 ============================================================
11:35:52.0269 3692 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
11:35:52.0269 3692 61883 - ok
11:35:52.0269 3692 Abiosdsk - ok
11:35:52.0269 3692 abp480n5 - ok
11:35:52.0332 3692 acedrv11 (a6fe70357a68ad1e279cd1012419cce6) C:\WINDOWS\system32\drivers\acedrv11.sys
11:35:52.0332 3692 acedrv11 - ok
11:35:52.0379 3692 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:35:52.0379 3692 ACPI - ok
11:35:52.0394 3692 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:35:52.0394 3692 ACPIEC - ok
11:35:52.0426 3692 ADIHdAudAddService (f56565f7490f68015b44c6efbdb97e96) C:\WINDOWS\system32\drivers\ADIHdAud.sys
11:35:52.0426 3692 ADIHdAudAddService - ok
11:35:52.0441 3692 adpu160m - ok
11:35:52.0473 3692 AEAudio (fff87a9b1ab36ee4b7bec98a4cb01b79) C:\WINDOWS\system32\drivers\AEAudio.sys
11:35:52.0473 3692 AEAudio - ok
11:35:52.0504 3692 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:35:52.0504 3692 aec - ok
11:35:52.0551 3692 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:35:52.0551 3692 AFD - ok
11:35:52.0551 3692 Aha154x - ok
11:35:52.0551 3692 aic78u2 - ok
11:35:52.0566 3692 aic78xx - ok
11:35:52.0644 3692 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
11:35:52.0644 3692 Alerter - ok
11:35:52.0660 3692 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
11:35:52.0660 3692 ALG - ok
11:35:52.0676 3692 AliIde - ok
11:35:52.0676 3692 amsint - ok
11:35:52.0785 3692 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:35:52.0785 3692 Apple Mobile Device - ok
11:35:52.0926 3692 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
11:35:52.0926 3692 AppMgmt - ok
11:35:52.0941 3692 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:35:52.0941 3692 Arp1394 - ok
11:35:52.0988 3692 ASAPIW2k (4f9cbbf95e8f7a0d4c0edcfe3b78102e) C:\WINDOWS\system32\drivers\ASAPIW2k.sys
11:35:52.0988 3692 ASAPIW2k - ok
11:35:52.0988 3692 asc - ok
11:35:53.0004 3692 asc3350p - ok
11:35:53.0019 3692 asc3550 - ok
11:35:53.0144 3692 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:35:53.0207 3692 aspnet_state - ok
11:35:53.0223 3692 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:35:53.0223 3692 AsyncMac - ok
11:35:53.0254 3692 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:35:53.0254 3692 atapi - ok
11:35:53.0254 3692 Atdisk - ok
11:35:53.0285 3692 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:35:53.0285 3692 Atmarpc - ok
11:35:53.0316 3692 atmeltpm (dbf0d7e2df33b469eb55406fea759350) C:\WINDOWS\system32\DRIVERS\atmeltpm.sys
11:35:53.0316 3692 atmeltpm - ok
11:35:53.0332 3692 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
11:35:53.0348 3692 AudioSrv - ok
11:35:53.0379 3692 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:35:53.0379 3692 audstub - ok
11:35:53.0410 3692 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
11:35:53.0410 3692 Avc - ok
11:35:53.0473 3692 AVP (9a2f9ec122d7582ce73b339af5621167) C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe
11:35:53.0473 3692 AVP - ok
11:35:53.0535 3692 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:35:53.0551 3692 Beep - ok
11:35:53.0738 3692 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
11:35:53.0941 3692 BITS - ok
11:35:54.0160 3692 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
11:35:54.0176 3692 Bonjour Service - ok
11:35:54.0176 3692 bpsyorcy - ok
11:35:54.0207 3692 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
11:35:54.0207 3692 Browser - ok
11:35:54.0269 3692 btaudio (5bcf6090b825def29065bdbd59691dbe) C:\WINDOWS\system32\drivers\btaudio.sys
11:35:54.0285 3692 btaudio - ok
11:35:54.0363 3692 BTKRNL (ef5e0de0a7ca2977a9255f36f4d915ab) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
11:35:54.0379 3692 BTKRNL - ok
11:35:54.0473 3692 btwdins (26e038920dec7bcdcac1e4851a235dd0) C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
11:35:54.0488 3692 btwdins - ok
11:35:54.0519 3692 BTWDNDIS (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
11:35:54.0519 3692 BTWDNDIS - ok
11:35:54.0551 3692 btwhid (e48668b4a6a5cf68b33aecad18ee8e1e) C:\WINDOWS\system32\DRIVERS\btwhid.sys
11:35:54.0551 3692 btwhid - ok
11:35:54.0676 3692 BTWUSB (053dc5be74621b63bb48c2b86bafc7b0) C:\WINDOWS\system32\Drivers\btwusb.sys
11:35:54.0676 3692 BTWUSB - ok
11:35:54.0676 3692 bxlst - ok
11:35:54.0707 3692 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:35:54.0723 3692 cbidf2k - ok
11:35:54.0769 3692 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:35:54.0785 3692 CCDECODE - ok
11:35:54.0785 3692 cd20xrnt - ok
11:35:54.0832 3692 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:35:54.0832 3692 Cdaudio - ok
11:35:54.0863 3692 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:35:54.0863 3692 Cdfs - ok
11:35:54.0894 3692 cdrblock (15e3e2920adac7450e0c7ae5f23a5f53) C:\WINDOWS\system32\DRIVERS\cdrblock.sys
11:35:54.0910 3692 cdrblock - ok
11:35:54.0988 3692 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:35:54.0988 3692 Cdrom - ok
11:35:54.0988 3692 Changer - ok
11:35:55.0035 3692 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
11:35:55.0051 3692 CiSvc - ok
11:35:55.0066 3692 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
11:35:55.0082 3692 ClipSrv - ok
11:35:55.0207 3692 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:35:55.0285 3692 clr_optimization_v2.0.50727_32 - ok
11:35:55.0301 3692 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:35:55.0301 3692 CmBatt - ok
11:35:55.0316 3692 CmdIde - ok
11:35:55.0348 3692 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:35:55.0348 3692 Compbatt - ok
11:35:55.0363 3692 COMSysApp - ok
11:35:55.0363 3692 Cpqarray - ok
11:35:55.0410 3692 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
11:35:55.0410 3692 CryptSvc - ok
11:35:55.0441 3692 cusrvc (b9cd0af2587bd36b480465a66b566124) C:\WINDOWS\system32\cusrvc.exe
11:35:55.0457 3692 cusrvc - ok
11:35:55.0457 3692 dac2w2k - ok
11:35:55.0473 3692 dac960nt - ok
11:35:55.0519 3692 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
11:35:55.0535 3692 DcomLaunch - ok
11:35:55.0566 3692 dg_ssudbus (d8522960163fa593694e441194a9a574) C:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:35:55.0598 3692 dg_ssudbus - ok
11:35:55.0629 3692 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
11:35:55.0629 3692 Dhcp - ok
11:35:55.0660 3692 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:35:55.0660 3692 Disk - ok
11:35:55.0660 3692 dmadmin - ok
11:35:55.0879 3692 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
11:35:55.0910 3692 dmboot - ok
11:35:55.0926 3692 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
11:35:55.0941 3692 dmio - ok
11:35:55.0957 3692 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:35:55.0957 3692 dmload - ok
11:35:55.0988 3692 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
11:35:55.0988 3692 dmserver - ok
11:35:56.0004 3692 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:35:56.0019 3692 DMusic - ok
11:35:56.0035 3692 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
11:35:56.0035 3692 Dnscache - ok
11:35:56.0082 3692 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
11:35:56.0082 3692 Dot3svc - ok
11:35:56.0098 3692 dpti2o - ok
11:35:56.0098 3692 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:35:56.0098 3692 drmkaud - ok
11:35:56.0144 3692 e1express (b1e9161ba28d5b826e49a1d0ded7fcc4) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
11:35:56.0144 3692 e1express - ok
11:35:56.0160 3692 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
11:35:56.0160 3692 EapHost - ok
11:35:56.0223 3692 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
11:35:56.0223 3692 ERSvc - ok
11:35:56.0238 3692 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
11:35:56.0238 3692 Eventlog - ok
11:35:56.0316 3692 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
11:35:56.0394 3692 EventSystem - ok
11:35:56.0410 3692 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:35:56.0410 3692 Fastfat - ok
11:35:56.0441 3692 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
11:35:56.0457 3692 FastUserSwitchingCompatibility - ok
11:35:56.0457 3692 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:35:56.0473 3692 Fdc - ok
11:35:56.0473 3692 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
11:35:56.0473 3692 Fips - ok
11:35:56.0488 3692 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:35:56.0488 3692 Flpydisk - ok
11:35:56.0504 3692 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:35:56.0504 3692 FltMgr - ok
11:35:56.0629 3692 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:35:56.0644 3692 FontCache3.0.0.0 - ok
11:35:56.0738 3692 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:35:56.0738 3692 Fs_Rec - ok
11:35:56.0785 3692 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:35:56.0785 3692 Ftdisk - ok
11:35:56.0816 3692 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:35:56.0816 3692 GEARAspiWDM - ok
11:35:56.0848 3692 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:35:56.0848 3692 Gpc - ok
11:35:56.0957 3692 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
11:35:56.0957 3692 gupdate - ok
11:35:56.0957 3692 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
11:35:56.0957 3692 gupdatem - ok
11:35:57.0019 3692 gusvc (408ddd80eede47175f6844817b90213e) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
11:35:57.0019 3692 gusvc - ok
11:35:57.0113 3692 Hardlock (d95554949082fd29a04d351b58396718) C:\WINDOWS\system32\drivers\hardlock.sys
11:35:57.0129 3692 Hardlock - ok
11:35:57.0176 3692 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:35:57.0176 3692 HDAudBus - ok
11:35:57.0285 3692 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:35:57.0285 3692 helpsvc - ok
11:35:57.0316 3692 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
11:35:57.0332 3692 HidServ - ok
11:35:57.0348 3692 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:35:57.0348 3692 HidUsb - ok
11:35:57.0394 3692 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
11:35:57.0410 3692 hkmsvc - ok
11:35:57.0410 3692 hpn - ok
11:35:57.0457 3692 HSFHWAZL (0aaef566e6782957252fa79f566fbc0b) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
11:35:57.0473 3692 HSFHWAZL - ok
11:35:57.0769 3692 HSF_DPV (e472e0cb4e716cc34c0e045f2c196221) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
11:35:57.0801 3692 HSF_DPV - ok
11:35:57.0848 3692 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:35:57.0894 3692 HTTP - ok
11:35:57.0910 3692 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
11:35:57.0926 3692 HTTPFilter - ok
11:35:57.0926 3692 i2omgmt - ok
11:35:57.0926 3692 i2omp - ok
11:35:57.0957 3692 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:35:57.0957 3692 i8042prt - ok
11:35:57.0973 3692 IBMPMDRV (fa3d0a6da7bb7968efe5c5bc267f0e55) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
11:35:57.0973 3692 IBMPMDRV - ok
11:35:57.0988 3692 IBMPMSVC (495f184a29b80b51735bcee91d84fe8f) C:\WINDOWS\system32\ibmpmsvc.exe
11:35:57.0988 3692 IBMPMSVC - ok
11:35:58.0332 3692 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:35:58.0363 3692 idsvc - ok
11:35:58.0379 3692 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:35:58.0379 3692 Imapi - ok
11:35:58.0426 3692 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
11:35:58.0426 3692 ImapiService - ok
11:35:58.0441 3692 ini910u - ok
11:35:58.0457 3692 IntelIde - ok
11:35:58.0473 3692 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:35:58.0473 3692 intelppm - ok
11:35:58.0488 3692 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:35:58.0488 3692 Ip6Fw - ok
11:35:58.0519 3692 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:35:58.0519 3692 IpFilterDriver - ok
11:35:58.0551 3692 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:35:58.0551 3692 IpInIp - ok
11:35:58.0707 3692 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:35:58.0707 3692 IpNat - ok
11:35:58.0816 3692 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Programme\iPod\bin\iPodService.exe
11:35:58.0848 3692 iPod Service - ok
11:35:58.0863 3692 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:35:58.0863 3692 IPSec - ok
11:35:58.0879 3692 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:35:58.0879 3692 IRENUM - ok
11:35:58.0910 3692 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:35:58.0910 3692 isapnp - ok
11:35:58.0910 3692 jsenujoft - ok
11:35:58.0910 3692 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:35:58.0926 3692 Kbdclass - ok
11:35:58.0926 3692 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:35:58.0926 3692 kbdhid - ok
11:35:58.0957 3692 kl1 (45056287cdd70803bad130bf71fe6890) C:\WINDOWS\system32\drivers\kl1.sys
11:35:58.0957 3692 kl1 - ok
11:35:58.0988 3692 KLIF (283609e026c8becc757c8ac21f050a5a) C:\WINDOWS\system32\drivers\klif.sys
11:35:58.0988 3692 KLIF - ok
11:35:59.0019 3692 klim5 (967e2224217431b21f1d04fbb4c68a4b) C:\WINDOWS\system32\DRIVERS\klim5.sys
11:35:59.0019 3692 klim5 - ok
11:35:59.0066 3692 klnagent (b1fbd0576e52d2816be7d18b5dac0636) C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe
11:35:59.0066 3692 klnagent - ok
11:35:59.0098 3692 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:35:59.0098 3692 kmixer - ok
11:35:59.0176 3692 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:35:59.0176 3692 KSecDD - ok
11:35:59.0223 3692 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
11:35:59.0223 3692 lanmanserver - ok
11:35:59.0254 3692 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
11:35:59.0254 3692 lanmanworkstation - ok
11:35:59.0269 3692 lbrtfdc - ok
11:35:59.0316 3692 LBTServ (30974af764f6c454498f6b3325581799) C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe
11:35:59.0316 3692 LBTServ - ok
11:35:59.0363 3692 LENOVO.MICMUTE (fce735941da27929dbfc1918f286ffd8) C:\Programme\LENOVO\HOTKEY\MICMUTE.exe
11:35:59.0363 3692 LENOVO.MICMUTE - ok
11:35:59.0394 3692 lenovo.smi (9aac267a225f3caebb9e633f7eb16e4b) C:\WINDOWS\system32\DRIVERS\smiif32.sys
11:35:59.0410 3692 lenovo.smi - ok
11:35:59.0676 3692 LHidFilt (23d84187822a0020b9f1ea71c7db3193) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
11:35:59.0676 3692 LHidFilt - ok
11:35:59.0707 3692 LicCtrlService (29fab5363138f6e322f4cd780ed9d337) C:\WINDOWS\runservice.exe
11:36:01.0332 3692 LicCtrlService - ok
11:36:01.0394 3692 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
11:36:01.0394 3692 LmHosts - ok
11:36:01.0457 3692 LMouFilt (596499c81cb4b5841f91cfe3f514d202) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
11:36:01.0457 3692 LMouFilt - ok
11:36:01.0488 3692 Macromedia Licensing Service (d5ba9b816afef5292fe13c9a6267b6ab) C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
11:36:01.0488 3692 Macromedia Licensing Service - ok
11:36:01.0707 3692 MarvinBus (7584ffb07305d2e9e3823059a9310b0f) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
11:36:01.0707 3692 MarvinBus - ok
11:36:01.0738 3692 MDC8021X (1bcec29a142168cc54c3f2669db8c681) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
11:36:01.0738 3692 MDC8021X - ok
11:36:01.0801 3692 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
11:36:01.0832 3692 MDM - ok
11:36:01.0910 3692 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:36:01.0910 3692 mdmxsdk - ok
11:36:01.0941 3692 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
11:36:01.0941 3692 Messenger - ok
11:36:01.0957 3692 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:36:01.0973 3692 mnmdd - ok
11:36:02.0004 3692 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
11:36:02.0004 3692 mnmsrvc - ok
11:36:02.0035 3692 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
11:36:02.0035 3692 Modem - ok
11:36:02.0082 3692 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:36:02.0082 3692 Mouclass - ok
11:36:02.0082 3692 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:36:02.0082 3692 mouhid - ok
11:36:02.0098 3692 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:36:02.0098 3692 MountMgr - ok
11:36:02.0098 3692 mraid35x - ok
11:36:02.0129 3692 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:36:02.0129 3692 MRxDAV - ok
11:36:02.0191 3692 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:36:02.0207 3692 MRxSmb - ok
11:36:02.0223 3692 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
11:36:02.0223 3692 MSDTC - ok
11:36:02.0254 3692 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
11:36:02.0254 3692 MSDV - ok
11:36:02.0254 3692 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:36:02.0269 3692 Msfs - ok
11:36:02.0269 3692 MSIServer - ok
11:36:02.0301 3692 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:36:02.0301 3692 MSKSSRV - ok
11:36:02.0316 3692 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:36:02.0316 3692 MSPCLOCK - ok
11:36:02.0332 3692 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:36:02.0332 3692 MSPQM - ok
11:36:02.0410 3692 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:36:02.0410 3692 mssmbios - ok
11:36:02.0457 3692 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:36:02.0457 3692 MSTEE - ok
11:36:02.0473 3692 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:36:02.0473 3692 Mup - ok
11:36:02.0504 3692 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:36:02.0504 3692 NABTSFEC - ok
11:36:02.0551 3692 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
11:36:02.0566 3692 napagent - ok
11:36:02.0598 3692 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:36:02.0613 3692 NDIS - ok
11:36:02.0613 3692 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:36:02.0629 3692 NdisIP - ok
11:36:02.0660 3692 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:36:02.0660 3692 NdisTapi - ok
11:36:02.0676 3692 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:36:02.0926 3692 Ndisuio - ok
11:36:02.0957 3692 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:36:02.0957 3692 NdisWan - ok
11:36:02.0988 3692 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:36:02.0988 3692 NDProxy - ok
11:36:03.0035 3692 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
11:36:03.0035 3692 Net Driver HPZ12 - ok
11:36:03.0035 3692 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:36:03.0035 3692 NetBIOS - ok
11:36:03.0066 3692 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:36:03.0082 3692 NetBT - ok
11:36:03.0113 3692 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
11:36:03.0113 3692 NetDDE - ok
11:36:03.0113 3692 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
11:36:03.0113 3692 NetDDEdsdm - ok
11:36:03.0144 3692 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
11:36:03.0144 3692 Netlogon - ok
11:36:03.0176 3692 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
11:36:03.0191 3692 Netman - ok
11:36:03.0285 3692 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:36:03.0301 3692 NetTcpPortSharing - ok
11:36:04.0582 3692 NETw4x32 (01f8a43ff0b77df0e115a7ed4bd76d68) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
11:36:04.0598 3692 NETw4x32 - ok
11:36:04.0738 3692 NetwareWorkstation (9152b3a38ad0147eae4342281ae65883) C:\WINDOWS\system32\NetWare\nwfs.sys
11:36:04.0754 3692 NetwareWorkstation - ok
11:36:04.0879 3692 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:36:04.0879 3692 NIC1394 - ok
11:36:04.0894 3692 NICM (c501404558ea82e8a875de6331f0748d) C:\WINDOWS\system32\drivers\nicm.sys
11:36:04.0894 3692 NICM - ok
11:36:04.0941 3692 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
11:36:04.0957 3692 Nla - ok
11:36:04.0973 3692 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:36:04.0973 3692 Npfs - ok
11:36:05.0004 3692 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:36:05.0035 3692 Ntfs - ok
11:36:05.0051 3692 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
11:36:05.0051 3692 NtLmSsp - ok
11:36:05.0285 3692 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
11:36:05.0301 3692 NtmsSvc - ok
11:36:05.0332 3692 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:36:05.0332 3692 Null - ok
11:36:05.0832 3692 nv (8f91d713ebb1682f36dd93525861149f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:36:06.0129 3692 nv - ok
11:36:06.0348 3692 NVSvc (ea9cf40a176bf4b6c7a9dc4ae1db6fb6) C:\WINDOWS\system32\nvsvc32.exe
11:36:06.0348 3692 NVSvc - ok
11:36:06.0394 3692 NWDHCP (a4b071419e0ea596ffb3da89c1f04e61) C:\WINDOWS\system32\NetWare\nwdhcp.sys
11:36:06.0394 3692 NWDHCP - ok
11:36:06.0410 3692 NWDNS (6327cec99fd740dd1cff11a047789bcc) C:\WINDOWS\system32\NetWare\nwdns.sys
11:36:06.0410 3692 NWDNS - ok
11:36:06.0426 3692 NWFILTER (7bbf493e2b4979312fa5b350fcf5a4c4) C:\WINDOWS\system32\NetWare\nwfilter.sys
11:36:06.0426 3692 NWFILTER - ok
11:36:06.0441 3692 NWHOST (baa75acf404bebce7065663664a7c3e4) C:\WINDOWS\system32\NetWare\NWHOST.sys
11:36:06.0441 3692 NWHOST - ok
11:36:06.0473 3692 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:36:06.0473 3692 NwlnkFlt - ok
11:36:06.0488 3692 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:36:06.0488 3692 NwlnkFwd - ok
11:36:06.0504 3692 NWSAP (2726a6792bbb080ff345ed9a8111360f) C:\WINDOWS\system32\NetWare\NWSAP.sys
11:36:06.0504 3692 NWSAP - ok
11:36:06.0519 3692 NWSIPX32 (0c19ea7bf54f23ef37d8a14c61f64891) C:\WINDOWS\system32\NetWare\nwsipx32.sys
11:36:06.0519 3692 NWSIPX32 - ok
11:36:06.0535 3692 NWSLP (0b5c354bebc5381b59a196bd7e517814) C:\WINDOWS\system32\NetWare\nwslp.sys
11:36:06.0535 3692 NWSLP - ok
11:36:06.0551 3692 NWSNS (172308996609da67e99c87fa784df8bc) C:\WINDOWS\system32\NetWare\NWSNS.sys
11:36:06.0551 3692 NWSNS - ok
11:36:06.0582 3692 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:36:06.0582 3692 ohci1394 - ok
11:36:06.0644 3692 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
11:36:06.0644 3692 ose - ok
11:36:06.0676 3692 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
11:36:06.0676 3692 Parport - ok
11:36:06.0676 3692 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:36:06.0676 3692 PartMgr - ok
11:36:06.0707 3692 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
11:36:06.0723 3692 ParVdm - ok
11:36:06.0738 3692 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
11:36:06.0738 3692 PCI - ok
11:36:06.0738 3692 PCIDump - ok
11:36:06.0754 3692 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:36:06.0769 3692 PCIIde - ok
11:36:06.0785 3692 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
11:36:06.0785 3692 PCLEPCI - ok
11:36:06.0801 3692 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:36:06.0801 3692 Pcmcia - ok
11:36:06.0816 3692 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
11:36:06.0816 3692 pcouffin - ok
11:36:06.0832 3692 PDCOMP - ok
11:36:06.0832 3692 PDFRAME - ok
11:36:06.0832 3692 PDRELI - ok
11:36:06.0848 3692 PDRFRAME - ok
11:36:06.0848 3692 perc2 - ok
11:36:06.0848 3692 perc2hib - ok
11:36:06.0879 3692 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
11:36:06.0879 3692 PlugPlay - ok
11:36:06.0926 3692 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
11:36:06.0926 3692 Pml Driver HPZ12 - ok
11:36:06.0957 3692 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
11:36:06.0957 3692 PolicyAgent - ok
11:36:07.0238 3692 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:36:07.0238 3692 PptpMiniport - ok
11:36:07.0238 3692 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
11:36:07.0238 3692 ProtectedStorage - ok
11:36:07.0301 3692 ProtexisLicensing (64e413ba0c529aa40c3924bbcc4153db) C:\WINDOWS\system32\PSIService.exe
11:36:07.0301 3692 ProtexisLicensing - ok
11:36:07.0316 3692 psadd (aac08defb15aaab00b30341c716efa35) C:\WINDOWS\system32\DRIVERS\psadd.sys
11:36:07.0332 3692 psadd - ok
11:36:07.0332 3692 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:36:07.0332 3692 PSched - ok
11:36:07.0363 3692 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:36:07.0363 3692 Ptilink - ok
11:36:07.0363 3692 ql1080 - ok
11:36:07.0379 3692 Ql10wnt - ok
11:36:07.0379 3692 ql12160 - ok
11:36:07.0394 3692 ql1240 - ok
11:36:07.0394 3692 ql1280 - ok
11:36:07.0426 3692 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:36:07.0426 3692 RasAcd - ok
11:36:07.0457 3692 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
11:36:07.0473 3692 RasAuto - ok
11:36:07.0488 3692 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:36:07.0488 3692 Rasl2tp - ok
11:36:07.0551 3692 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
11:36:07.0551 3692 RasMan - ok
11:36:07.0551 3692 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:36:07.0551 3692 RasPppoe - ok
11:36:07.0566 3692 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:36:07.0566 3692 Raspti - ok
11:36:07.0598 3692 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:36:07.0598 3692 Rdbss - ok
11:36:07.0613 3692 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:36:07.0613 3692 RDPCDD - ok
11:36:07.0629 3692 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:36:07.0629 3692 rdpdr - ok
11:36:07.0754 3692 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
11:36:07.0769 3692 RDPWD - ok
11:36:07.0801 3692 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
11:36:07.0801 3692 RDSessMgr - ok
11:36:07.0832 3692 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:36:07.0832 3692 redbook - ok
11:36:07.0863 3692 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
11:36:07.0879 3692 RemoteAccess - ok
11:36:07.0910 3692 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
11:36:07.0910 3692 RemoteRegistry - ok
11:36:07.0957 3692 RESMGR (16c27d650113b0aa0c8255c561a71cd4) C:\WINDOWS\system32\NetWare\resmgr.sys
11:36:07.0957 3692 RESMGR - ok
11:36:08.0004 3692 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
11:36:08.0004 3692 rimmptsk - ok
11:36:08.0191 3692 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
11:36:08.0191 3692 rimsptsk - ok
11:36:08.0207 3692 rismxdp (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
11:36:08.0207 3692 rismxdp - ok
11:36:08.0238 3692 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
11:36:08.0238 3692 RpcLocator - ok
11:36:08.0301 3692 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
11:36:08.0301 3692 RpcSs - ok
11:36:08.0348 3692 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
11:36:08.0348 3692 RSVP - ok
11:36:08.0379 3692 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
11:36:08.0379 3692 SamSs - ok
11:36:08.0426 3692 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
11:36:08.0426 3692 SCardSvr - ok
11:36:08.0473 3692 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
11:36:08.0488 3692 Schedule - ok
11:36:08.0519 3692 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
11:36:08.0519 3692 sdbus - ok
11:36:08.0551 3692 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:36:08.0551 3692 Secdrv - ok
11:36:08.0566 3692 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
11:36:08.0582 3692 seclogon - ok
11:36:08.0613 3692 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
11:36:08.0613 3692 SENS - ok
11:36:08.0676 3692 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:36:08.0676 3692 Serenum - ok
11:36:08.0691 3692 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
11:36:08.0707 3692 Serial - ok
11:36:08.0738 3692 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
11:36:08.0738 3692 sffdisk - ok
11:36:08.0738 3692 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
11:36:08.0738 3692 sffp_sd - ok
11:36:08.0754 3692 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:36:08.0754 3692 Sfloppy - ok
11:36:08.0910 3692 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
11:36:08.0926 3692 SharedAccess - ok
11:36:08.0957 3692 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
11:36:08.0957 3692 ShellHWDetection - ok
11:36:08.0957 3692 Simbad - ok
11:36:08.0988 3692 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:36:08.0988 3692 SLIP - ok
11:36:09.0238 3692 smihlp (8b098d7113f39ab9c51d071bf0ff11f6) C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys
11:36:09.0238 3692 smihlp - ok
11:36:09.0238 3692 Sparrow - ok
11:36:09.0254 3692 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:36:09.0254 3692 splitter - ok
11:36:09.0285 3692 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
11:36:09.0301 3692 Spooler - ok
11:36:09.0316 3692 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
11:36:09.0316 3692 sr - ok
11:36:09.0348 3692 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
11:36:09.0348 3692 srservice - ok
11:36:09.0394 3692 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:36:09.0394 3692 Srv - ok
11:36:09.0473 3692 SRVLOC (21d0242d37ab7b275261ed030adaaad5) C:\WINDOWS\system32\NetWare\srvloc.sys
11:36:09.0473 3692 SRVLOC - ok
11:36:09.0488 3692 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
11:36:09.0504 3692 SSDPSRV - ok
11:36:09.0535 3692 ssudmdm (1b4052f016ba5e087689aba536a0a927) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:36:09.0551 3692 ssudmdm - ok
11:36:09.0598 3692 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
11:36:09.0644 3692 stisvc - ok
11:36:09.0723 3692 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:36:09.0723 3692 streamip - ok
11:36:09.0863 3692 SUService (ecc419e6ac1fe8ea5f9e792d2c9b1737) C:\Programme\Lenovo\System Update\SUService.exe
11:36:09.0863 3692 SUService - ok
11:36:09.0879 3692 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:36:09.0879 3692 swenum - ok
11:36:09.0894 3692 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:36:09.0894 3692 swmidi - ok
11:36:09.0894 3692 SwPrv - ok
11:36:09.0910 3692 symc810 - ok
11:36:09.0910 3692 symc8xx - ok
11:36:09.0910 3692 sym_hi - ok
11:36:09.0926 3692 sym_u3 - ok
11:36:10.0160 3692 SynTP (58f3288f83a3e8169eeb6a10787c7f2e) C:\WINDOWS\system32\DRIVERS\SynTP.sys
11:36:10.0191 3692 SynTP - ok
11:36:10.0238 3692 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:36:10.0238 3692 sysaudio - ok
11:36:10.0269 3692 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
11:36:10.0285 3692 SysmonLog - ok
11:36:10.0316 3692 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
11:36:10.0332 3692 TapiSrv - ok
11:36:10.0394 3692 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:36:10.0426 3692 Tcpip - ok
11:36:10.0488 3692 TcUsb (07d174a992ab0ea6001f390de1afa27b) C:\WINDOWS\system32\Drivers\tcusb.sys
11:36:10.0488 3692 TcUsb - ok
11:36:10.0519 3692 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:36:10.0519 3692 TDPIPE - ok
11:36:10.0535 3692 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:36:10.0535 3692 TDTCP - ok
11:36:10.0551 3692 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:36:10.0551 3692 TermDD - ok
11:36:10.0629 3692 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
11:36:10.0644 3692 TermService - ok
11:36:10.0801 3692 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
11:36:10.0801 3692 Themes - ok
11:36:10.0926 3692 ThinkVantage Registry Monitor Service (6a31e2966354e4ded9533875899ca708) C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
11:36:10.0957 3692 ThinkVantage Registry Monitor Service - ok
11:36:10.0988 3692 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
11:36:11.0098 3692 TlntSvr - ok
11:36:11.0238 3692 TosIde - ok
11:36:11.0269 3692 TPHKDRV (8aef2188630f5ecd79ad9abba630630b) C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys
11:36:11.0269 3692 TPHKDRV - ok
11:36:11.0363 3692 TPHKLOAD (88d609bfdeb7e013e9e491434190ba43) C:\Programme\LENOVO\HOTKEY\TPHKLOAD.exe
11:36:11.0363 3692 TPHKLOAD - ok
11:36:11.0410 3692 TPHKSVC (9e6e4a9789f76593cc5a6a5af8fc5929) C:\Programme\LENOVO\HOTKEY\TPHKSVC.exe
11:36:11.0410 3692 TPHKSVC - ok
11:36:11.0441 3692 TpKmpSVC (dfb268ff0a6dcb9280015ff527f892ff) C:\WINDOWS\system32\TpKmpSVC.exe
11:36:11.0457 3692 TpKmpSVC - ok
11:36:11.0473 3692 TPPWRIF (44672de6cea9569c21c4b7a8d2560750) C:\WINDOWS\system32\drivers\Tppwrif.sys
11:36:11.0473 3692 TPPWRIF - ok
11:36:11.0519 3692 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
11:36:11.0519 3692 TrkWks - ok
11:36:11.0566 3692 TSP (283609e026c8becc757c8ac21f050a5a) C:\WINDOWS\system32\drivers\klif.sys
11:36:11.0566 3692 TSP - ok
11:36:11.0676 3692 TSSCoreService (384383e999450ea1f0117b55461e3a55) C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe
11:36:11.0754 3692 TSSCoreService - ok
11:36:12.0051 3692 TVT Scheduler (e9ea448f1174be4052416b62263ea4ee) C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
11:36:12.0082 3692 TVT Scheduler - ok
11:36:12.0426 3692 TVTI2C (8ab24d4b7da715c2c80455137910e792) C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
11:36:12.0426 3692 TVTI2C - ok
11:36:12.0457 3692 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:36:12.0457 3692 Udfs - ok
11:36:12.0473 3692 ultra - ok
11:36:12.0504 3692 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:36:12.0504 3692 Update - ok
11:36:12.0551 3692 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
11:36:12.0566 3692 upnphost - ok
11:36:12.0613 3692 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
11:36:12.0613 3692 UPS - ok
11:36:12.0629 3692 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:36:12.0676 3692 USBAAPL - ok
11:36:12.0707 3692 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
11:36:12.0738 3692 usbaudio - ok
11:36:12.0832 3692 usbcamcl (8e0b04a707daf7e50a0234f22e343731) C:\WINDOWS\system32\DRIVERS\usbcamcl.sys
11:36:12.0848 3692 usbcamcl - ok
11:36:12.0879 3692 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:36:12.0879 3692 usbccgp - ok
11:36:12.0910 3692 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:36:12.0910 3692 usbehci - ok
11:36:12.0926 3692 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:36:12.0926 3692 usbhub - ok
11:36:12.0957 3692 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:36:12.0973 3692 usbscan - ok
11:36:12.0988 3692 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:36:12.0988 3692 USBSTOR - ok
11:36:13.0004 3692 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:36:13.0004 3692 usbuhci - ok
11:36:13.0269 3692 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
11:36:13.0285 3692 usbvideo - ok
11:36:13.0301 3692 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
11:36:13.0301 3692 usb_rndisx - ok
11:36:13.0332 3692 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:36:13.0332 3692 VgaSave - ok
11:36:13.0332 3692 ViaIde - ok
11:36:13.0379 3692 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
11:36:13.0379 3692 VolSnap - ok
11:36:13.0410 3692 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
11:36:13.0457 3692 VSS - ok
11:36:13.0488 3692 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
11:36:13.0504 3692 W32Time - ok
11:36:13.0519 3692 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:36:13.0535 3692 Wanarp - ok
11:36:13.0566 3692 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
11:36:13.0598 3692 wceusbsh - ok
11:36:14.0644 3692 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
11:36:14.0660 3692 Wdf01000 - ok
11:36:14.0660 3692 WDICA - ok
11:36:14.0676 3692 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:36:14.0676 3692 wdmaud - ok
11:36:14.0707 3692 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
11:36:14.0707 3692 WebClient - ok
11:36:14.0769 3692 winachsf (0e666ac2766f2fd860cc03f405a2ace1) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:36:14.0801 3692 winachsf - ok
11:36:14.0863 3692 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:36:14.0863 3692 winmgmt - ok
11:36:14.0910 3692 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
11:36:14.0910 3692 WmdmPmSN - ok
11:36:14.0988 3692 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
11:36:15.0004 3692 Wmi - ok
11:36:15.0019 3692 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:36:15.0019 3692 WmiAcpi - ok
11:36:15.0035 3692 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:36:15.0051 3692 WmiApSrv - ok
11:36:15.0394 3692 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
11:36:15.0426 3692 WMPNetworkSvc - ok
11:36:15.0457 3692 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:36:15.0457 3692 WpdUsb - ok
11:36:15.0488 3692 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
11:36:15.0504 3692 wscsvc - ok
11:36:15.0535 3692 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:36:15.0535 3692 WSTCODEC - ok
11:36:15.0660 3692 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
11:36:15.0738 3692 wuauserv - ok
11:36:15.0769 3692 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:36:15.0769 3692 WudfPf - ok
11:36:15.0801 3692 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:36:15.0801 3692 WudfRd - ok
11:36:15.0816 3692 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
11:36:15.0832 3692 WudfSvc - ok
11:36:15.0879 3692 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
11:36:15.0879 3692 WZCSVC - ok
11:36:15.0926 3692 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
11:36:15.0926 3692 xmlprov - ok
11:36:15.0957 3692 zebrbus (c95dd99e29e2d5ae7c1aac26b02a111c) C:\WINDOWS\system32\DRIVERS\zebrbus.sys
11:36:15.0973 3692 zebrbus - ok
11:36:16.0004 3692 zebrceb (c24c28fbd91e912707ac92b34d729fed) C:\WINDOWS\system32\DRIVERS\zebrceb.sys
11:36:16.0004 3692 zebrceb - ok
11:36:16.0035 3692 zebrmdfl (78f045074b1a6ad699e76e573b5ea82a) C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys
11:36:16.0035 3692 zebrmdfl - ok
11:36:16.0051 3692 zebrmdm (636df12276af9ee94a34ded15f620714) C:\WINDOWS\system32\DRIVERS\zebrmdm.sys
11:36:16.0066 3692 zebrmdm - ok
11:36:16.0082 3692 zebrmdmc (4fd7eb4d3c7bd3550c2e15f0a25fc52f) C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys
11:36:16.0082 3692 zebrmdmc - ok
11:36:16.0098 3692 zebrsce (316954e84d17b985760d8160aa75ed08) C:\WINDOWS\system32\DRIVERS\zebrsce.sys
11:36:16.0098 3692 zebrsce - ok
11:36:16.0129 3692 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
11:36:16.0644 3692 \Device\Harddisk0\DR0 - ok
11:36:16.0644 3692 Boot (0x1200) (e803142cb8ca80f6b994b557ce30a076) \Device\Harddisk0\DR0\Partition0
11:36:16.0644 3692 \Device\Harddisk0\DR0\Partition0 - ok
11:36:16.0676 3692 Boot (0x1200) (fbaf61d6765a5a5a4985a74a24d08aae) \Device\Harddisk0\DR0\Partition1
11:36:16.0676 3692 \Device\Harddisk0\DR0\Partition1 - ok
11:36:16.0676 3692 ============================================================
11:36:16.0676 3692 Scan finished
11:36:16.0676 3692 ============================================================
11:36:16.0691 3952 Detected object count: 0
11:36:16.0691 3952 Actual detected object count: 0
|
|
13.06.2012, 15:48
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google Ergebnisse, Weiterleitung auf falsche SeitenZitat:
Und sry, ich glaube ich versteh erst jetzt, dass du mit dem TDSS-Killer nichts gefixt hast, sondern mit einem anderen Tool, erst dann lief der TDSS-Killer?  Log von diesem anderen Tool hast du noch?
__________________ --> Google Ergebnisse, Weiterleitung auf falsche Seiten |
|
15.06.2012, 08:04
| #7 |
| | Google Ergebnisse, Weiterleitung auf falsche Seiten Hallo, Danke für Deine Hilfe, ich habe alles abgesucht, aber das Tool von Symatec (FixTDSS) macht wohl kein Log, deshalb ist es leider nicht möglich dieses zu posten. Anbei ein neuer Versuch das komplette Log File vom Mapwarebytes zu posten: Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.10.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Schedler-M :: MG-107315 [Administrator] 12.06.12 20:44:01 mbam-log-2012-06-12 (20-44-01).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 418716 Laufzeit: 1 Stunde(n), 23 Minute(n), 21 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Vielen Dank für Dein Engagement. Grüße Robee |
|
15.06.2012, 14:56
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google Ergebnisse, Weiterleitung auf falsche Seiten ESET hast du ja auch schon ausgeführt. Wo ist das Log?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.06.2012, 12:50
| #9 |
| | Google Ergebnisse, Weiterleitung auf falsche Seiten Hallo Cosinus, Anbei ein ESET Log, Code:
ATTFilter ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=79c053dcc2cdfb4291e1caf02e194618
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-09 03:29:45
# local_time=2012-06-09 05:29:45 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1280 16777175 100 0 129267865 129267865 0 0
# compatibility_mode=8192 67108863 100 0 184 184 0 0
# scanned=218981
# found=10
# cleaned=10
# scan_time=5992
C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Temporary Internet Files\Content.IE5\MVCVWYDV\dasdasaseq[1].htm JS/Kryptik.PH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Temporary Internet Files\Content.IE5\TRIMBSYH\firstload_com[1].htm HTML/ScrInject.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C
C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Temporary Internet Files\Content.IE5\TRIMBSYH\firstload_com[1].txt HTML/ScrInject.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C
C:\RECYCLER\S-1-5-21-1078081533-1957994488-839522115-1003\Dc17.tmp Java/Exploit.CVE-2012-0507.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\RECYCLER\S-1-5-21-1078081533-1957994488-839522115-1003\Dc18.tmp Java/TrojanDownloader.OpenStream.NCV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\RECYCLER\S-1-5-21-1078081533-1957994488-839522115-1003\Dc19.tmp Java/TrojanDownloader.OpenStream.NCV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\Download wichtig\CRC Killer\CRC-Killer.exe Win32/Packed.Autoit.C.Gen application (deleted - quarantined) 00000000000000000000000000000000 C
Update failed (41217). Trying proxy mg-proxy8080
finished. ret_update=0 e_gle=0
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=79c053dcc2cdfb4291e1caf02e194618
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-18 10:58:01
# local_time=2012-06-18 12:58:01 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1280 16777175 100 0 130024076 130024076 0 0
# compatibility_mode=8192 67108863 100 0 756395 756395 0 0
# scanned=215988
# found=0
# cleaned=0
# scan_time=6729
Geändert von robee (18.06.2012 um 13:35 Uhr) |
|
18.06.2012, 14:23
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google Ergebnisse, Weiterleitung auf falsche SeitenCode:
ATTFilter D:\Download wichtig\CRC Killer\CRC-Killer.exe
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.06.2012, 15:06
| #11 |
| | Google Ergebnisse, Weiterleitung auf falsche Seiten Hallo Cosiuns, das war ein Prog, das hilft, wenn Archive einen CRC Fehler haben. Arbeitet mit Winrar und Zip Quelle: hxxp://www.perfectsoft.tk/Programme.php?n=CRC-Killer lg Robee |
|
18.06.2012, 15:56
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google Ergebnisse, Weiterleitung auf falsche Seiten Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.07.2012, 08:10
| #13 |
| | Google Ergebnisse, Weiterleitung auf falsche Seiten Hallo cosinus, sorry für die Verspätung, war auf Dienstreise. Anbei das OTL Log OTL Logfile: Code:
ATTFilter OTL logfile created on: 23.06.12 14:34:14 - Run 2 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Dokumente und Einstellungen\*****-M\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yy 3,00 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 76,62% Memory free 4,84 Gb Paging File | 3,88 Gb Available in Paging File | 80,16% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 48,83 Gb Total Space | 7,21 Gb Free Space | 14,77% Space Free | Partition Type: NTFS Drive D: | 100,22 Gb Total Space | 26,12 Gb Free Space | 26,07% Space Free | Partition Type: NTFS Computer Name: MG-107315 | User Name: *****-M | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\*****-M\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Programme\Canon\Solution Menu EX\CNSEUPDT.EXE (CANON INC.) PRC - C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) PRC - C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) PRC - C:\Programme\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited) PRC - C:\Programme\Pc Camera\3288.exe (Microsoft) PRC - C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited) PRC - C:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited) PRC - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab) PRC - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe () PRC - C:\WINDOWS\Runservice.exe () PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Client Security Solution\password_manager.exe (Lenovo Group Limited) PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) PRC - C:\Programme\ThinkPad\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) PRC - C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe (Kaspersky Lab) PRC - C:\WINDOWS\system32\PSIService.exe () PRC - C:\WINDOWS\system32\TpKmpSvc.exe () PRC - C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe (iPass Inc) PRC - C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.) PRC - C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.) PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) PRC - C:\WINDOWS\system32\nwtray.exe (Novell, Inc.) ========== Modules (No Company Name) ========== MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll () MOD - C:\WINDOWS\system32\nview.dll () MOD - C:\WINDOWS\system32\nvshell.dll () MOD - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe () MOD - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\K2NPROXY.dll () MOD - C:\WINDOWS\mmfs.dll () MOD - C:\WINDOWS\Runservice.exe () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\Programme\ThinkPad\Utilities\PWRMGRIF.DLL () MOD - C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL () MOD - C:\WINDOWS\system32\btwicons.dll () MOD - C:\WINDOWS\system32\PSIService.exe () MOD - C:\WINDOWS\system32\TpKmpSvc.exe () MOD - C:\WINDOWS\system32\nwshlxnt.dll () MOD - C:\WINDOWS\system32\nls\DEUTSCH\nwshlxnr.dll () MOD - C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\libeay32.dll () MOD - C:\Programme\Adobe\Acrobat 6.0\Distillr\AdistRes.DEU () MOD - C:\WINDOWS\system32\HPBHEALR.DLL () ========== Win32 Services (SafeList) ========== SRV - (jsenujoft) -- C:\WINDOWS\system32\zxjaux.dll File not found SRV - (bxlst) -- C:\WINDOWS\system32\zxjaux.dll File not found SRV - (bpsyorcy) -- C:\WINDOWS\system32\zxjaux.dll File not found SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (TPHKLOAD) -- C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited) SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) SRV - (LENOVO.MICMUTE) -- C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) SRV - (SUService) -- C:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited) SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab) SRV - (LicCtrlService) -- C:\WINDOWS\Runservice.exe () SRV - (Macromedia Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe () SRV - (TVT Scheduler) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited) SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (ThinkVantage Registry Monitor Service) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) SRV - (klnagent) -- C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe (Kaspersky Lab) SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe () SRV - (cusrvc) -- C:\WINDOWS\system32\cusrvc.exe (Novell, Inc.) SRV - (TpKmpSVC) -- C:\WINDOWS\system32\TpKmpSvc.exe () SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (lenovo.smi) -- C:\WINDOWS\system32\drivers\smiif32.sys (Lenovo Group Limited) DRV - (usbcamcl) -- C:\WINDOWS\system32\drivers\usbcamcl.sys (usb camera) DRV - (TSP) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab) DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab) DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (cdrblock) -- C:\WINDOWS\system32\drivers\cdrblock.sys (Canopus Co,. Ltd.) DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab) DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications) DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.) DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS () DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (NETw4x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.) DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.) DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.) DRV - (zebrsce) -- C:\WINDOWS\system32\drivers\zebrsce.sys (MCCI) DRV - (zebrmdmc) Sony Ericsson mRouter Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdmc.sys (MCCI) DRV - (zebrmdm) Sony Ericsson Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdm.sys (MCCI) DRV - (zebrmdfl) -- C:\WINDOWS\system32\drivers\zebrmdfl.sys (MCCI Corporation) DRV - (zebrbus) -- C:\WINDOWS\system32\drivers\zebrbus.sys (MCCI) DRV - (zebrceb) Sony Ericsson Cable Emulation Bus (WDM) -- C:\WINDOWS\system32\drivers\zebrceb.sys (MCCI) DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab) DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.) DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC) DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC) DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC) DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.) DRV - (NetwareWorkstation) -- C:\WINDOWS\system32\NetWare\nwfs.sys (Novell, Inc.) DRV - (NWDNS) -- C:\WINDOWS\system32\NetWare\nwdns.sys (Novell, Inc.) DRV - (SRVLOC) -- C:\WINDOWS\system32\NetWare\srvloc.sys (Novell, Inc.) DRV - (NICM) -- C:\WINDOWS\system32\drivers\nicm.sys (Novell, Inc.) DRV - (NWDHCP) -- C:\WINDOWS\system32\NetWare\nwdhcp.sys (Novell, Inc.) DRV - (NWSIPX32) -- C:\WINDOWS\system32\NetWare\nwsipx32.sys (Novell, Inc.) DRV - (NWHOST) -- C:\WINDOWS\system32\NetWare\nwhost.sys (Novell, Inc.) DRV - (NWSNS) -- C:\WINDOWS\system32\NetWare\nwsns.sys (Novell, Inc.) DRV - (NWFILTER) -- C:\WINDOWS\system32\NetWare\nwfilter.sys (Novell, Inc.) DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH) DRV - (NWSLP) -- C:\WINDOWS\system32\NetWare\nwslp.sys (Novell, Inc.) DRV - (RESMGR) -- C:\WINDOWS\system32\NetWare\resmgr.sys (Novell, Inc.) DRV - (ASAPIW2k) -- C:\WINDOWS\system32\drivers\asapiW2k.sys (Pinnacle Systems GmbH) DRV - (NWSAP) -- C:\WINDOWS\system32\NetWare\nwsap.sys () DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 172.19.*.*;172.16.16.*;80.146.166.*;<local> IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ftp=proxyserver:21;gopher=proxyserver:8080;http=proxyserver:8080;https=proxyserver:8080 IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ds-technologie.de/ IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 51 BA 3B 0B 7C CA 01 [binary data] IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..\SearchScopes,DefaultScope = {6221EBD2-4870-4CC4-9778-E6576CED9E43} IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..\SearchScopes\{6221EBD2-4870-4CC4-9778-E6576CED9E43}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGIT_de IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = mg-proxy:8080 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442 FF - prefs.js..network.proxy.backup.ftp: "mg-proxy" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "mg-proxy" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "mg-proxy" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "mg-proxy" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "mg-proxy" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "mg-proxy" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "mg-proxy" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.socks: "mg-proxy" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "mg-proxy" FF - prefs.js..network.proxy.ssl_port: 8080 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.03.19 11:10:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.03.19 11:10:08 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FCF36B88-1BBA-487f-B64B-D2E8980A9293}: C:\Programme\Lenovo\Client Security Solution\PWM Firefox Extension [2008.05.07 16:08:41 | 000,000,000 | ---D | M] [2009.04.16 13:11:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mozilla\Extensions [2008.05.28 21:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2012.05.08 09:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions [2011.06.29 10:18:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.03.19 11:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.12.07 09:31:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.03.13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2011.10.24 00:49:22 | 001,826,192 | ---- | M] (Caminova, Inc.) -- C:\Programme\mozilla firefox\plugins\npdjvu.dll [2003.09.04 14:37:44 | 000,892,928 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\NPSWF32.dll [2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdjvu.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Google Updater (Enabled) = C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - File not found O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - File not found O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - File not found O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - File not found O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - File not found O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - File not found O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - File not found O3 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - File not found O3 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - File not found O4 - HKLM..\Run: [3288] C:\Programme\Pc Camera\3288.exe (Microsoft) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL () O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) O4 - HKLM..\Run: [iPCCheck] C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe (iPass Inc) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited) O4 - HKLM..\Run: [LPMailChecker] C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NexusServer] C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [NWTRAY] C:\WINDOWS\System32\nwtray.exe (Novell, Inc.) O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe () O4 - HKLM..\Run: [PSQLLauncher] C:\Programme\ThinkVantage Fingerprint Software\launcher.exe (UPEK Inc.) O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited) O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (Lenovo) O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) O4 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003..\Run: [iecfgRpl] rundll32.exe "C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\iecfgRpl\SecurityMapServ.dll", appMapTrust msWebnt5 File not found O4 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003..\Run: [SkypePM] C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Skype\SkypePM.exe File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: CompatibleRUPSecurity = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm () O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office2003\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Save page in SuperOffice - C:\Programme\SuperOffice\SoIeExtensions.dll (SuperOffice AS) O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\SCIEPlgn.dll (Kaspersky Lab) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\NetWare\nwws2nds.dll (Novell, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\NetWare\nwws2sap.dll (Novell, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\NetWare\nwws2slp.dll (Novell, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} https://photoservice.fujicolor.de/ips-opdata/objects/jordan-canvasx.cab (JordanUploader Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209556674671 (WUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = starrag.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{007E9E8C-277D-49B5-8454-B8FE8ED9DCD8}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\adialhk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\WINDOWS\System32\vrlogon.dll (UPEK Inc.) O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O20 - Winlogon\Notify\psfus: DllName - (C:\WINDOWS\system32\psqlpwd.dll) - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (nwv1_0) - C:\WINDOWS\System32\nwv1_0.dll (Novell, Inc.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.04.30 15:52:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell - "" = AutoRun O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{8a22bd91-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\StartPortableApps.exe O33 - MountPoints2\{8a22bdf9-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\pstart.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: bxlst - C:\WINDOWS\system32\zxjaux.dll File not found NetSvcs: bpsyorcy - C:\WINDOWS\system32\zxjaux.dll File not found NetSvcs: jsenujoft - C:\WINDOWS\system32\zxjaux.dll File not found MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: PC Suite for Smartphones - hkey= - key= - C:\Programme\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe () MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: WdfLoadGroup - SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: WdfLoadGroup - SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.CDV5 - C:\WINDOWS\System32\cdv5codc.dll (Canopus Co., Ltd.) Drivers32: vidc.CDVC - C:\WINDOWS\System32\cdvccodc.dll (Canopus Co., Ltd.) Drivers32: vidc.CDVH - C:\WINDOWS\System32\cdvhcodc.dll (Canopus Co., Ltd.) Drivers32: vidc.CLLC - C:\WINDOWS\System32\cllccodc.dll (Canopus Co., Ltd.) Drivers32: vidc.CMIC - C:\WINDOWS\System32\cmiccodc.dll (Thomson Canopus Co., Ltd.) Drivers32: vidc.CUVC - C:\WINDOWS\System32\cuvccodc.dll (Canopus Co., Ltd.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg21.dll (Pegasus Imaging Corporation) Drivers32: vidc.pDAD - C:\WINDOWS\System32\prodad-codec.dll (proDAD GmbH) Drivers32: VIDC.PIM1 - C:\WINDOWS\System32\pclepim1.dll (Pinnacle Systems) Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.06.19 14:46:37 | 000,000,000 | ---D | C] -- C:\StarragHeckert [2012.06.19 14:46:16 | 000,000,000 | ---D | C] -- C:\VDW Kommunikationsausschuss [2012.06.11 09:16:49 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012.06.10 13:38:57 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\*****-M\Desktop\TDSSKiller.exe [2012.06.10 13:19:37 | 000,000,000 | ---D | C] -- C:\_OTL [2012.06.10 13:16:18 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\*****-M\Desktop\OTL.exe [2012.06.09 15:46:49 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2012.06.08 10:53:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*****-M\Startmenü\Programme\Google Chrome [2012.06.08 10:48:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Deployment [2012.06.04 14:28:33 | 000,000,000 | ---D | C] -- C:\IMTS 2012 [2012.06.02 15:28:06 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJSolutionMenuEX [2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEPPEX2 [2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonEPP [2012.06.02 15:27:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Canon [2012.06.02 15:27:32 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter [2012.06.02 15:17:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM [2012.06.02 15:15:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canon IJ Network Tool [2012.06.02 15:14:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\medias [2012.06.02 15:14:04 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJFAX [2012.06.02 15:12:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Benutzerregistrierung [2012.06.02 15:09:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\CANON [2012.06.02 15:09:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJWSpt [2012.06.02 15:05:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon Utilities [2012.06.02 15:04:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Manual [2012.06.02 15:03:05 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2012.06.02 15:02:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information [2012.06.02 15:02:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series [2012.06.02 15:02:01 | 000,000,000 | -H-D | C] -- C:\Programme\CanonBJ [2012.06.02 15:01:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\STRING ========== Files - Modified Within 30 Days ========== [2012.06.23 14:40:03 | 272,104,480 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2012.06.23 14:40:02 | 010,434,592 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2012.06.23 14:28:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.06.23 14:16:53 | 000,168,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001 [2012.06.23 13:54:00 | 000,001,230 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job [2012.06.23 13:28:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.06.23 13:27:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2012.06.23 10:54:00 | 000,001,178 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job [2012.06.23 10:16:26 | 000,185,449 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012.06.23 10:16:19 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2012.06.23 10:15:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.06.23 10:15:37 | 000,001,977 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys [2012.06.23 10:15:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.06.23 10:15:09 | 3219,435,520 | -HS- | M] () -- C:\hiberfil.sys [2012.06.22 22:41:32 | 003,659,660 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2012.06.22 22:41:32 | 000,991,676 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2012.06.22 20:16:49 | 000,000,184 | ---- | M] () -- C:\WINDOWS\hpbafd.ini [2012.06.22 11:39:36 | 000,168,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat [2012.06.22 08:17:29 | 000,001,004 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2012.06.18 11:12:05 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012.06.15 09:27:27 | 000,001,168 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Calendar.lnk [2012.06.15 08:13:28 | 000,444,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.06.14 23:13:09 | 000,453,030 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.06.14 23:13:09 | 000,436,080 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.06.14 23:13:09 | 000,081,810 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.06.14 23:13:09 | 000,068,976 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.06.14 23:08:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.06.14 13:50:47 | 000,008,790 | RHS- | M] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol [2012.06.10 13:18:24 | 002,108,959 | ---- | M] () -- C:\Dokumente und Einstellungen\*****-M\Desktop\tdsskiller.zip [2012.06.10 13:16:27 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\*****-M\Desktop\OTL.exe [2012.06.02 15:09:09 | 000,001,686 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk [2012.06.02 15:04:40 | 000,001,935 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk ========== Files Created - No Company Name ========== [2012.06.15 09:27:27 | 000,001,168 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Calendar.lnk [2012.06.10 13:18:17 | 002,108,959 | ---- | C] () -- C:\Dokumente und Einstellungen\*****-M\Desktop\tdsskiller.zip [2012.06.10 13:08:47 | 3219,435,520 | -HS- | C] () -- C:\hiberfil.sys [2012.06.08 10:49:47 | 000,001,230 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job [2012.06.08 10:49:46 | 000,001,178 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job [2012.06.02 15:14:15 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\CNC175ED.TBL [2012.06.02 15:09:09 | 000,001,686 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk [2012.06.02 15:04:40 | 000,001,935 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk [2012.05.23 10:34:01 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.17 09:19:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.09.20 21:13:00 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\{CE2EE4B6-4EE3-456B-A851-2F4B01E978E5} [2011.03.01 10:16:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\SoIds.ini [2011.03.01 10:13:07 | 000,000,041 | ---- | C] () -- C:\WINDOWS\souser.ini [2011.02.20 13:40:56 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.02.17 20:55:33 | 000,038,469 | ---- | C] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Kommagetrennte Werte (Windows).ADR [2011.01.26 09:42:20 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CmdFile.INI [2011.01.17 15:12:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI [2010.08.24 12:00:16 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\CoUninstall.dll [2010.08.24 11:35:45 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010.08.24 11:24:39 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\camera.ini [2010.07.07 13:37:54 | 000,155,700 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.DLL ========== LOP Check ========== [2008.05.05 15:56:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Lenovo [2008.05.07 11:18:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\administrator\Anwendungsdaten\Lenovo [2008.05.07 11:18:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\administrator\Anwendungsdaten\Teleca [2012.06.02 15:15:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canon IJ Network Tool [2012.06.02 15:03:05 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2012.06.02 15:27:59 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonEPP [2012.06.02 15:27:59 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEPPEX2 [2012.06.02 15:14:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJFAX [2012.06.02 15:27:33 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter [2012.06.02 16:00:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM [2012.06.02 15:28:06 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJSolutionMenuEX [2012.06.02 15:09:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJWSpt [2010.04.13 11:54:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canopus [2012.05.20 12:06:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular [2010.02.27 11:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Grass Valley [2011.03.31 13:40:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lenovo [2008.05.05 13:09:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle [2008.05.05 13:06:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SmartSound Software Inc [2008.05.06 15:43:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Teleca [2008.04.30 13:00:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UIB [2010.02.12 11:12:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\vsosdk [2011.06.09 21:12:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2012.02.09 10:50:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\.oit [2010.01.10 18:24:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\AnvSoft [2010.05.07 09:37:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\AudioMoves [2010.01.10 19:20:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\avidemux [2012.06.02 15:27:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Canon [2010.04.13 09:43:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Canopus [2010.04.02 20:42:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Digiarty [2011.11.07 21:57:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular [2008.05.18 17:05:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Haenlein-Software [2011.06.30 21:34:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Imaxel [2008.05.05 21:08:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\K9 [2011.03.31 13:50:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Lenovo [2010.05.07 09:01:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mp3tag [2008.05.05 15:20:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\OfficeUpdate12 [2010.02.25 11:50:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\proDAD [2009.12.22 18:13:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\ProtectDisc [2011.04.20 11:12:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\SOGroupWiseLink [2010.01.22 16:31:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\TeamViewer [2008.05.07 08:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Teleca [2010.02.12 12:19:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Vso [2011.08.12 10:11:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\XMedia Recode [2012.06.23 10:16:19 | 000,000,300 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.02.09 10:50:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\.oit [2008.05.08 09:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Adobe [2008.09.21 17:31:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\AdobeUM [2010.01.10 18:24:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\AnvSoft [2012.01.01 20:14:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Apple Computer [2010.05.07 09:37:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\AudioMoves [2010.01.10 19:20:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\avidemux [2012.06.02 15:27:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Canon [2010.04.13 09:43:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Canopus [2012.06.22 08:17:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Corel [2010.04.02 20:42:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Digiarty [2012.02.16 12:13:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\dvdcss [2011.11.07 21:57:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular [2011.02.08 13:38:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Google [2008.05.18 17:05:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Haenlein-Software [2008.06.24 12:55:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Help [2008.04.30 16:36:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Identities [2011.06.30 21:34:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Imaxel [2008.05.07 09:42:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\InstallShield [2008.05.05 21:08:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\K9 [2011.03.31 13:50:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Lenovo [2008.05.07 09:46:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Logitech [2010.06.23 09:24:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Macromedia [2012.05.04 18:35:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Malwarebytes [2011.11.10 13:48:25 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Microsoft [2008.05.28 21:01:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mozilla [2010.05.07 09:01:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mp3tag [2008.05.05 15:20:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\OfficeUpdate12 [2010.02.25 11:50:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\proDAD [2009.12.22 18:13:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\ProtectDisc [2008.05.21 13:12:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Real [2011.12.07 15:31:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Skype [2011.12.07 09:29:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\skypePM [2011.04.20 11:12:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\SOGroupWiseLink [2008.05.06 15:43:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Sony Ericsson [2008.05.18 19:49:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Sun [2010.01.22 16:31:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\TeamViewer [2008.05.07 08:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Teleca [2009.10.13 08:23:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\U3 [2012.06.13 11:42:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\vlc [2010.02.12 12:19:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Vso [2010.07.24 14:36:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\WinRAR [2011.08.12 10:11:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\XMedia Recode < %APPDATA%\*.exe /s > [2010.02.12 10:23:20 | 000,087,608 | ---- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\inst.exe [2008.08.19 08:38:28 | 015,919,168 | ---- | M] (Adobe Systems Inc ) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Adobe\Acrobat\6.0\Updater\Ac60PrP1.exe [2012.05.20 12:06:15 | 006,220,536 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\install_eur11.exe [2012.05.20 12:06:34 | 005,924,512 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\install_gst11.exe [2012.05.20 12:06:52 | 005,358,992 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\install_ust11.exe [2012.02.09 19:40:01 | 004,939,152 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\install_ustva12.exe [2012.05.20 12:07:08 | 004,782,000 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_dfv_10_7094_8623.exe [2012.05.20 12:07:25 | 004,780,824 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_dfv_11_7094_8623.exe [2012.05.20 12:07:44 | 004,882,440 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_eur_09_7094_8623.exe [2012.05.20 12:08:03 | 004,892,792 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_eur_10_7094_8623.exe [2012.05.20 12:09:21 | 004,809,616 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_gstz_09_7094_8623.exe [2012.05.20 12:09:40 | 004,810,128 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_gstz_10_7094_8623.exe [2012.05.20 12:08:31 | 004,817,040 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_gst_09_7094_8623.exe [2012.05.20 12:08:54 | 004,813,680 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_gst_10_7094_8623.exe [2012.05.20 12:09:58 | 004,798,488 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_lsta_10_7094_8623.exe [2012.05.20 12:10:15 | 004,799,024 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_lsta_11_7094_8623.exe [2012.05.20 12:10:33 | 004,863,224 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_lstb_10_7094_8623.exe [2012.05.20 12:10:53 | 004,874,792 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_lstb_11_7094_8623.exe [2012.05.20 12:11:14 | 005,208,440 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_par34a_09_7094_8623.exe [2012.05.20 12:11:35 | 005,211,920 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_par34a_10_7094_8623.exe [2012.02.09 19:49:32 | 012,718,200 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_pica_0_7094_8086.exe [2012.05.20 12:05:36 | 007,941,880 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_pica_0_8086_8623.exe [2012.05.20 12:12:30 | 004,812,784 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_ustva_10_7094_8623.exe [2012.05.20 12:12:49 | 004,832,384 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_ustva_11_7094_8623.exe [2012.05.20 12:13:08 | 004,729,800 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_ustva_12_8086_8623.exe [2012.05.20 12:11:54 | 004,835,224 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_ust_09_7094_8623.exe [2012.05.20 12:12:13 | 004,846,696 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_ust_10_7094_8623.exe [2011.11.07 21:49:29 | 011,250,312 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\update\ElsterFormular_update-12_3_2_6814u.exe [2010.04.12 19:26:19 | 000,029,184 | R--- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe [2010.12.15 14:40:11 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe [2008.05.28 21:09:09 | 018,878,872 | ---- | M] (TomTom International B.V.) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\TomTom\HOME\Profiles\0i55q4cq.default\Updates\v2_3_1_92_win.exe [2009.05.27 09:48:09 | 019,165,248 | ---- | M] (TomTom International B.V.) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\TomTom\HOME\Profiles\0i55q4cq.default\Updates\v2_6_2_1586_win.exe [2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\U3\1738311B2CC3658F\cleanup.exe [2008.05.02 10:41:48 | 003,493,888 | ---- | M] (SanDisk Corporation) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\U3\1738311B2CC3658F\Launchpad Removal.exe [2008.05.04 16:02:26 | 004,603,904 | ---- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\U3\1738311B2CC3658F\LaunchPad.exe [2007.10.23 09:44:48 | 000,054,584 | ---- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\U3\1738311B2CC3658F\U3AccessGrant.exe < %SYSTEMDRIVE%\*.exe > [2007.02.08 23:42:28 | 000,024,064 | ---- | M] () -- C:\fat32format.exe < MD5 for: AGP440.SYS > [2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2009.05.20 08:38:45 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2009.05.20 08:38:45 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2009.05.20 08:38:45 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2009.05.20 08:38:45 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll [2007.08.14 15:57:16 | 000,033,280 | ---- | M] (UPEK Inc.) MD5=0E7DFE44AAA02A1F523CD4180A443C30 -- C:\Programme\ThinkVantage Fingerprint Software\eventlog.dll [2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: NETLOGON.DLL > [2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll [2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll [2004.08.04 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll < MD5 for: USER32.DLL > [2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll [2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe [2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.04.30 17:36:53 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2008.04.30 17:36:53 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2008.04.30 17:36:53 | 000,458,752 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > < End of report > [/code] Und hier das Log nach dem Custom Scan OTL Logfile: Code:
ATTFilter OTL logfile created on: 23.06.12 10:39:37 - Run 2 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Dokumente und Einstellungen\******-M\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yy 3,00 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 75,39% Memory free 4,84 Gb Paging File | 3,84 Gb Available in Paging File | 79,43% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 48,83 Gb Total Space | 7,21 Gb Free Space | 14,76% Space Free | Partition Type: NTFS Drive D: | 100,22 Gb Total Space | 26,12 Gb Free Space | 26,07% Space Free | Partition Type: NTFS Computer Name: MG-107315 | User Name: ******-M | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\******-M\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Programme\Canon\Solution Menu EX\CNSEUPDT.EXE (CANON INC.) PRC - C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) PRC - C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) PRC - C:\Programme\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited) PRC - C:\Programme\Pc Camera\3288.exe (Microsoft) PRC - C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited) PRC - C:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited) PRC - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab) PRC - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe () PRC - C:\WINDOWS\Runservice.exe () PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Client Security Solution\password_manager.exe (Lenovo Group Limited) PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) PRC - C:\Programme\ThinkPad\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) PRC - C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe (Kaspersky Lab) PRC - C:\WINDOWS\system32\PSIService.exe () PRC - C:\WINDOWS\system32\TpKmpSvc.exe () PRC - C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe (iPass Inc) PRC - C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.) PRC - C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.) PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) PRC - C:\WINDOWS\system32\nwtray.exe (Novell, Inc.) ========== Modules (No Company Name) ========== MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\WINDOWS\system32\nview.dll () MOD - C:\WINDOWS\system32\nvshell.dll () MOD - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe () MOD - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\K2NPROXY.dll () MOD - C:\WINDOWS\mmfs.dll () MOD - C:\WINDOWS\Runservice.exe () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\Programme\ThinkPad\Utilities\PWRMGRIF.DLL () MOD - C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL () MOD - C:\WINDOWS\system32\btwicons.dll () MOD - C:\WINDOWS\system32\PSIService.exe () MOD - C:\WINDOWS\system32\TpKmpSvc.exe () MOD - C:\WINDOWS\system32\nwshlxnt.dll () MOD - C:\WINDOWS\system32\nls\DEUTSCH\nwshlxnr.dll () MOD - C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\libeay32.dll () MOD - C:\Programme\Adobe\Acrobat 6.0\Distillr\AdistRes.DEU () MOD - C:\WINDOWS\system32\HPBHEALR.DLL () ========== Win32 Services (SafeList) ========== SRV - (jsenujoft) -- C:\WINDOWS\system32\zxjaux.dll File not found SRV - (bxlst) -- C:\WINDOWS\system32\zxjaux.dll File not found SRV - (bpsyorcy) -- C:\WINDOWS\system32\zxjaux.dll File not found SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (TPHKLOAD) -- C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited) SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) SRV - (LENOVO.MICMUTE) -- C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) SRV - (SUService) -- C:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited) SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab) SRV - (LicCtrlService) -- C:\WINDOWS\Runservice.exe () SRV - (Macromedia Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe () SRV - (TVT Scheduler) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited) SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (ThinkVantage Registry Monitor Service) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) SRV - (klnagent) -- C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe (Kaspersky Lab) SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe () SRV - (cusrvc) -- C:\WINDOWS\system32\cusrvc.exe (Novell, Inc.) SRV - (TpKmpSVC) -- C:\WINDOWS\system32\TpKmpSvc.exe () SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (lenovo.smi) -- C:\WINDOWS\system32\drivers\smiif32.sys (Lenovo Group Limited) DRV - (usbcamcl) -- C:\WINDOWS\system32\drivers\usbcamcl.sys (usb camera) DRV - (TSP) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab) DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab) DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (cdrblock) -- C:\WINDOWS\system32\drivers\cdrblock.sys (Canopus Co,. Ltd.) DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab) DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications) DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.) DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS () DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (NETw4x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.) DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.) DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.) DRV - (zebrsce) -- C:\WINDOWS\system32\drivers\zebrsce.sys (MCCI) DRV - (zebrmdmc) Sony Ericsson mRouter Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdmc.sys (MCCI) DRV - (zebrmdm) Sony Ericsson Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdm.sys (MCCI) DRV - (zebrmdfl) -- C:\WINDOWS\system32\drivers\zebrmdfl.sys (MCCI Corporation) DRV - (zebrbus) -- C:\WINDOWS\system32\drivers\zebrbus.sys (MCCI) DRV - (zebrceb) Sony Ericsson Cable Emulation Bus (WDM) -- C:\WINDOWS\system32\drivers\zebrceb.sys (MCCI) DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab) DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.) DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC) DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC) DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC) DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.) DRV - (NetwareWorkstation) -- C:\WINDOWS\system32\NetWare\nwfs.sys (Novell, Inc.) DRV - (NWDNS) -- C:\WINDOWS\system32\NetWare\nwdns.sys (Novell, Inc.) DRV - (SRVLOC) -- C:\WINDOWS\system32\NetWare\srvloc.sys (Novell, Inc.) DRV - (NICM) -- C:\WINDOWS\system32\drivers\nicm.sys (Novell, Inc.) DRV - (NWDHCP) -- C:\WINDOWS\system32\NetWare\nwdhcp.sys (Novell, Inc.) DRV - (NWSIPX32) -- C:\WINDOWS\system32\NetWare\nwsipx32.sys (Novell, Inc.) DRV - (NWHOST) -- C:\WINDOWS\system32\NetWare\nwhost.sys (Novell, Inc.) DRV - (NWSNS) -- C:\WINDOWS\system32\NetWare\nwsns.sys (Novell, Inc.) DRV - (NWFILTER) -- C:\WINDOWS\system32\NetWare\nwfilter.sys (Novell, Inc.) DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH) DRV - (NWSLP) -- C:\WINDOWS\system32\NetWare\nwslp.sys (Novell, Inc.) DRV - (RESMGR) -- C:\WINDOWS\system32\NetWare\resmgr.sys (Novell, Inc.) DRV - (ASAPIW2k) -- C:\WINDOWS\system32\drivers\asapiW2k.sys (Pinnacle Systems GmbH) DRV - (NWSAP) -- C:\WINDOWS\system32\NetWare\nwsap.sys () DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ds-technologie.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 51 BA 3B 0B 7C CA 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {6221EBD2-4870-4CC4-9778-E6576CED9E43} IE - HKCU\..\SearchScopes\{6221EBD2-4870-4CC4-9778-E6576CED9E43}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGIT_de IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = mg-proxy:8080 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442 FF - prefs.js..network.proxy.backup.ftp: "mg-proxy" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "mg-proxy" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "mg-proxy" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "mg-proxy" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "mg-proxy" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "mg-proxy" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "mg-proxy" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.socks: "mg-proxy" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "mg-proxy" FF - prefs.js..network.proxy.ssl_port: 8080 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.03.19 11:10:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.03.19 11:10:08 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FCF36B88-1BBA-487f-B64B-D2E8980A9293}: C:\Programme\Lenovo\Client Security Solution\PWM Firefox Extension [2008.05.07 16:08:41 | 000,000,000 | ---D | M] [2009.04.16 13:11:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Mozilla\Extensions [2008.05.28 21:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2012.05.08 09:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions [2011.06.29 10:18:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.03.19 11:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.12.07 09:31:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.03.13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2011.10.24 00:49:22 | 001,826,192 | ---- | M] (Caminova, Inc.) -- C:\Programme\mozilla firefox\plugins\npdjvu.dll [2003.09.04 14:37:44 | 000,892,928 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\NPSWF32.dll [2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdjvu.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Google Updater (Enabled) = C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - File not found O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - File not found O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - File not found O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - File not found O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - File not found O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - File not found O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - File not found O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - File not found O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - File not found O4 - HKLM..\Run: [3288] C:\Programme\Pc Camera\3288.exe (Microsoft) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL () O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) O4 - HKLM..\Run: [iPCCheck] C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe (iPass Inc) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited) O4 - HKLM..\Run: [LPMailChecker] C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NexusServer] C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [NWTRAY] C:\WINDOWS\System32\nwtray.exe (Novell, Inc.) O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe () O4 - HKLM..\Run: [PSQLLauncher] C:\Programme\ThinkVantage Fingerprint Software\launcher.exe (UPEK Inc.) O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited) O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (Lenovo) O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) O4 - HKCU..\Run: [iecfgRpl] rundll32.exe "C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\iecfgRpl\SecurityMapServ.dll", appMapTrust msWebnt5 File not found O4 - HKCU..\Run: [SkypePM] C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Skype\SkypePM.exe File not found O4 - HKCU..\Run: [TomTomHOME.exe] "C:\Programme\TomTom HOME 2\HOMERunner.exe" File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: CompatibleRUPSecurity = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Programme\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Programme\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm () O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office2003\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Save page in SuperOffice - C:\Programme\SuperOffice\SoIeExtensions.dll (SuperOffice AS) O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Programme\Free Download Manager\dlfvideo.htm () O9 - Extra Button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\SCIEPlgn.dll (Kaspersky Lab) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: SuperOror - {CC88D81F-6166-4F46-AC89-B75CD9CEB292} - Reg Error: Key error. File not found O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\NetWare\nwws2nds.dll (Novell, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\NetWare\nwws2sap.dll (Novell, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\NetWare\nwws2slp.dll (Novell, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} https://photoservice.fujicolor.de/ips-opdata/objects/jordan-canvasx.cab (JordanUploader Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209556674671 (WUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = starrag.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{007E9E8C-277D-49B5-8454-B8FE8ED9DCD8}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\adialhk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\WINDOWS\System32\vrlogon.dll (UPEK Inc.) O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O20 - Winlogon\Notify\psfus: DllName - (C:\WINDOWS\system32\psqlpwd.dll) - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (nwv1_0) - C:\WINDOWS\System32\nwv1_0.dll (Novell, Inc.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.04.30 15:52:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{0074100d-2ce7-11dd-ab94-001e4cdace2a}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell - "" = AutoRun O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{8a22bd91-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\StartPortableApps.exe O33 - MountPoints2\{8a22bdf9-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\pstart.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.06.19 14:46:37 | 000,000,000 | ---D | C] -- C:\StarragHeckert [2012.06.19 14:46:16 | 000,000,000 | ---D | C] -- C:\VDW Kommunikationsausschuss [2012.06.14 19:10:25 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll [2012.06.11 09:16:49 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012.06.10 13:38:57 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\******-M\Desktop\TDSSKiller.exe [2012.06.10 13:19:37 | 000,000,000 | ---D | C] -- C:\_OTL [2012.06.10 13:16:18 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\******-M\Desktop\OTL.exe [2012.06.09 15:46:49 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2012.06.08 10:53:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******-M\Startmenü\Programme\Google Chrome [2012.06.08 10:48:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Deployment [2012.06.04 14:28:33 | 000,000,000 | ---D | C] -- C:\IMTS 2012 [2012.06.02 15:28:06 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJSolutionMenuEX [2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEPPEX2 [2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonEPP [2012.06.02 15:27:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Canon [2012.06.02 15:27:32 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter [2012.06.02 15:17:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM [2012.06.02 15:15:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canon IJ Network Tool [2012.06.02 15:14:16 | 000,337,920 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZC.dll [2012.06.02 15:14:16 | 000,122,880 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZU.dll [2012.06.02 15:14:16 | 000,107,520 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZI.dll [2012.06.02 15:14:15 | 000,424,448 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZL.dll [2012.06.02 15:14:15 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll [2012.06.02 15:14:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\medias [2012.06.02 15:14:04 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJFAX [2012.06.02 15:12:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Benutzerregistrierung [2012.06.02 15:09:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\CANON [2012.06.02 15:09:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJWSpt [2012.06.02 15:05:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon Utilities [2012.06.02 15:04:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Manual [2012.06.02 15:03:08 | 000,257,536 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCALAZ.DLL [2012.06.02 15:03:05 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2012.06.02 15:02:51 | 000,311,296 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMAZ.DLL [2012.06.02 15:02:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information [2012.06.02 15:02:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series [2012.06.02 15:02:27 | 000,184,832 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIUAZ.DLL [2012.06.02 15:02:01 | 000,000,000 | -H-D | C] -- C:\Programme\CanonBJ [2012.06.02 15:01:30 | 000,363,520 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPPM.DLL [2012.06.02 15:01:30 | 000,035,840 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPUI.DLL [2012.06.02 15:01:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\STRING ========== Files - Modified Within 30 Days ========== [2012.06.23 10:38:31 | 272,100,896 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2012.06.23 10:28:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.06.23 10:26:04 | 010,434,080 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2012.06.23 10:16:37 | 000,168,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001 [2012.06.23 10:16:26 | 000,185,449 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012.06.23 10:16:19 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2012.06.23 10:15:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.06.23 10:15:45 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.06.23 10:15:37 | 000,001,977 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys [2012.06.23 10:15:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.06.23 10:15:09 | 3219,435,520 | -HS- | M] () -- C:\hiberfil.sys [2012.06.22 22:41:32 | 003,659,660 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2012.06.22 22:41:32 | 000,991,676 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2012.06.22 21:54:00 | 000,001,230 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job [2012.06.22 20:16:49 | 000,000,184 | ---- | M] () -- C:\WINDOWS\hpbafd.ini [2012.06.22 11:39:36 | 000,168,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat [2012.06.22 10:54:00 | 000,001,178 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job [2012.06.22 08:17:29 | 000,001,004 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2012.06.20 13:27:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2012.06.18 11:12:05 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012.06.15 09:27:27 | 000,001,168 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Calendar.lnk [2012.06.15 08:13:28 | 000,444,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.06.14 23:13:09 | 000,453,030 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.06.14 23:13:09 | 000,436,080 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.06.14 23:13:09 | 000,081,810 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.06.14 23:13:09 | 000,068,976 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.06.14 23:08:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.06.14 13:50:47 | 000,008,790 | RHS- | M] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol [2012.06.10 13:18:24 | 002,108,959 | ---- | M] () -- C:\Dokumente und Einstellungen\******-M\Desktop\tdsskiller.zip [2012.06.10 13:16:27 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\******-M\Desktop\OTL.exe [2012.06.02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll [2012.06.02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll [2012.06.02 15:19:38 | 000,219,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl [2012.06.02 15:19:38 | 000,210,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll [2012.06.02 15:19:38 | 000,015,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui [2012.06.02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll [2012.06.02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll [2012.06.02 15:19:34 | 000,053,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe [2012.06.02 15:19:34 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll [2012.06.02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll [2012.06.02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll [2012.06.02 15:19:28 | 000,023,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui [2012.06.02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll [2012.06.02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll [2012.06.02 15:19:18 | 001,933,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll [2012.06.02 15:18:58 | 000,275,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2012.06.02 15:18:58 | 000,018,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2012.06.02 15:09:09 | 000,001,686 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk [2012.06.02 15:04:40 | 000,001,935 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk [2012.05.31 15:22:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll ========== Files Created - No Company Name ========== [2012.06.15 09:27:27 | 000,001,168 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Calendar.lnk [2012.06.10 13:18:17 | 002,108,959 | ---- | C] () -- C:\Dokumente und Einstellungen\******-M\Desktop\tdsskiller.zip [2012.06.10 13:08:47 | 3219,435,520 | -HS- | C] () -- C:\hiberfil.sys [2012.06.08 10:49:47 | 000,001,230 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job [2012.06.08 10:49:46 | 000,001,178 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job [2012.06.02 15:14:15 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\CNC175ED.TBL [2012.06.02 15:09:09 | 000,001,686 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk [2012.06.02 15:04:40 | 000,001,935 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk [2012.05.23 10:34:01 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.17 09:19:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.09.20 21:13:00 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\{CE2EE4B6-4EE3-456B-A851-2F4B01E978E5} [2011.03.01 10:16:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\SoIds.ini [2011.03.01 10:13:07 | 000,000,041 | ---- | C] () -- C:\WINDOWS\souser.ini [2011.02.20 13:40:56 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.02.17 20:55:33 | 000,038,469 | ---- | C] () -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Kommagetrennte Werte (Windows).ADR [2011.01.26 09:42:20 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CmdFile.INI [2011.01.17 15:12:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI [2010.08.24 12:00:16 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\CoUninstall.dll [2010.08.24 11:35:45 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010.08.24 11:24:39 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\camera.ini [2010.07.07 13:37:54 | 000,155,700 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.DLL < End of report > [/code] Tausend Dank für Deine Hilfe. Greets Robee |
|
10.07.2012, 12:53
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google Ergebnisse, Weiterleitung auf falsche Seiten adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.07.2012, 19:09
| #15 |
| | Google Ergebnisse, Weiterleitung auf falsche Seiten Hallo Arne, anbei die TXT Datei Code:
ATTFilter # AdwCleaner v1.701 - Logfile created 07/10/2012 at 20:04:17
# Updated 02/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User :******-M - MG-107315
# Running from : C:\Dokumente und Einstellungen\******-M\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Found : HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Conduit
***** [Registre - GUID] *****
Key Found : HKLM\SOFTWARE\Classes\CLSID\{38EE5CEE-4B62-11D3-854F-00A0C9C898E7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8D670533-270B-4549-B19B-414FB9C6EBDB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [1049 octets] - [10/07/2012 20:04:17]
########## EOF - C:\AdwCleaner[R1].txt - [1177 octets] ##########
|
|
| Themen zu Google Ergebnisse, Weiterleitung auf falsche Seiten |
| 32 bit, 5 minuten, adobe, any video converter, bho, bonjour, canon, computernetzwerk, device driver, document, downloader, einstellungen, enigma, error, excel, explorer, firefox, format, free download, google, google earth, gruppe, helper, installation, intranet, jdownloader, kaspersky, langs, lenovo, logfile, microsoft office 2003, monitor, plug-in, problem, registry, richtlinie, rundll, scan, searchscopes, security, seiten, senden, software, u.s./worldwide, usb, version=1.0, windows internet |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
