| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: chatZum und searchsafer.com unerwünscht von softonicWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.09.2012, 12:05
| #31 |
 |  chatZum und searchsafer.com unerwünscht von softonic Hier die Ergebnisse mit aktuellem OTL OTL Logfile: Code:
ATTFilter OTL logfile created on: 29.09.2012 12:46:18 - Run 8
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Dokumente und Einstellungen\xxx\Desktop\Trojaner-bord
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,37 Gb Total Physical Memory | 2,68 Gb Available Physical Memory | 79,39% Memory free
5,21 Gb Paging File | 4,68 Gb Available in Paging File | 89,80% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Programme
Drive C: | 5,86 Gb Total Space | 5,74 Gb Free Space | 97,92% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 263,59 Gb Free Space | 89,97% Space Free | Partition Type: NTFS
Drive E: | 632,67 Gb Total Space | 296,76 Gb Free Space | 46,91% Space Free | Partition Type: NTFS
Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.09.29 12:42:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Dokumente und Einstellungen\xxx\Desktop\Trojaner-bord\02_OTL.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.08 17:10:49 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 19:18:21 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 19:18:21 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 19:18:21 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.01.18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- D:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.09.20 21:50:32 | 003,196,800 | ---- | M] (Super Flexible Software Ltd. & Co. KG) -- D:\Programme\SuperFlexible\ExtremeVSS.exe
PRC - [2010.01.09 11:30:26 | 002,326,920 | ---- | M] (Acronis) -- D:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
PRC - [2009.09.12 19:09:48 | 000,357,800 | ---- | M] (Acronis) -- D:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
PRC - [2009.09.12 19:09:44 | 000,660,936 | ---- | M] (Acronis) -- D:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
PRC - [2009.09.12 19:09:14 | 005,082,488 | ---- | M] (Acronis) -- D:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2008.12.18 11:47:08 | 009,158,656 | ---- | M] (Microsoft Corporation) -- D:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- D:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.04.14 08:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2007.02.02 13:07:32 | 000,675,840 | ---- | M] (Sonix) -- D:\WINDOWS\vsnp2std.exe
PRC - [2006.01.19 10:22:20 | 000,049,152 | ---- | M] (Pinnacle Systems) -- D:\Programme\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
PRC - [2005.01.31 10:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- D:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004.04.06 20:35:10 | 000,929,904 | ---- | M] (Ahead Software AG) -- D:\Programme\Ahead\InCD\incdsrv.exe
PRC - [2004.04.06 19:36:14 | 001,298,542 | ---- | M] (Ahead Software AG) -- D:\Programme\Ahead\InCD\InCD.exe
========== Modules (No Company Name) ==========
MOD - [2012.07.27 22:51:38 | 000,301,056 | ---- | M] () -- D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.06.14 16:15:15 | 011,817,472 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012.06.14 15:26:19 | 012,433,920 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.14 15:26:05 | 001,592,320 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.13 22:54:01 | 000,303,104 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.05.08 22:10:26 | 005,450,752 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.08 22:07:58 | 007,953,408 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.08 22:07:46 | 011,492,352 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.05.08 19:18:21 | 000,398,288 | ---- | M] () -- D:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.01.11 21:29:36 | 003,391,488 | ---- | M] () -- d:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ac191f8a\mscorlib.dll
MOD - [2012.01.11 21:29:25 | 002,088,960 | ---- | M] () -- d:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_41954a2b\system.xml.dll
MOD - [2012.01.11 21:28:54 | 001,966,080 | ---- | M] () -- d:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_568b4a66\system.dll
MOD - [2012.01.11 21:28:34 | 001,232,896 | ---- | M] () -- d:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2010.11.25 20:18:23 | 000,126,976 | ---- | M] () -- d:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll
MOD - [2010.11.25 20:18:22 | 001,294,336 | ---- | M] () -- d:\windows\assembly\gac\system.data\1.0.5000.0__b77a5c561934e089\system.data.dll
MOD - [2010.11.25 20:18:18 | 001,339,392 | ---- | M] () -- d:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2010.11.25 20:18:17 | 000,323,584 | ---- | M] () -- d:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2010.11.25 20:18:11 | 000,131,072 | ---- | M] () -- d:\windows\assembly\gac\system.runtime.serialization.formatters.soap\1.0.5000.0__b03f5f7f11d50a3a\system.runtime.serialization.formatters.soap.dll
MOD - [2010.11.25 20:18:10 | 000,241,664 | ---- | M] () -- d:\windows\assembly\gac\system.enterpriseservices\1.0.5000.0__b03f5f7f11d50a3a\system.enterpriseservices.dll
MOD - [2010.11.25 20:18:10 | 000,066,560 | ---- | M] () -- d:\windows\assembly\gac\system.enterpriseservices\1.0.5000.0__b03f5f7f11d50a3a\system.enterpriseservices.thunk.dll
MOD - [2010.11.25 20:16:54 | 000,233,472 | ---- | M] () -- d:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.25 20:16:53 | 000,114,688 | ---- | M] () -- d:\windows\assembly\gac\system.xml.resources\1.0.5000.0_de_b77a5c561934e089\system.xml.resources.dll
MOD - [2010.11.25 20:16:53 | 000,040,960 | ---- | M] () -- d:\windows\assembly\gac\system.serviceprocess.resources\1.0.5000.0_de_b03f5f7f11d50a3a\system.serviceprocess.resources.dll
MOD - [2009.12.13 20:19:15 | 001,679,360 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3009.39983__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.12.13 20:19:15 | 000,483,328 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3009.40202__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.12.13 20:19:15 | 000,253,952 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3009.39941__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:15 | 000,196,608 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3009.39997__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.12.13 20:19:15 | 000,135,168 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3009.40208__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.12.13 20:19:15 | 000,102,400 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3009.39990__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.12.13 20:19:15 | 000,077,824 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3009.40172__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:15 | 000,073,728 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3009.39955__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.12.13 20:19:15 | 000,065,536 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3009.40135__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:15 | 000,040,960 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3009.39975__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.12.13 20:19:15 | 000,036,864 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3009.40094__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:15 | 000,028,672 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3009.39990__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:15 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3009.39962__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:14 | 000,802,816 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3009.40102__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.12.13 20:19:14 | 000,401,408 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3009.40163__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.12.13 20:19:14 | 000,352,256 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3009.40143__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.12.13 20:19:14 | 000,090,112 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3009.40149__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.12.13 20:19:14 | 000,073,728 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3009.40102__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:14 | 000,061,440 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3009.40142__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:13 | 000,585,728 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3009.40010__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.12.13 20:19:13 | 000,479,232 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3009.40095__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.12.13 20:19:13 | 000,442,368 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3009.40089__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.12.13 20:19:13 | 000,438,272 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3009.39963__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.12.13 20:19:13 | 000,217,088 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3009.40004__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.12.13 20:19:13 | 000,118,784 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3009.40116__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.12.13 20:19:13 | 000,061,440 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3009.40094__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:13 | 000,040,960 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3009.40016__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:13 | 000,040,960 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3009.40101__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:13 | 000,036,864 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3009.40115__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:13 | 000,032,768 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3009.40128__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.12.13 20:19:13 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.12.13 20:19:13 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.12.13 20:19:13 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.12.13 20:19:13 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.12.13 20:19:13 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.12.13 20:19:13 | 000,006,656 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.12.13 20:19:12 | 000,065,536 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,053,248 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.12.13 20:19:12 | 000,053,248 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,053,248 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,053,248 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,049,152 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,045,056 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.12.13 20:19:12 | 000,045,056 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,040,960 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,040,960 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,032,768 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.12.13 20:19:12 | 000,032,768 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,028,672 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.12.13 20:19:12 | 000,028,672 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,028,672 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,024,576 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.12.13 20:19:12 | 000,024,576 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.12.13 20:19:12 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.12.13 20:19:12 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.12.13 20:19:12 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.12.13 20:19:12 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.12.13 20:19:12 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.12.13 20:19:12 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.12.13 20:19:12 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.12.13 20:19:11 | 000,491,520 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3009.39969__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.12.13 20:19:11 | 000,413,696 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3009.40186__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.12.13 20:19:11 | 000,102,400 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3009.40194__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.12.13 20:19:11 | 000,073,728 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3009.39933__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.12.13 20:19:11 | 000,061,440 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3009.40193__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.12.13 20:19:11 | 000,045,056 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.12.13 20:19:11 | 000,040,960 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.12.13 20:19:11 | 000,040,960 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3009.40217__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.12.13 20:19:11 | 000,032,768 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.12.13 20:19:11 | 000,024,576 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.12.13 20:19:11 | 000,024,576 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.12.13 20:19:11 | 000,024,576 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2009.12.13 20:19:11 | 000,024,576 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.12.13 20:19:11 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.12.13 20:19:11 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.12.13 20:19:11 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.12.13 20:19:11 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2009.12.13 20:19:11 | 000,016,384 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.12.13 20:19:11 | 000,011,264 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3009.40228__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2009.12.13 20:19:11 | 000,006,656 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3009.39933__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.12.13 20:19:10 | 001,507,328 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3009.39949__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.12.13 20:19:10 | 000,065,536 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3009.39934__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.12.13 20:19:10 | 000,053,248 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3009.39931__90ba9c70f846762e\APM.Server.dll
MOD - [2009.12.13 20:19:10 | 000,045,056 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3009.39932__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.12.13 20:19:10 | 000,040,960 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.12.13 20:19:10 | 000,032,768 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3009.40194__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.12.13 20:19:10 | 000,032,768 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.12.13 20:19:10 | 000,020,480 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2001.10.28 18:42:30 | 000,116,224 | ---- | M] () -- D:\WINDOWS\system32\pdfcmnnt.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- D:\Programme\a-squared Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012.09.20 15:51:53 | 001,737,728 | ---- | M] (Lavasoft Limited ) [Auto | Stopped] -- D:\Programme\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012.09.09 09:44:45 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- D:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.08 19:18:21 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 19:18:21 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.09.20 21:50:32 | 003,196,800 | ---- | M] (Super Flexible Software Ltd. & Co. KG) [Auto | Running] -- D:\Programme\SuperFlexible\ExtremeVSS.exe -- (ExtremeVSSService)
SRV - [2010.01.09 11:30:26 | 002,326,920 | ---- | M] (Acronis) [Auto | Running] -- D:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2009.12.01 20:43:02 | 000,051,384 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- D:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009.09.12 19:09:44 | 000,660,936 | ---- | M] (Acronis) [Auto | Running] -- D:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008.12.18 11:47:08 | 009,158,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- D:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006.01.19 10:22:20 | 000,049,152 | ---- | M] (Pinnacle Systems) [Auto | Running] -- D:\Programme\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe -- (PinnacleSys.MediaServer)
SRV - [2005.05.03 22:42:56 | 000,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS)
SRV - [2005.01.31 10:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- D:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- D:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.04.06 20:35:10 | 000,929,904 | ---- | M] (Ahead Software AG) [Auto | Running] -- D:\Programme\Ahead\InCD\incdsrv.exe -- (InCDsrv)
SRV - [2003.07.28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.05.08 19:18:21 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 19:18:21 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.10.06 19:35:12 | 000,020,645 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\IwUSB.sys -- (IwUSB)
DRV - [2011.09.25 19:05:25 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2011.02.04 16:27:14 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010.07.12 10:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- D:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.01.09 11:30:28 | 000,159,168 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2010.01.09 11:30:24 | 000,902,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\tdrpm251.sys -- (tdrpman251)
DRV - [2010.01.09 11:30:22 | 000,570,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2010.01.09 11:30:17 | 000,157,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2009.10.27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2009.06.30 11:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- D:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008.04.17 10:33:00 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.03.29 08:21:53 | 002,873,856 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.11.20 13:09:22 | 000,104,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007.04.16 22:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007.02.02 11:24:54 | 012,027,904 | ---- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD)
DRV - [2005.06.02 20:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.02.23 18:40:26 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K)
DRV - [2005.02.09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2004.06.11 02:00:00 | 000,016,384 | R--- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\avmunet.sys -- (AVMUNET)
DRV - [2004.04.06 20:43:22 | 000,005,504 | ---- | M] (Ahead Software AG) [Recognizer | System | Unknown] -- D:\WINDOWS\System32\drivers\incdrec.sys -- (InCDrec)
DRV - [2004.04.06 20:40:10 | 000,025,600 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\incdpass.sys -- (InCDPass)
DRV - [2004.04.06 20:39:20 | 000,089,472 | ---- | M] (Ahead Software AG) [File_System | Disabled | Running] -- D:\WINDOWS\System32\drivers\incdfs.sys -- (InCDfs)
DRV - [2003.12.05 11:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003.08.21 16:56:36 | 000,025,520 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\incdrm.sys -- (incdrm)
DRV - [2001.08.17 14:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\SearchScopes\{0C522CCA-D14D-4577-ABE8-9C7D6FC84ADF}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\SearchScopes\{BCF135C2-2F38-4FD7-9514-BB49CDA64A58}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.53
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.53.29
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.114
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.0.0.10201
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4
FF - prefs.js..extensions.enabledItems: mail@shopping-preise.de:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..keyword.URL: "hxxp://utils.chatzum.com/?url="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: D:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: D:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: D:\Programme\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: D:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: D:\Programme\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: D:\Programme\CheckPoint\ZAForceField\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.09.09 09:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2012.09.22 12:18:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mail@shopping-preise.de: D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\mail@shopping-preise.de [2012.04.15 11:18:05 | 000,000,000 | ---D | M]
[2011.07.17 12:10:54 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Extensions
[2011.07.17 12:10:54 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Extensions\ideskbrowser@haufe.de
[2012.09.15 17:26:15 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions
[2010.04.28 09:07:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.07.27 19:29:36 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.07.19 19:29:13 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2009.12.14 18:54:55 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2012.04.15 11:18:05 | 000,000,000 | ---D | M] (Shopping-preise.de) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\mail@shopping-preise.de
[2012.07.27 17:53:42 | 000,741,958 | ---- | M] () (No name found) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.28 16:45:01 | 000,000,000 | ---D | M] (No name found) -- D:\Programme\Mozilla Firefox\extensions
[2012.09.11 21:25:47 | 000,000,000 | ---D | M] (Skype Click to Call) -- D:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.09 09:44:37 | 000,000,000 | ---D | M] (Java Console) -- D:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.28 16:45:01 | 000,000,000 | ---D | M] (Java Console) -- D:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.09.09 09:44:45 | 000,266,720 | ---- | M] (Mozilla Foundation) -- D:\Programme\mozilla firefox\components\browsercomps.dll
[2012.06.17 09:00:11 | 000,001,392 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 06:00:49 | 000,002,465 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.17 09:00:11 | 000,001,153 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.17 09:00:11 | 000,006,805 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.17 09:00:11 | 000,001,178 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.17 09:00:11 | 000,001,105 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.10.13 15:36:55 | 000,437,963 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15063 more lines...
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - D:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Programme\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - D:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O3 - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Programme\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - D:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] D:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [Adobe ARM] D:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] D:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [InCD] D:\Programme\Ahead\InCD\InCD.exe (Ahead Software AG)
O4 - HKLM..\Run: [ISW] File not found
O4 - HKLM..\Run: [PinnacleDriverCheck] D:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [snp2std] D:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [StartCCC] D:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] D:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [tsnp2std] D:\WINDOWS\tsnp2std.exe (SONIX)
O4 - HKU\S-1-5-21-839522115-616249376-2147125571-1004..\Run: [PowerBar] File not found
O4 - HKU\S-1-5-21-839522115-616249376-2147125571-1004..\Run: [SpybotSD TeaTimer] D:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-839522115-616249376-2147125571-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download by Orbit - D:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - D:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - D:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - D:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Free YouTube to MP3 Converter - D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..Trusted Ranges: Range37 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9965178-8016-4BF4-9F70-9ADF3C5E4286}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: D:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.25 20:09:18 | 000,000,087 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: D:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^McAfee Security Scan.lnk - - File not found
MsConfig - StartUpReg: a-squared - hkey= - key= - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - D:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Photo Downloader - hkey= - key= - D:\Programme\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig - StartUpReg: Aim - hkey= - key= - D:\Programme\AIM\aim.exe (AOL Inc.)
MsConfig - StartUpReg: avgnt - hkey= - key= - D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
MsConfig - StartUpReg: FixCamera - hkey= - key= - D:\WINDOWS\FixCamera.exe ()
MsConfig - StartUpReg: ICQ - hkey= - key= - File not found
MsConfig - StartUpReg: LexwareInfoService - hkey= - key= - D:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
MsConfig - StartUpReg: NeroCheck - hkey= - key= - File not found
MsConfig - StartUpReg: Personal ID - hkey= - key= - D:\coolspot AG\Personal ID\pid.exe (coolspot AG, Düsseldorf)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - D:\Programme\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: RemoteControl - hkey= - key= - D:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: UVS10 Preload - hkey= - key= - D:\Programme\Ulead Systems\Ulead VideoStudio 10\uvPL.exe (Ulead Systems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - D:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited )
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - D:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited )
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - D:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - D:\WINDOWS\system32\Rundll32.exe D:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - D:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - D:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - D:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "D:\WINDOWS\system32\rundll32.exe" "D:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.dvacm - D:\Programme\Gemeinsame Dateien\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.iac2 - D:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - D:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.MPEGacm - D:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.sl_anet - D:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - D:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - D:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - D:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - D:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - D:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.iv31 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - D:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - D:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - D:\WINDOWS\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - pclepim1.dll File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.09.26 21:10:15 | 000,000,000 | ---D | C] -- D:\Programme\Revo_Uninstaller
[2012.09.26 21:10:15 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\xxx\Startmenü\Programme\Revo Uninstaller
[2012.09.20 16:10:20 | 000,000,000 | ---D | C] -- D:\Programme\ESET
[2012.09.15 20:39:23 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\xxx\Desktop\Trojaner-bord
[2012.09.14 15:20:35 | 000,000,000 | -HSD | C] -- D:\WINDOWS\ftpcache
[2012.09.14 15:20:30 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\xxx\Startmenü\Programme\Natura Sound Therapy
[2012.09.14 15:20:28 | 000,000,000 | ---D | C] -- D:\Programme\Natura Sound Therapy
[2012.09.14 15:16:14 | 051,038,360 | ---- | C] (Blissive Software) -- D:\Dokumente und Einstellungen\xxx\Desktop\naturademo.exe
[2012.09.09 09:44:36 | 000,000,000 | ---D | C] -- D:\Programme\Mozilla Firefox
[2012.09.06 14:59:45 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AIM
[2011.09.25 19:06:35 | 000,092,064 | ---- | C] (MCCI) -- D:\Dokumente und Einstellungen\xxx\mqdmmdm.sys
[2011.09.25 19:06:35 | 000,079,328 | ---- | C] (MCCI) -- D:\Dokumente und Einstellungen\xxx\mqdmserd.sys
[2011.09.25 19:06:35 | 000,066,656 | ---- | C] (MCCI) -- D:\Dokumente und Einstellungen\xxx\mqdmbus.sys
[2011.09.25 19:06:35 | 000,009,232 | ---- | C] (MCCI) -- D:\Dokumente und Einstellungen\xxx\mqdmmdfl.sys
[2011.09.25 19:06:35 | 000,006,208 | ---- | C] (MCCI) -- D:\Dokumente und Einstellungen\xxx\mqdmcmnt.sys
[2011.09.25 19:06:35 | 000,005,936 | ---- | C] (MCCI) -- D:\Dokumente und Einstellungen\xxx\mqdmwhnt.sys
[2011.09.25 19:06:35 | 000,004,048 | ---- | C] (MCCI) -- D:\Dokumente und Einstellungen\xxx\mqdmcr.sys
[2010.02.16 10:39:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\Dokumente und Einstellungen\xxx\usbsermptxp.sys
[2010.02.16 10:39:05 | 000,022,768 | ---- | C] (Microsoft Corporation) -- D:\Dokumente und Einstellungen\xxx\usbsermpt.sys
[4 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[2 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[1 D:\WINDOWS\System32\drivers\*.tmp files -> D:\WINDOWS\System32\drivers\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.29 11:51:40 | 000,000,484 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012.09.29 11:50:53 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012.09.27 15:47:12 | 000,000,064 | ---- | M] () -- D:\WINDOWS\System32\rp_stats.dat
[2012.09.27 15:47:12 | 000,000,044 | ---- | M] () -- D:\WINDOWS\System32\rp_rules.dat
[2012.09.26 22:01:53 | 000,120,320 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.26 21:50:02 | 007,429,305 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\Ti_Ka.flv
[2012.09.26 21:10:15 | 000,000,916 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Desktop\Revo Uninstaller.lnk
[2012.09.23 14:15:51 | 041,099,857 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\ryu_sunshine2.flv
[2012.09.23 14:14:40 | 041,091,368 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\ryu_sunshine1.flv
[2012.09.20 15:39:10 | 000,001,374 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012.09.19 22:44:01 | 035,911,087 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\BSimmerrattig.flv
[2012.09.19 22:26:12 | 044,780,502 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\funpaar1807.flv
[2012.09.19 22:25:37 | 012,771,248 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\sgcouple.flv
[2012.09.19 18:56:01 | 000,000,276 | ---- | M] () -- D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.09.19 16:17:53 | 018,679,525 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\nimmersatt_27b.flv
[2012.09.19 16:16:57 | 015,247,979 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\nimmersatt_27a.flv
[2012.09.17 21:07:10 | 063,331,399 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\Mrs007b.flv
[2012.09.16 11:04:48 | 000,000,000 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\defogger_reenable
[2012.09.15 16:44:33 | 000,000,762 | ---- | M] () -- D:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.14 18:04:40 | 037,594,397 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\Armenius001a.flv
[2012.09.14 18:04:00 | 009,744,973 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\Armenius001b.flv
[2012.09.14 17:58:00 | 009,473,881 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\zuzkagee.flv
[2012.09.14 15:20:30 | 000,455,911 | ---- | M] () -- D:\WINDOWS\Natura Sound Therapy Uninstaller.exe
[2012.09.14 15:20:30 | 000,000,732 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Desktop\natura.lnk
[2012.09.14 15:17:51 | 051,038,360 | ---- | M] (Blissive Software) -- D:\Dokumente und Einstellungen\xxx\Desktop\naturademo.exe
[2012.09.14 15:11:53 | 052,790,960 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\Mrs007.flv
[2012.09.12 21:48:22 | 000,001,374 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2012.09.12 17:06:48 | 046,328,036 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\aahbipaar_andi.flv
[2012.09.09 09:16:51 | 041,320,018 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\MHpaar7886.flv
[2012.09.08 13:13:11 | 000,769,902 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Desktop\tattoos1.png
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2012.09.06 17:36:00 | 000,000,010 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\mbam.context.scan
[2012.09.06 16:38:08 | 000,131,349 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Desktop\image1.jpg
[2012.09.06 15:00:23 | 000,000,936 | -H-- | M] () -- D:\IPH.PH
[2012.09.06 14:59:45 | 000,001,544 | ---- | M] () -- D:\Dokumente und Einstellungen\All Users\Desktop\AIM.lnk
[2012.09.05 16:05:07 | 000,002,243 | ---- | M] () -- D:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[4 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[2 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[1 D:\WINDOWS\System32\drivers\*.tmp files -> D:\WINDOWS\System32\drivers\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.26 21:49:44 | 007,429,305 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\Ti_Ka.flv
[2012.09.26 21:10:15 | 000,000,916 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Desktop\Revo Uninstaller.lnk
[2012.09.23 14:13:48 | 041,099,857 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\ryu_sunshine2.flv
[2012.09.23 14:11:14 | 041,091,368 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\ryu_sunshine1.flv
[2012.09.19 22:41:18 | 035,911,087 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\BSimmerrattig.flv
[2012.09.19 22:24:30 | 012,771,248 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\sgcouple.flv
[2012.09.19 22:23:23 | 044,780,502 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\funpaar1807.flv
[2012.09.19 16:16:29 | 018,679,525 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\nimmersatt_27b.flv
[2012.09.19 16:15:39 | 015,247,979 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\nimmersatt_27a.flv
[2012.09.17 21:03:10 | 063,331,399 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\Mrs007b.flv
[2012.09.16 11:04:48 | 000,000,000 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\defogger_reenable
[2012.09.14 18:02:55 | 009,744,973 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\Armenius001b.flv
[2012.09.14 18:01:33 | 037,594,397 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\Armenius001a.flv
[2012.09.14 17:57:33 | 009,473,881 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\zuzkagee.flv
[2012.09.14 15:20:30 | 000,000,732 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Desktop\natura.lnk
[2012.09.14 15:20:29 | 000,455,911 | ---- | C] () -- D:\WINDOWS\Natura Sound Therapy Uninstaller.exe
[2012.09.14 15:08:18 | 052,790,960 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\Mrs007.flv
[2012.09.12 17:05:21 | 046,328,036 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\aahbipaar_andi.flv
[2012.09.09 09:14:02 | 041,320,018 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Eigene Dateien\MHpaar7886.flv
[2012.09.08 13:13:08 | 000,769,902 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Desktop\tattoos1.png
[2012.09.06 17:36:00 | 000,000,010 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\mbam.context.scan
[2012.09.06 16:38:07 | 000,131,349 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Desktop\image1.jpg
[2012.05.09 20:27:02 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012.04.15 11:18:00 | 000,338,432 | ---- | C] () -- D:\WINDOWS\System32\sqlite36_engine.dll
[2012.02.15 15:44:41 | 000,003,072 | ---- | C] () -- D:\WINDOWS\System32\iacenc.dll
[2012.01.18 19:13:41 | 000,000,000 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\.gtk-bookmarks
[2011.09.25 19:06:35 | 000,009,913 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\MCCI_MDM.INF
[2011.09.25 19:06:35 | 000,006,989 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\MCCI_BUS.INF
[2011.09.25 19:06:35 | 000,004,477 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\MCCI_SDM.INF
[2011.09.25 19:06:33 | 000,015,698 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Kopie von oem31.PNF
[2011.09.25 19:06:33 | 000,012,364 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Kopie von oem30.PNF
[2011.09.25 19:06:33 | 000,009,232 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Kopie von oem31.inf
[2011.09.25 19:06:33 | 000,005,813 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\1316970393-(null)
[2011.09.25 19:06:32 | 000,014,014 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Kopie von oem16.PNF
[2011.09.25 19:06:32 | 000,012,836 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Kopie von oem17.PNF
[2011.09.25 19:06:32 | 000,012,698 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Kopie von oem18.PNF
[2011.09.25 19:06:32 | 000,006,009 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Kopie von oem18.inf
[2011.09.25 19:06:32 | 000,005,877 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\1316970392-(null)
[2011.09.25 19:06:31 | 000,006,947 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\1316970391-(null)
[2011.09.25 19:05:25 | 000,009,232 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\USB_MOT_BRIT.INF
[2011.09.25 19:05:25 | 000,005,960 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\USB_MOT_A1000.INF
[2011.09.25 19:05:22 | 000,014,310 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\1316970322-oem16.PNF
[2011.09.25 19:05:22 | 000,012,836 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\1316970322-oem17.PNF
[2011.09.25 19:05:22 | 000,012,562 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\1316970322-oem18.PNF
[2011.09.25 19:05:22 | 000,007,195 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\1316970322-oem16.inf
[2011.09.25 19:05:22 | 000,005,891 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\1316970322-oem18.inf
[2011.09.25 19:05:22 | 000,005,877 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\1316970322-oem17.inf
[2011.07.24 16:44:41 | 000,031,043 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Clipboard06.jpg
[2011.04.26 08:49:02 | 000,000,064 | ---- | C] () -- D:\WINDOWS\System32\rp_stats.dat
[2011.04.26 08:49:02 | 000,000,044 | ---- | C] () -- D:\WINDOWS\System32\rp_rules.dat
[2011.01.16 11:07:27 | 000,000,036 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\housecall.guid.cache
[2010.11.25 20:27:43 | 000,194,248 | ---- | C] () -- D:\WINDOWS\System32\LTRFD13n.DLL
[2010.11.25 20:18:35 | 000,000,138 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2010.11.25 20:09:18 | 000,001,208 | ---- | C] () -- D:\WINDOWS\VFO.INI
[2010.11.25 20:08:17 | 000,196,096 | ---- | C] () -- D:\WINDOWS\System32\macd32.dll
[2010.11.25 20:08:17 | 000,138,752 | ---- | C] () -- D:\WINDOWS\System32\mase32.dll
[2010.11.25 20:08:17 | 000,136,192 | ---- | C] () -- D:\WINDOWS\System32\mamc32.dll
[2010.11.25 20:08:17 | 000,057,856 | ---- | C] () -- D:\WINDOWS\System32\masd32.dll
[2010.11.25 20:08:17 | 000,027,648 | ---- | C] () -- D:\WINDOWS\System32\ma32.dll
[2010.10.21 14:19:42 | 000,208,896 | ---- | C] () -- D:\WINDOWS\System32\LXPrnUtil10.dll
[2010.10.21 14:18:46 | 000,303,104 | ---- | C] () -- D:\WINDOWS\System32\dnt27VC8.dll
[2010.10.21 14:16:58 | 000,143,360 | ---- | C] () -- D:\WINDOWS\System32\dntvmc27VC8.dll
[2010.10.21 14:16:34 | 000,086,016 | ---- | C] () -- D:\WINDOWS\System32\dntvm27VC8.dll
[2010.02.16 10:39:05 | 000,007,201 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\USBMOT2000.INF
[2010.02.16 10:39:05 | 000,006,141 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\USBMOT2000XP.INF
[2010.02.16 10:39:05 | 000,005,880 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\USB_CMCS_2000.INF
[2010.02.06 12:55:09 | 000,001,209 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\burnaware.ini
[2010.01.01 16:03:05 | 002,772,992 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\filesync.metadata
[2009.12.28 19:46:26 | 000,059,645 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Clipboard03.jpg
[2009.12.19 12:46:46 | 000,120,320 | ---- | C] () -- D:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.19 12:37:21 | 000,040,960 | ---- | C] () -- D:\Programme\Uninstall_CDS.exe
========== ZeroAccess Check ==========
[2009.12.13 20:16:18 | 000,000,227 | RHS- | M] () -- D:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009.09.25 07:35:26 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 08:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.01.09 11:32:40 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2011.01.04 01:06:20 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AIM
[2011.09.25 18:59:34 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avanquest
[2010.12.11 12:38:01 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve
[2010.02.16 10:50:04 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2012.07.21 09:50:34 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint
[2011.02.13 20:13:19 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure
[2010.12.10 17:24:35 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Haufe
[2011.01.04 01:02:38 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2011.07.02 10:41:10 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2010.11.29 20:42:56 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2010.11.29 20:43:52 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle Studio
[2010.01.05 11:07:42 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SmartSound Software Inc
[2012.07.31 17:30:43 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SuperFlexibleSynchronizer
[2010.01.05 11:53:52 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2010.07.26 17:26:48 | 000,000,000 | -H-D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
[2011.08.28 16:56:55 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\Gast\Anwendungsdaten\CheckPoint
[2011.08.28 16:59:20 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\Gast\Anwendungsdaten\Lexware
[2012.08.11 09:48:02 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\Internet\Anwendungsdaten\CheckPoint
[2011.01.04 01:10:34 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\acccore
[2010.01.09 11:54:48 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Acronis
[2012.01.20 19:59:02 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Any Video Converter
[2012.07.08 19:57:02 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Auslogics
[2012.07.21 09:57:25 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\CheckPoint
[2011.07.27 19:29:48 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\DVDVideoSoft
[2011.07.27 19:29:34 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.02.13 20:13:30 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\f-secure
[2012.09.28 21:52:57 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\FreeDoko
[2011.01.03 12:20:07 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\GHISLER
[2009.12.19 23:44:48 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\GrabPro
[2011.07.17 12:10:46 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Haufe Mediengruppe
[2011.01.04 01:02:17 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\ICQ
[2010.12.10 17:30:40 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Lexware
[2010.01.01 16:35:53 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Opera
[2012.08.21 20:25:27 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Orbit
[2010.08.12 17:32:04 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\ProgSense
[2012.09.15 16:48:21 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\QuickScan
[2009.12.20 14:29:38 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\TeamViewer
[2010.01.05 11:45:01 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Ulead Systems
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.01.04 01:10:34 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\acccore
[2010.01.09 11:54:48 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Acronis
[2012.02.06 21:20:26 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Adobe
[2009.12.20 20:43:46 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Ahead
[2012.01.20 19:59:02 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Any Video Converter
[2009.12.19 12:18:15 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Apple Computer
[2009.12.13 20:20:31 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\ATI
[2012.07.08 19:57:02 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Auslogics
[2011.10.16 12:12:46 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Avira
[2012.07.21 09:57:25 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\CheckPoint
[2010.08.15 19:42:09 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Cyberlink
[2011.07.27 19:29:48 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\DVDVideoSoft
[2011.07.27 19:29:34 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.02.13 20:13:30 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\f-secure
[2012.09.28 21:52:57 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\FreeDoko
[2011.01.03 12:20:07 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\GHISLER
[2009.12.19 23:44:48 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\GrabPro
[2011.07.17 12:10:46 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Haufe Mediengruppe
[2010.01.02 14:49:06 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Help
[2011.01.04 01:02:17 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\ICQ
[2009.12.13 20:06:56 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Identities
[2009.12.13 20:34:40 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\InstallShield
[2010.12.10 17:30:40 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Lexware
[2009.12.14 18:55:37 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Macromedia
[2009.12.13 20:46:25 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Malwarebytes
[2012.02.06 21:20:26 | 000,000,000 | --SD | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Microsoft
[2012.02.22 21:08:39 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Move Networks
[2009.12.14 18:48:42 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla
[2010.02.17 19:08:34 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Nero
[2010.01.01 16:35:53 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Opera
[2012.08.21 20:25:27 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Orbit
[2010.08.12 17:32:04 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\ProgSense
[2012.09.15 16:48:21 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\QuickScan
[2012.09.05 22:05:11 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Skype
[2011.07.21 19:48:50 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\skypePM
[2010.12.11 09:46:27 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Sun
[2009.12.20 14:29:38 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\TeamViewer
[2010.01.05 11:45:01 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Ulead Systems
[2009.12.23 18:09:15 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\WinRAR
[2010.04.18 13:07:18 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Yahoo!
< %APPDATA%\*.exe /s >
[2009.12.19 14:54:27 | 001,956,072 | ---- | M] (Adobe Systems Incorporated) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2010.11.25 20:06:38 | 000,029,926 | R--- | M] () -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Microsoft\Installer\{EEECE229-49F6-4851-A73A-99B058221F8C}\ARPPRODUCTICON.exe
[2008.09.17 18:03:04 | 000,099,704 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2012.02.22 21:08:39 | 000,034,063 | ---- | M] () -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Move Networks\ie_bin\Uninst.exe
[2009.12.01 20:43:02 | 000,025,936 | ---- | M] (NOS Microsystems Ltd.) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- D:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- D:\WINDOWS\system32\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- D:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008.04.14 08:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- D:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- D:\WINDOWS\system32\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- D:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 08:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- D:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- D:\WINDOWS\system32\scecli.dll
[2004.08.04 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- D:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: USER32.DLL >
[2004.08.04 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- D:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 08:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- D:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 08:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- D:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- D:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- D:\WINDOWS\system32\userinit.exe
[2012.06.02 15:51:44 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- D:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- D:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- D:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 08:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- D:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- D:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- D:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- D:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[1 D:\WINDOWS\system32\drivers\*.tmp files -> D:\WINDOWS\system32\drivers\*.tmp -> ]
< %systemroot%\System32\config\*.sav >
[2009.12.13 20:52:51 | 000,094,208 | ---- | M] () -- D:\WINDOWS\System32\config\default.sav
[2009.12.13 20:52:51 | 000,638,976 | ---- | M] () -- D:\WINDOWS\System32\config\software.sav
[2009.12.13 20:52:51 | 000,446,464 | ---- | M] () -- D:\WINDOWS\System32\config\system.sav
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< End of report >
[/code] |
|
01.10.2012, 11:36
| #32 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | chatZum und searchsafer.com unerwünscht von softonic Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
__________________Code:
ATTFilter :OTL
FF - user.js - File not found
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\SearchScopes\{0C522CCA-D14D-4577-ABE8-9C7D6FC84ADF}: "URL" = http://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\..\SearchScopes\{BCF135C2-2F38-4FD7-9514-BB49CDA64A58}: "URL" = http://search.chatzum.com/?q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzum.com/?q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-839522115-616249376-2147125571-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..keyword.URL: "http://utils.chatzum.com/?url="
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: D:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
[2010.04.28 09:07:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.04.15 11:18:05 | 000,000,000 | ---D | M] (Shopping-preise.de) -- D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\mail@shopping-preise.de
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - D:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - D:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O4 - HKLM..\Run: [ISW] File not found
O4 - HKU\S-1-5-21-839522115-616249376-2147125571-1004..\Run: [PowerBar] File not found
O4 - HKU\S-1-5-21-839522115-616249376-2147125571-1004..\Run: [SpybotSD TeaTimer] D:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-839522115-616249376-2147125571-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.25 20:09:18 | 000,000,087 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
:Files
D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint
D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{*
D:\WINDOWS\FixCamera.exe
E:\runtergeladen\format-factory\FFSetup215.exe
E:\runtergeladen\mov-Konverter\XMedia-Recode\SoftonicDownloader64864.exe
E:\runtergeladen\natura_sound_therapy\natura-sound-therapy.exe
E:\runtergeladen\orbitdownloader+co\bs_Orbit_Downloader.exe
E:\runtergeladen\phonostar\ps_radio2012.exe
E:\runtergeladen\phonostar\ps_radio2015.exe
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ |
|
01.10.2012, 21:26
| #33 |
| | chatZum und searchsafer.com unerwünscht von softonic Erledigt. Ich hatte ein etwas mulmiges Gefühl, als der PC nicht runtergefahren ist. Nach 20min habe ich dann mal den Reset-Knopf gedrückt...
__________________Hier sind die Ergebnisse des OTL-Fixes. Bin ich jetzt geheilt? ;-) Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-839522115-616249376-2147125571-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-839522115-616249376-2147125571-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-839522115-616249376-2147125571-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0C522CCA-D14D-4577-ABE8-9C7D6FC84ADF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C522CCA-D14D-4577-ABE8-9C7D6FC84ADF}\ not found.
Registry key HKEY_USERS\S-1-5-21-839522115-616249376-2147125571-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-839522115-616249376-2147125571-1004\Software\Microsoft\Internet Explorer\SearchScopes\{BCF135C2-2F38-4FD7-9514-BB49CDA64A58}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BCF135C2-2F38-4FD7-9514-BB49CDA64A58}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKU\S-1-5-21-839522115-616249376-2147125571-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-839522115-616249376-2147125571-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "chrf-ytbm" removed from browser.search.param.yahoo-fr
Prefs.js: "chrf-ytbm" removed from browser.search.param.yahoo-fr-cjkt
Prefs.js: "${8}" removed from browser.search.param.yahoo-type
Prefs.js: helperbar@helperbar.com:1.0 removed from extensions.enabledItems
Prefs.js: "hxxp://utils.chatzum.com/?url=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@checkpoint.com/FFApi\ deleted successfully.
Folder D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\ not found.
Folder D:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\eyjw70yw.default\extensions\mail@shopping-preise.de\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ISW deleted successfully.
Registry value HKEY_USERS\S-1-5-21-839522115-616249376-2147125571-1004\Software\Microsoft\Windows\CurrentVersion\Run\\PowerBar deleted successfully.
Registry value HKEY_USERS\S-1-5-21-839522115-616249376-2147125571-1004\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
D:\Programme\Spybot - Search & Destroy\TeaTimer.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-839522115-616249376-2147125571-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
========== FILES ==========
D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint\ZoneAlarm\Data folder moved successfully.
D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint\ZoneAlarm folder moved successfully.
D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint folder moved successfully.
D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E} folder moved successfully.
D:\WINDOWS\FixCamera.exe moved successfully.
File\Folder E:\runtergeladen\format-factory\FFSetup215.exe not found.
File\Folder E:\runtergeladen\mov-Konverter\XMedia-Recode\SoftonicDownloader64864.exe not found.
File\Folder E:\runtergeladen\natura_sound_therapy\natura-sound-therapy.exe not found.
File\Folder E:\runtergeladen\orbitdownloader+co\bs_Orbit_Downloader.exe not found.
File\Folder E:\runtergeladen\phonostar\ps_radio2012.exe not found.
File\Folder E:\runtergeladen\phonostar\ps_radio2015.exe not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
D:\Dokumente und Einstellungen\xxx\Desktop\Trojaner-bord\cmd.bat deleted successfully.
D:\Dokumente und Einstellungen\xxx\Desktop\Trojaner-bord\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Gast
->Temp folder emptied: 1709817 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3468465 bytes
User: Internet
->Temp folder emptied: 1931974 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 2193592 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: xxx
->Temp folder emptied: 26147255 bytes
->Temporary Internet Files folder emptied: 980760570 bytes
->Java cache emptied: 5447944 bytes
->FireFox cache emptied: 1093270009 bytes
->Opera cache emptied: 43097570 bytes
->Flash cache emptied: 1969372 bytes
User: NetworkService
->Temp folder emptied: 2132552 bytes
->Temporary Internet Files folder emptied: 33237 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134333 bytes
%systemroot%\System32 .tmp files removed: 112911 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 24192 bytes
Windows Temp folder emptied: 2179026 bytes
RecycleBin emptied: 5897592515 bytes
Total Files Cleaned = 7.691,00 mb
D:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.69.0 log created on 10012012_220150
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
02.10.2012, 14:45
| #34 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | chatZum und searchsafer.com unerwünscht von softonic Etwas müssen wir schon noch tun  Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
03.10.2012, 16:01
| #35 |
| | chatZum und searchsafer.com unerwünscht von softonic So, habe das Programm mal laufen lassen. Hier sind die Ergebnisse. Hoffe mal, daß noch Hoffnung besteht  Ist mein System aktuell eigentlich sehr unsicher? Kann es übrigens sein, daß mir im Rahmen der ganzen Säuberungen mein Spybot aus dem Autostart genommen wurde? Code:
ATTFilter 16:51:22.0167 4488 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
16:51:22.0183 4488 ============================================================
16:51:22.0183 4488 Current date / time: 2012/10/03 16:51:22.0183
16:51:22.0183 4488 SystemInfo:
16:51:22.0183 4488
16:51:22.0183 4488 OS Version: 5.1.2600 ServicePack: 3.0
16:51:22.0183 4488 Product type: Workstation
16:51:22.0183 4488 ComputerName: xxx-PC
16:51:22.0183 4488 UserName: xxx
16:51:22.0183 4488 Windows directory: D:\WINDOWS
16:51:22.0183 4488 System windows directory: D:\WINDOWS
16:51:22.0183 4488 Processor architecture: Intel x86
16:51:22.0183 4488 Number of processors: 2
16:51:22.0183 4488 Page size: 0x1000
16:51:22.0183 4488 Boot type: Normal boot
16:51:22.0183 4488 ============================================================
16:51:23.0152 4488 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:51:23.0167 4488 ============================================================
16:51:23.0167 4488 \Device\Harddisk0\DR0:
16:51:23.0167 4488 MBR partitions:
16:51:23.0167 4488 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBB867E
16:51:23.0183 4488 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xBB86FC, BlocksNum 0x249F16E6
16:51:23.0198 4488 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x255A9E21, BlocksNum 0x4F157CDF
16:51:23.0198 4488 ============================================================
16:51:23.0230 4488 C: <-> \Device\Harddisk0\DR0\Partition1
16:51:23.0277 4488 E: <-> \Device\Harddisk0\DR0\Partition3
16:51:23.0308 4488 D: <-> \Device\Harddisk0\DR0\Partition2
16:51:23.0308 4488 ============================================================
16:51:23.0308 4488 Initialize success
16:51:23.0308 4488 ============================================================
16:52:25.0027 4124 ============================================================
16:52:25.0027 4124 Scan started
16:52:25.0027 4124 Mode: Manual; SigCheck; TDLFS;
16:52:25.0027 4124 ============================================================
16:52:25.0761 4124 ================ Scan system memory ========================
16:52:27.0136 4124 System memory - ok
16:52:27.0136 4124 ================ Scan services =============================
16:52:27.0183 4124 a2AntiMalware - ok
16:52:27.0308 4124 Abiosdsk - ok
16:52:27.0308 4124 abp480n5 - ok
16:52:27.0339 4124 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI D:\WINDOWS\system32\DRIVERS\ACPI.sys
16:52:27.0730 4124 ACPI - ok
16:52:27.0745 4124 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC D:\WINDOWS\system32\drivers\ACPIEC.sys
16:52:27.0855 4124 ACPIEC - ok
16:52:27.0886 4124 [ 6482C272F92EC589B14F9D1756F00641 ] AcrSch2Svc D:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
16:52:27.0917 4124 AcrSch2Svc - ok
16:52:27.0917 4124 adpu160m - ok
16:52:27.0964 4124 [ 8BED39E3C35D6A489438B8141717A557 ] aec D:\WINDOWS\system32\drivers\aec.sys
16:52:28.0042 4124 aec - ok
16:52:28.0073 4124 [ F132D0BFDE7C5EA1AB42325C5694A969 ] afcdp D:\WINDOWS\system32\DRIVERS\afcdp.sys
16:52:28.0073 4124 afcdp - ok
16:52:28.0120 4124 [ 986A134B1A1770599B7AF9354CBB066F ] afcdpsrv D:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
16:52:28.0214 4124 afcdpsrv - ok
16:52:28.0230 4124 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD D:\WINDOWS\System32\drivers\afd.sys
16:52:28.0261 4124 AFD - ok
16:52:28.0261 4124 Aha154x - ok
16:52:28.0277 4124 aic78u2 - ok
16:52:28.0277 4124 aic78xx - ok
16:52:28.0292 4124 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter D:\WINDOWS\system32\alrsvc.dll
16:52:28.0386 4124 Alerter - ok
16:52:28.0402 4124 [ 190CD73D4984F94D823F9444980513E5 ] ALG D:\WINDOWS\System32\alg.exe
16:52:28.0495 4124 ALG - ok
16:52:28.0495 4124 AliIde - ok
16:52:28.0527 4124 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM D:\WINDOWS\system32\DRIVERS\AmdPPM.sys
16:52:28.0542 4124 AmdPPM - ok
16:52:28.0542 4124 amsint - ok
16:52:28.0589 4124 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService D:\Programme\Avira\AntiVir Desktop\sched.exe
16:52:28.0589 4124 AntiVirSchedulerService - ok
16:52:28.0605 4124 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService D:\Programme\Avira\AntiVir Desktop\avguard.exe
16:52:28.0620 4124 AntiVirService - ok
16:52:28.0620 4124 AppMgmt - ok
16:52:28.0652 4124 [ 875F9079CABEE679D34B49E466B61701 ] ASAPIW2K D:\WINDOWS\system32\drivers\ASAPIW2k.sys
16:52:28.0652 4124 ASAPIW2K ( UnsignedFile.Multi.Generic ) - warning
16:52:28.0652 4124 ASAPIW2K - detected UnsignedFile.Multi.Generic (1)
16:52:28.0667 4124 asc - ok
16:52:28.0667 4124 asc3350p - ok
16:52:28.0667 4124 asc3550 - ok
16:52:28.0730 4124 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:52:28.0745 4124 aspnet_state - ok
16:52:28.0777 4124 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac D:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:52:28.0870 4124 AsyncMac - ok
16:52:28.0870 4124 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi D:\WINDOWS\system32\DRIVERS\atapi.sys
16:52:28.0964 4124 atapi - ok
16:52:28.0964 4124 Atdisk - ok
16:52:28.0995 4124 [ E4F45E3B56003B41E7C7863F79F4C108 ] Ati HotKey Poller D:\WINDOWS\system32\Ati2evxx.exe
16:52:29.0042 4124 Ati HotKey Poller - ok
16:52:29.0058 4124 [ CAA47AC25FAEB61B0FEC0B44A02119A0 ] ATI Smart D:\WINDOWS\system32\ati2sgag.exe
16:52:29.0089 4124 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
16:52:29.0089 4124 ATI Smart - detected UnsignedFile.Multi.Generic (1)
16:52:29.0152 4124 [ ED24215D4223C60989F02E196A1FFF73 ] ati2mtag D:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:52:29.0261 4124 ati2mtag - ok
16:52:29.0277 4124 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc D:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:52:29.0355 4124 Atmarpc - ok
16:52:29.0386 4124 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv D:\WINDOWS\System32\audiosrv.dll
16:52:29.0464 4124 AudioSrv - ok
16:52:29.0480 4124 [ D9F724AA26C010A217C97606B160ED68 ] audstub D:\WINDOWS\system32\DRIVERS\audstub.sys
16:52:29.0558 4124 audstub - ok
16:52:29.0558 4124 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt D:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:52:29.0573 4124 avgntflt - ok
16:52:29.0589 4124 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb D:\WINDOWS\system32\DRIVERS\avipbb.sys
16:52:29.0605 4124 avipbb - ok
16:52:29.0605 4124 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr D:\WINDOWS\system32\DRIVERS\avkmgr.sys
16:52:29.0620 4124 avkmgr - ok
16:52:29.0636 4124 [ D16C201E44F7D1F7A65C4D20C6929AF8 ] AVMUNET D:\WINDOWS\system32\DRIVERS\avmunet.sys
16:52:29.0667 4124 AVMUNET - ok
16:52:29.0698 4124 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep D:\WINDOWS\system32\drivers\Beep.sys
16:52:29.0792 4124 Beep - ok
16:52:29.0808 4124 [ D6F603772A789BB3228F310D650B8BD1 ] BITS D:\WINDOWS\system32\qmgr.dll
16:52:29.0902 4124 BITS - ok
16:52:29.0917 4124 [ B71549F23736ADF83A571061C47777FD ] Browser D:\WINDOWS\System32\browser.dll
16:52:29.0980 4124 Browser - ok
16:52:29.0995 4124 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k D:\WINDOWS\system32\drivers\cbidf2k.sys
16:52:30.0105 4124 cbidf2k - ok
16:52:30.0136 4124 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE D:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:52:30.0230 4124 CCDECODE - ok
16:52:30.0230 4124 cd20xrnt - ok
16:52:30.0230 4124 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio D:\WINDOWS\system32\drivers\Cdaudio.sys
16:52:30.0323 4124 Cdaudio - ok
16:52:30.0339 4124 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs D:\WINDOWS\system32\drivers\Cdfs.sys
16:52:30.0417 4124 Cdfs - ok
16:52:30.0433 4124 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom D:\WINDOWS\system32\DRIVERS\cdrom.sys
16:52:30.0511 4124 Cdrom - ok
16:52:30.0511 4124 Changer - ok
16:52:30.0527 4124 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc D:\WINDOWS\system32\cisvc.exe
16:52:30.0620 4124 CiSvc - ok
16:52:30.0652 4124 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv D:\WINDOWS\system32\clipsrv.exe
16:52:30.0730 4124 ClipSrv - ok
16:52:30.0745 4124 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:52:30.0777 4124 clr_optimization_v2.0.50727_32 - ok
16:52:30.0823 4124 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:52:30.0839 4124 clr_optimization_v4.0.30319_32 - ok
16:52:30.0839 4124 CmdIde - ok
16:52:30.0855 4124 COMSysApp - ok
16:52:30.0855 4124 Cpqarray - ok
16:52:30.0870 4124 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc D:\WINDOWS\System32\cryptsvc.dll
16:52:30.0964 4124 CryptSvc - ok
16:52:30.0964 4124 dac2w2k - ok
16:52:30.0964 4124 dac960nt - ok
16:52:30.0995 4124 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch D:\WINDOWS\system32\rpcss.dll
16:52:31.0042 4124 DcomLaunch - ok
16:52:31.0058 4124 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp D:\WINDOWS\System32\dhcpcsvc.dll
16:52:31.0152 4124 Dhcp - ok
16:52:31.0152 4124 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk D:\WINDOWS\system32\DRIVERS\disk.sys
16:52:31.0230 4124 Disk - ok
16:52:31.0230 4124 dmadmin - ok
16:52:31.0261 4124 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot D:\WINDOWS\system32\drivers\dmboot.sys
16:52:31.0355 4124 dmboot - ok
16:52:31.0370 4124 [ 53720AB12B48719D00E327DA470A619A ] dmio D:\WINDOWS\system32\drivers\dmio.sys
16:52:31.0464 4124 dmio - ok
16:52:31.0495 4124 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload D:\WINDOWS\system32\drivers\dmload.sys
16:52:31.0589 4124 dmload - ok
16:52:31.0605 4124 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver D:\WINDOWS\System32\dmserver.dll
16:52:31.0683 4124 dmserver - ok
16:52:31.0698 4124 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic D:\WINDOWS\system32\drivers\DMusic.sys
16:52:31.0777 4124 DMusic - ok
16:52:31.0792 4124 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache D:\WINDOWS\System32\dnsrslvr.dll
16:52:31.0870 4124 Dnscache - ok
16:52:31.0886 4124 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc D:\WINDOWS\System32\dot3svc.dll
16:52:31.0964 4124 Dot3svc - ok
16:52:31.0964 4124 dpti2o - ok
16:52:31.0980 4124 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud D:\WINDOWS\system32\drivers\drmkaud.sys
16:52:32.0073 4124 drmkaud - ok
16:52:32.0089 4124 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost D:\WINDOWS\System32\eapsvc.dll
16:52:32.0167 4124 EapHost - ok
16:52:32.0183 4124 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc D:\WINDOWS\System32\ersvc.dll
16:52:32.0261 4124 ERSvc - ok
16:52:32.0277 4124 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog D:\WINDOWS\system32\services.exe
16:52:32.0277 4124 Eventlog - ok
16:52:32.0292 4124 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem D:\WINDOWS\system32\es.dll
16:52:32.0308 4124 EventSystem - ok
16:52:32.0402 4124 [ A7796E1163C2D1DDF66941F1CE92DFEB ] ExtremeVSSService D:\Programme\SuperFlexible\ExtremeVSS.exe
16:52:32.0542 4124 ExtremeVSSService - ok
16:52:32.0573 4124 [ 38D332A6D56AF32635675F132548343E ] Fastfat D:\WINDOWS\system32\drivers\Fastfat.sys
16:52:32.0652 4124 Fastfat - ok
16:52:32.0667 4124 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility D:\WINDOWS\System32\shsvcs.dll
16:52:32.0698 4124 FastUserSwitchingCompatibility - ok
16:52:32.0714 4124 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc D:\WINDOWS\system32\DRIVERS\fdc.sys
16:52:32.0792 4124 Fdc - ok
16:52:32.0808 4124 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips D:\WINDOWS\system32\drivers\Fips.sys
16:52:32.0886 4124 Fips - ok
16:52:32.0902 4124 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk D:\WINDOWS\system32\drivers\Flpydisk.sys
16:52:32.0980 4124 Flpydisk - ok
16:52:32.0995 4124 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr D:\WINDOWS\system32\drivers\fltmgr.sys
16:52:33.0073 4124 FltMgr - ok
16:52:33.0120 4124 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:52:33.0136 4124 FontCache3.0.0.0 - ok
16:52:33.0136 4124 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec D:\WINDOWS\system32\drivers\Fs_Rec.sys
16:52:33.0230 4124 Fs_Rec - ok
16:52:33.0230 4124 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk D:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:52:33.0339 4124 Ftdisk - ok
16:52:33.0370 4124 [ A72034228A6D8DCD9A1CD70107556E40 ] getPlusHelper D:\Programme\NOS\bin\getPlus_Helper.dll
16:52:33.0370 4124 getPlusHelper - ok
16:52:33.0386 4124 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc D:\WINDOWS\system32\DRIVERS\msgpc.sys
16:52:33.0464 4124 Gpc - ok
16:52:33.0480 4124 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus D:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:52:33.0558 4124 HDAudBus - ok
16:52:33.0589 4124 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:52:33.0667 4124 helpsvc - ok
16:52:33.0683 4124 HidServ - ok
16:52:33.0683 4124 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb D:\WINDOWS\system32\DRIVERS\hidusb.sys
16:52:33.0761 4124 hidusb - ok
16:52:33.0792 4124 [ ED29F14101523A6E0E808107405D452C ] hkmsvc D:\WINDOWS\System32\kmsvc.dll
16:52:33.0870 4124 hkmsvc - ok
16:52:33.0870 4124 hpn - ok
16:52:33.0902 4124 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP D:\WINDOWS\system32\Drivers\HTTP.sys
16:52:33.0948 4124 HTTP - ok
16:52:33.0964 4124 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter D:\WINDOWS\System32\w3ssl.dll
16:52:34.0042 4124 HTTPFilter - ok
16:52:34.0042 4124 i2omgmt - ok
16:52:34.0042 4124 i2omp - ok
16:52:34.0058 4124 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt D:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:52:34.0136 4124 i8042prt - ok
16:52:34.0214 4124 [ 6F95324909B502E2651442C1548AB12F ] IDriverT D:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
16:52:34.0214 4124 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:52:34.0214 4124 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:52:34.0277 4124 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:52:34.0308 4124 idsvc - ok
16:52:34.0323 4124 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi D:\WINDOWS\system32\DRIVERS\imapi.sys
16:52:34.0402 4124 Imapi - ok
16:52:34.0417 4124 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService D:\WINDOWS\system32\imapi.exe
16:52:34.0511 4124 ImapiService - ok
16:52:34.0511 4124 [ 694F2709EA18565F66751857E8F5C3DD ] InCDfs D:\WINDOWS\system32\drivers\InCDfs.sys
16:52:34.0527 4124 InCDfs ( UnsignedFile.Multi.Generic ) - warning
16:52:34.0527 4124 InCDfs - detected UnsignedFile.Multi.Generic (1)
16:52:34.0542 4124 [ 7DAA24D326D3EF94574002BEC52A733D ] InCDPass D:\WINDOWS\system32\DRIVERS\InCDPass.sys
16:52:34.0542 4124 InCDPass ( UnsignedFile.Multi.Generic ) - warning
16:52:34.0542 4124 InCDPass - detected UnsignedFile.Multi.Generic (1)
16:52:34.0542 4124 [ 36DFCB32D75B0FF09DFD405D1C1DE261 ] InCDrec D:\WINDOWS\system32\drivers\InCDrec.sys
16:52:34.0558 4124 InCDrec ( UnsignedFile.Multi.Generic ) - warning
16:52:34.0558 4124 InCDrec - detected UnsignedFile.Multi.Generic (1)
16:52:34.0558 4124 [ C46E8CF2BF9688D5332DD14CF42ACD61 ] incdrm D:\WINDOWS\system32\drivers\incdrm.sys
16:52:34.0558 4124 incdrm ( UnsignedFile.Multi.Generic ) - warning
16:52:34.0558 4124 incdrm - detected UnsignedFile.Multi.Generic (1)
16:52:34.0589 4124 [ 23C4B8DE87887DF9260407BF98001743 ] InCDsrv D:\Programme\Ahead\InCD\InCDsrv.exe
16:52:34.0652 4124 InCDsrv ( UnsignedFile.Multi.Generic ) - warning
16:52:34.0652 4124 InCDsrv - detected UnsignedFile.Multi.Generic (1)
16:52:34.0652 4124 ini910u - ok
16:52:34.0761 4124 [ B2957D6C1226F029230DAC2C46D34286 ] IntcAzAudAddService D:\WINDOWS\system32\drivers\RtkHDAud.sys
16:52:34.0948 4124 IntcAzAudAddService - ok
16:52:34.0948 4124 IntelIde - ok
16:52:34.0964 4124 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw D:\WINDOWS\system32\drivers\ip6fw.sys
16:52:35.0042 4124 Ip6Fw - ok
16:52:35.0073 4124 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver D:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:52:35.0183 4124 IpFilterDriver - ok
16:52:35.0183 4124 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp D:\WINDOWS\system32\DRIVERS\ipinip.sys
16:52:35.0261 4124 IpInIp - ok
16:52:35.0277 4124 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat D:\WINDOWS\system32\DRIVERS\ipnat.sys
16:52:35.0355 4124 IpNat - ok
16:52:35.0355 4124 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec D:\WINDOWS\system32\DRIVERS\ipsec.sys
16:52:35.0448 4124 IPSec - ok
16:52:35.0464 4124 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda D:\WINDOWS\system32\DRIVERS\irda.sys
16:52:35.0542 4124 irda - ok
16:52:35.0542 4124 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM D:\WINDOWS\system32\DRIVERS\irenum.sys
16:52:35.0620 4124 IRENUM - ok
16:52:35.0620 4124 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon D:\WINDOWS\System32\irmon.dll
16:52:35.0698 4124 Irmon - ok
16:52:35.0714 4124 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir D:\WINDOWS\system32\DRIVERS\irsir.sys
16:52:35.0761 4124 irsir - ok
16:52:35.0761 4124 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp D:\WINDOWS\system32\DRIVERS\isapnp.sys
16:52:35.0839 4124 isapnp - ok
16:52:35.0870 4124 [ 6BDF044FED21416D14235F039E49EF1C ] IwUSB D:\WINDOWS\system32\Drivers\IwUSB.sys
16:52:35.0886 4124 IwUSB ( UnsignedFile.Multi.Generic ) - warning
16:52:35.0886 4124 IwUSB - detected UnsignedFile.Multi.Generic (1)
16:52:35.0917 4124 [ 0E410EDC8D0527801B899CF29E60597C ] JavaQuickStarterService D:\Programme\Java\jre6\bin\jqs.exe
16:52:35.0933 4124 JavaQuickStarterService - ok
16:52:35.0933 4124 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass D:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:52:36.0011 4124 Kbdclass - ok
16:52:36.0027 4124 [ 692BCF44383D056AED41B045A323D378 ] kmixer D:\WINDOWS\system32\drivers\kmixer.sys
16:52:36.0120 4124 kmixer - ok
16:52:36.0136 4124 [ B467646C54CC746128904E1654C750C1 ] KSecDD D:\WINDOWS\system32\drivers\KSecDD.sys
16:52:36.0214 4124 KSecDD - ok
16:52:36.0230 4124 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver D:\WINDOWS\System32\srvsvc.dll
16:52:36.0261 4124 lanmanserver - ok
16:52:36.0292 4124 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation D:\WINDOWS\System32\wkssvc.dll
16:52:36.0323 4124 lanmanworkstation - ok
16:52:36.0402 4124 [ 61323B88EFE90F6B144A3611B3ED1D7D ] Lavasoft Ad-Aware Service D:\Programme\Lavasoft\Ad-Aware\AAWService.exe
16:52:36.0448 4124 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - warning
16:52:36.0448 4124 Lavasoft Ad-Aware Service - detected UnsignedFile.Multi.Generic (1)
16:52:36.0464 4124 [ 6C4A3804510AD8E0F0C07B5BE3D44DDB ] Lavasoft Kernexplorer D:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys
16:52:36.0480 4124 Lavasoft Kernexplorer - ok
16:52:36.0495 4124 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd D:\WINDOWS\system32\DRIVERS\Lbd.sys
16:52:36.0511 4124 Lbd - ok
16:52:36.0511 4124 lbrtfdc - ok
16:52:36.0542 4124 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts D:\WINDOWS\System32\lmhsvc.dll
16:52:36.0620 4124 LmHosts - ok
16:52:36.0652 4124 [ 269C14D512B74CC28D2812FF7D1EB066 ] MarvinBus D:\WINDOWS\system32\DRIVERS\MarvinBus.sys
16:52:36.0667 4124 MarvinBus ( UnsignedFile.Multi.Generic ) - warning
16:52:36.0667 4124 MarvinBus - detected UnsignedFile.Multi.Generic (1)
16:52:36.0667 4124 [ B7550A7107281D170CE85524B1488C98 ] Messenger D:\WINDOWS\System32\msgsvc.dll
16:52:36.0777 4124 Messenger - ok
16:52:36.0808 4124 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd D:\WINDOWS\system32\drivers\mnmdd.sys
16:52:36.0902 4124 mnmdd - ok
16:52:36.0933 4124 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc D:\WINDOWS\system32\mnmsrvc.exe
16:52:37.0011 4124 mnmsrvc - ok
16:52:37.0011 4124 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem D:\WINDOWS\system32\drivers\Modem.sys
16:52:37.0089 4124 Modem - ok
16:52:37.0105 4124 [ 54FEE02961C70FD9D4D7E2F87AFA23FA ] motmodem D:\WINDOWS\system32\DRIVERS\motmodem.sys
16:52:37.0245 4124 motmodem - ok
16:52:37.0261 4124 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass D:\WINDOWS\system32\DRIVERS\mouclass.sys
16:52:37.0339 4124 Mouclass - ok
16:52:37.0355 4124 [ 66A6F73C74E1791464160A7065CE711A ] mouhid D:\WINDOWS\system32\DRIVERS\mouhid.sys
16:52:37.0448 4124 mouhid - ok
16:52:37.0448 4124 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr D:\WINDOWS\system32\drivers\MountMgr.sys
16:52:37.0527 4124 MountMgr - ok
16:52:37.0558 4124 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance D:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
16:52:37.0573 4124 MozillaMaintenance - ok
16:52:37.0573 4124 mraid35x - ok
16:52:37.0589 4124 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV D:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:52:37.0667 4124 MRxDAV - ok
16:52:37.0698 4124 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb D:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:52:37.0730 4124 MRxSmb - ok
16:52:37.0761 4124 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC D:\WINDOWS\system32\msdtc.exe
16:52:37.0839 4124 MSDTC - ok
16:52:37.0855 4124 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs D:\WINDOWS\system32\drivers\Msfs.sys
16:52:37.0933 4124 Msfs - ok
16:52:37.0948 4124 MSIServer - ok
16:52:37.0980 4124 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV D:\WINDOWS\system32\drivers\MSKSSRV.sys
16:52:38.0058 4124 MSKSSRV - ok
16:52:38.0073 4124 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK D:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:52:38.0152 4124 MSPCLOCK - ok
16:52:38.0167 4124 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM D:\WINDOWS\system32\drivers\MSPQM.sys
16:52:38.0230 4124 MSPQM - ok
16:52:38.0245 4124 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios D:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:52:38.0323 4124 mssmbios - ok
16:52:38.0511 4124 [ 1B959A0614D575D0AB3B09095F0A8B83 ] MSSQL$PINNACLESYS D:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
16:52:38.0792 4124 MSSQL$PINNACLESYS - ok
16:52:38.0823 4124 [ 1D1B22613EAB9287AF902398867BC93C ] MSSQLServerADHelper D:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
16:52:38.0823 4124 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning
16:52:38.0823 4124 MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)
16:52:38.0855 4124 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE D:\WINDOWS\system32\drivers\MSTEE.sys
16:52:38.0917 4124 MSTEE - ok
16:52:38.0933 4124 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup D:\WINDOWS\system32\drivers\Mup.sys
16:52:38.0948 4124 Mup - ok
16:52:38.0964 4124 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:52:39.0042 4124 NABTSFEC - ok
16:52:39.0073 4124 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent D:\WINDOWS\System32\qagentrt.dll
16:52:39.0152 4124 napagent - ok
16:52:39.0167 4124 [ 1DF7F42665C94B825322FAE71721130D ] NDIS D:\WINDOWS\system32\drivers\NDIS.sys
16:52:39.0261 4124 NDIS - ok
16:52:39.0277 4124 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP D:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:52:39.0355 4124 NdisIP - ok
16:52:39.0402 4124 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi D:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:52:39.0417 4124 NdisTapi - ok
16:52:39.0433 4124 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio D:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:52:39.0511 4124 Ndisuio - ok
16:52:39.0527 4124 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan D:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:52:39.0605 4124 NdisWan - ok
16:52:39.0620 4124 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy D:\WINDOWS\system32\drivers\NDProxy.sys
16:52:39.0636 4124 NDProxy - ok
16:52:39.0652 4124 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS D:\WINDOWS\system32\DRIVERS\netbios.sys
16:52:39.0714 4124 NetBIOS - ok
16:52:39.0730 4124 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT D:\WINDOWS\system32\DRIVERS\netbt.sys
16:52:39.0808 4124 NetBT - ok
16:52:39.0839 4124 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE D:\WINDOWS\system32\netdde.exe
16:52:39.0917 4124 NetDDE - ok
16:52:39.0917 4124 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm D:\WINDOWS\system32\netdde.exe
16:52:39.0995 4124 NetDDEdsdm - ok
16:52:40.0027 4124 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon D:\WINDOWS\system32\lsass.exe
16:52:40.0089 4124 Netlogon - ok
16:52:40.0120 4124 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman D:\WINDOWS\System32\netman.dll
16:52:40.0198 4124 Netman - ok
16:52:40.0214 4124 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:52:40.0230 4124 NetTcpPortSharing - ok
16:52:40.0277 4124 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla D:\WINDOWS\System32\mswsock.dll
16:52:40.0292 4124 Nla - ok
16:52:40.0292 4124 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs D:\WINDOWS\system32\drivers\Npfs.sys
16:52:40.0370 4124 Npfs - ok
16:52:40.0386 4124 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs D:\WINDOWS\system32\drivers\Ntfs.sys
16:52:40.0480 4124 Ntfs - ok
16:52:40.0480 4124 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp D:\WINDOWS\system32\lsass.exe
16:52:40.0558 4124 NtLmSsp - ok
16:52:40.0589 4124 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc D:\WINDOWS\system32\ntmssvc.dll
16:52:40.0667 4124 NtmsSvc - ok
16:52:40.0683 4124 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null D:\WINDOWS\system32\drivers\Null.sys
16:52:40.0777 4124 Null - ok
16:52:40.0808 4124 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt D:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:52:40.0902 4124 NwlnkFlt - ok
16:52:40.0917 4124 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd D:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:52:41.0011 4124 NwlnkFwd - ok
16:52:41.0058 4124 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose D:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
16:52:41.0073 4124 ose - ok
16:52:41.0089 4124 [ F84785660305B9B903FB3BCA8BA29837 ] Parport D:\WINDOWS\system32\DRIVERS\parport.sys
16:52:41.0167 4124 Parport - ok
16:52:41.0167 4124 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr D:\WINDOWS\system32\drivers\PartMgr.sys
16:52:41.0245 4124 PartMgr - ok
16:52:41.0277 4124 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm D:\WINDOWS\system32\drivers\ParVdm.sys
16:52:41.0386 4124 ParVdm - ok
16:52:41.0417 4124 [ 3ADB8BD6154A3EF87496E8FCE9C22493 ] pavboot D:\WINDOWS\system32\drivers\pavboot.sys
16:52:41.0417 4124 pavboot - ok
16:52:41.0433 4124 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI D:\WINDOWS\system32\DRIVERS\pci.sys
16:52:41.0495 4124 PCI - ok
16:52:41.0511 4124 PCIDump - ok
16:52:41.0511 4124 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde D:\WINDOWS\system32\DRIVERS\pciide.sys
16:52:41.0605 4124 PCIIde - ok
16:52:41.0620 4124 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI D:\WINDOWS\system32\drivers\pclepci.sys
16:52:41.0636 4124 PCLEPCI ( UnsignedFile.Multi.Generic ) - warning
16:52:41.0636 4124 PCLEPCI - detected UnsignedFile.Multi.Generic (1)
16:52:41.0652 4124 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia D:\WINDOWS\system32\drivers\Pcmcia.sys
16:52:41.0730 4124 Pcmcia - ok
16:52:41.0730 4124 PDCOMP - ok
16:52:41.0730 4124 PDFRAME - ok
16:52:41.0745 4124 PDRELI - ok
16:52:41.0745 4124 PDRFRAME - ok
16:52:41.0745 4124 perc2 - ok
16:52:41.0761 4124 perc2hib - ok
16:52:41.0792 4124 [ 444F122E68DB44C0589227781F3C8B3F ] pfc D:\WINDOWS\system32\drivers\pfc.sys
16:52:41.0792 4124 pfc ( UnsignedFile.Multi.Generic ) - warning
16:52:41.0792 4124 pfc - detected UnsignedFile.Multi.Generic (1)
16:52:41.0839 4124 [ 478D9A1E760F9089DE19925616689F0D ] PinnacleSys.MediaServer D:\Programme\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
16:52:41.0839 4124 PinnacleSys.MediaServer ( UnsignedFile.Multi.Generic ) - warning
16:52:41.0839 4124 PinnacleSys.MediaServer - detected UnsignedFile.Multi.Generic (1)
16:52:41.0855 4124 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay D:\WINDOWS\system32\services.exe
16:52:41.0855 4124 PlugPlay - ok
16:52:41.0870 4124 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent D:\WINDOWS\system32\lsass.exe
16:52:41.0933 4124 PolicyAgent - ok
16:52:41.0948 4124 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport D:\WINDOWS\system32\DRIVERS\raspptp.sys
16:52:42.0042 4124 PptpMiniport - ok
16:52:42.0042 4124 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor D:\WINDOWS\system32\DRIVERS\processr.sys
16:52:42.0120 4124 Processor - ok
16:52:42.0120 4124 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage D:\WINDOWS\system32\lsass.exe
16:52:42.0198 4124 ProtectedStorage - ok
16:52:42.0198 4124 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched D:\WINDOWS\system32\DRIVERS\psched.sys
16:52:42.0292 4124 PSched - ok
16:52:42.0292 4124 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink D:\WINDOWS\system32\DRIVERS\ptilink.sys
16:52:42.0402 4124 Ptilink - ok
16:52:42.0417 4124 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 D:\WINDOWS\system32\Drivers\PxHelp20.sys
16:52:42.0433 4124 PxHelp20 - ok
16:52:42.0433 4124 ql1080 - ok
16:52:42.0448 4124 Ql10wnt - ok
16:52:42.0448 4124 ql12160 - ok
16:52:42.0448 4124 ql1240 - ok
16:52:42.0448 4124 ql1280 - ok
16:52:42.0464 4124 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd D:\WINDOWS\system32\DRIVERS\rasacd.sys
16:52:42.0558 4124 RasAcd - ok
16:52:42.0589 4124 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto D:\WINDOWS\System32\rasauto.dll
16:52:42.0667 4124 RasAuto - ok
16:52:42.0698 4124 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda D:\WINDOWS\system32\DRIVERS\rasirda.sys
16:52:42.0730 4124 Rasirda - ok
16:52:42.0730 4124 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp D:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:52:42.0808 4124 Rasl2tp - ok
16:52:42.0839 4124 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan D:\WINDOWS\System32\rasmans.dll
16:52:42.0917 4124 RasMan - ok
16:52:42.0933 4124 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe D:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:52:42.0995 4124 RasPppoe - ok
16:52:43.0011 4124 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti D:\WINDOWS\system32\DRIVERS\raspti.sys
16:52:43.0120 4124 Raspti - ok
16:52:43.0136 4124 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss D:\WINDOWS\system32\DRIVERS\rdbss.sys
16:52:43.0198 4124 Rdbss - ok
16:52:43.0214 4124 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD D:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:52:43.0308 4124 RDPCDD - ok
16:52:43.0339 4124 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD D:\WINDOWS\system32\drivers\RDPWD.sys
16:52:43.0386 4124 RDPWD - ok
16:52:43.0402 4124 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr D:\WINDOWS\system32\sessmgr.exe
16:52:43.0480 4124 RDSessMgr - ok
16:52:43.0495 4124 [ ED761D453856F795A7FE056E42C36365 ] redbook D:\WINDOWS\system32\DRIVERS\redbook.sys
16:52:43.0589 4124 redbook - ok
16:52:43.0605 4124 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess D:\WINDOWS\System32\mprdim.dll
16:52:43.0683 4124 RemoteAccess - ok
16:52:43.0683 4124 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator D:\WINDOWS\system32\locator.exe
16:52:43.0761 4124 RpcLocator - ok
16:52:43.0777 4124 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs D:\WINDOWS\system32\rpcss.dll
16:52:43.0808 4124 RpcSs - ok
16:52:43.0839 4124 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP D:\WINDOWS\system32\rsvp.exe
16:52:43.0933 4124 RSVP - ok
16:52:43.0948 4124 [ E10F6C9BD09D8DAE26E29D52C65E6E0F ] RTL8023xp D:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
16:52:43.0995 4124 RTL8023xp - ok
16:52:44.0011 4124 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs D:\WINDOWS\system32\lsass.exe
16:52:44.0089 4124 SamSs - ok
16:52:44.0089 4124 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr D:\WINDOWS\System32\SCardSvr.exe
16:52:44.0167 4124 SCardSvr - ok
16:52:44.0198 4124 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule D:\WINDOWS\system32\schedsvc.dll
16:52:44.0277 4124 Schedule - ok
16:52:44.0292 4124 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv D:\WINDOWS\system32\DRIVERS\secdrv.sys
16:52:44.0370 4124 Secdrv - ok
16:52:44.0417 4124 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon D:\WINDOWS\System32\seclogon.dll
16:52:44.0495 4124 seclogon - ok
16:52:44.0511 4124 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS D:\WINDOWS\system32\sens.dll
16:52:44.0589 4124 SENS - ok
16:52:44.0589 4124 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum D:\WINDOWS\system32\DRIVERS\serenum.sys
16:52:44.0667 4124 serenum - ok
16:52:44.0667 4124 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial D:\WINDOWS\system32\DRIVERS\serial.sys
16:52:44.0745 4124 Serial - ok
16:52:44.0777 4124 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy D:\WINDOWS\system32\drivers\Sfloppy.sys
16:52:44.0855 4124 Sfloppy - ok
16:52:44.0870 4124 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess D:\WINDOWS\System32\ipnathlp.dll
16:52:44.0948 4124 SharedAccess - ok
16:52:44.0964 4124 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection D:\WINDOWS\System32\shsvcs.dll
16:52:44.0964 4124 ShellHWDetection - ok
16:52:44.0980 4124 Simbad - ok
16:52:45.0089 4124 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:52:45.0214 4124 Skype C2C Service - ok
16:52:45.0245 4124 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate D:\Programme\Skype\Updater\Updater.exe
16:52:45.0261 4124 SkypeUpdate - ok
16:52:45.0277 4124 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP D:\WINDOWS\system32\DRIVERS\SLIP.sys
16:52:45.0355 4124 SLIP - ok
16:52:45.0402 4124 [ FFD9B64DB2CD7B74B766C3A8452A5816 ] snapman D:\WINDOWS\system32\DRIVERS\snapman.sys
16:52:45.0417 4124 snapman - ok
16:52:45.0620 4124 [ ABFB29E31DCDE97E04A4568F8F249CA1 ] SNP2STD D:\WINDOWS\system32\DRIVERS\snp2sxp.sys
16:52:45.0980 4124 SNP2STD ( UnsignedFile.Multi.Generic ) - warning
16:52:45.0980 4124 SNP2STD - detected UnsignedFile.Multi.Generic (1)
16:52:45.0995 4124 Sparrow - ok
16:52:46.0042 4124 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter D:\WINDOWS\system32\drivers\splitter.sys
16:52:46.0120 4124 splitter - ok
16:52:46.0152 4124 [ 60784F891563FB1B767F70117FC2428F ] Spooler D:\WINDOWS\system32\spoolsv.exe
16:52:46.0198 4124 Spooler - ok
16:52:46.0214 4124 [ 352E375AB298C23B0F9BC307652C7F50 ] SQLAgent$PINNACLESYS D:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE
16:52:46.0230 4124 SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - warning
16:52:46.0230 4124 SQLAgent$PINNACLESYS - detected UnsignedFile.Multi.Generic (1)
16:52:46.0245 4124 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr D:\WINDOWS\system32\DRIVERS\sr.sys
16:52:46.0323 4124 sr - ok
16:52:46.0323 4124 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice D:\WINDOWS\system32\srsvc.dll
16:52:46.0417 4124 srservice - ok
16:52:46.0433 4124 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv D:\WINDOWS\system32\DRIVERS\srv.sys
16:52:46.0480 4124 Srv - ok
16:52:46.0495 4124 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV D:\WINDOWS\System32\ssdpsrv.dll
16:52:46.0573 4124 SSDPSRV - ok
16:52:46.0605 4124 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv D:\WINDOWS\system32\DRIVERS\ssmdrv.sys
16:52:46.0605 4124 ssmdrv - ok
16:52:46.0620 4124 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc D:\WINDOWS\system32\wiaservc.dll
16:52:46.0698 4124 stisvc - ok
16:52:46.0730 4124 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip D:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:52:46.0808 4124 streamip - ok
16:52:46.0823 4124 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum D:\WINDOWS\system32\DRIVERS\swenum.sys
16:52:46.0886 4124 swenum - ok
16:52:46.0902 4124 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi D:\WINDOWS\system32\drivers\swmidi.sys
16:52:46.0980 4124 swmidi - ok
16:52:46.0980 4124 SwPrv - ok
16:52:46.0995 4124 symc810 - ok
16:52:46.0995 4124 symc8xx - ok
16:52:46.0995 4124 sym_hi - ok
16:52:46.0995 4124 sym_u3 - ok
16:52:47.0011 4124 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio D:\WINDOWS\system32\drivers\sysaudio.sys
16:52:47.0105 4124 sysaudio - ok
16:52:47.0120 4124 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog D:\WINDOWS\system32\smlogsvc.exe
16:52:47.0198 4124 SysmonLog - ok
16:52:47.0214 4124 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv D:\WINDOWS\System32\tapisrv.dll
16:52:47.0292 4124 TapiSrv - ok
16:52:47.0339 4124 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip D:\WINDOWS\system32\DRIVERS\tcpip.sys
16:52:47.0355 4124 Tcpip - ok
16:52:47.0386 4124 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE D:\WINDOWS\system32\drivers\TDPIPE.sys
16:52:47.0464 4124 TDPIPE - ok
16:52:47.0511 4124 [ 3630F5B8181554DEECFE2E4252BC4C4C ] tdrpman251 D:\WINDOWS\system32\DRIVERS\tdrpm251.sys
16:52:47.0558 4124 tdrpman251 - ok
16:52:47.0589 4124 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP D:\WINDOWS\system32\drivers\TDTCP.sys
16:52:47.0652 4124 TDTCP - ok
16:52:47.0667 4124 [ 88155247177638048422893737429D9E ] TermDD D:\WINDOWS\system32\DRIVERS\termdd.sys
16:52:47.0730 4124 TermDD - ok
16:52:47.0761 4124 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService D:\WINDOWS\System32\termsrv.dll
16:52:47.0839 4124 TermService - ok
16:52:47.0855 4124 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes D:\WINDOWS\System32\shsvcs.dll
16:52:47.0870 4124 Themes - ok
16:52:47.0886 4124 [ C820BFC70FEB25EC877C49E81CD477C1 ] timounter D:\WINDOWS\system32\DRIVERS\timntr.sys
16:52:47.0917 4124 timounter - ok
16:52:47.0917 4124 TosIde - ok
16:52:47.0933 4124 [ 626504572B175867F30F3215C04B3E2F ] TrkWks D:\WINDOWS\system32\trkwks.dll
16:52:48.0011 4124 TrkWks - ok
16:52:48.0042 4124 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs D:\WINDOWS\system32\drivers\Udfs.sys
16:52:48.0120 4124 Udfs - ok
16:52:48.0136 4124 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper D:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
16:52:48.0136 4124 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
16:52:48.0136 4124 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
16:52:48.0136 4124 ultra - ok
16:52:48.0152 4124 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update D:\WINDOWS\system32\DRIVERS\update.sys
16:52:48.0245 4124 Update - ok
16:52:48.0245 4124 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost D:\WINDOWS\System32\upnphost.dll
16:52:48.0339 4124 upnphost - ok
16:52:48.0370 4124 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS D:\WINDOWS\System32\ups.exe
16:52:48.0464 4124 UPS - ok
16:52:48.0480 4124 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci D:\WINDOWS\system32\DRIVERS\usbehci.sys
16:52:48.0542 4124 usbehci - ok
16:52:48.0558 4124 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub D:\WINDOWS\system32\DRIVERS\usbhub.sys
16:52:48.0636 4124 usbhub - ok
16:52:48.0636 4124 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci D:\WINDOWS\system32\DRIVERS\usbohci.sys
16:52:48.0698 4124 usbohci - ok
16:52:48.0745 4124 [ CAAD3467FBFAE8A380F67E9C7150A85E ] usbsermpt D:\WINDOWS\system32\DRIVERS\usbsermpt.sys
16:52:48.0745 4124 usbsermpt ( UnsignedFile.Multi.Generic ) - warning
16:52:48.0745 4124 usbsermpt - detected UnsignedFile.Multi.Generic (1)
16:52:48.0777 4124 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:52:48.0855 4124 USBSTOR - ok
16:52:48.0870 4124 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave D:\WINDOWS\System32\drivers\vga.sys
16:52:48.0933 4124 VgaSave - ok
16:52:48.0948 4124 ViaIde - ok
16:52:48.0948 4124 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap D:\WINDOWS\system32\drivers\VolSnap.sys
16:52:49.0027 4124 VolSnap - ok
16:52:49.0042 4124 [ 68F106273BE29E7B7EF8266977268E78 ] VSS D:\WINDOWS\System32\vssvc.exe
16:52:49.0120 4124 VSS - ok
16:52:49.0152 4124 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time D:\WINDOWS\system32\w32time.dll
16:52:49.0230 4124 W32Time - ok
16:52:49.0230 4124 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp D:\WINDOWS\system32\DRIVERS\wanarp.sys
16:52:49.0308 4124 Wanarp - ok
16:52:49.0339 4124 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 D:\WINDOWS\system32\DRIVERS\Wdf01000.sys
16:52:49.0370 4124 Wdf01000 - ok
16:52:49.0370 4124 WDICA - ok
16:52:49.0417 4124 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud D:\WINDOWS\system32\drivers\wdmaud.sys
16:52:49.0495 4124 wdmaud - ok
16:52:49.0527 4124 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient D:\WINDOWS\System32\webclnt.dll
16:52:49.0605 4124 WebClient - ok
16:52:49.0667 4124 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt D:\WINDOWS\system32\wbem\WMIsvc.dll
16:52:49.0745 4124 winmgmt - ok
16:52:49.0777 4124 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN D:\WINDOWS\system32\MsPMSNSv.dll
16:52:49.0839 4124 WmdmPmSN - ok
16:52:49.0855 4124 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv D:\WINDOWS\system32\wbem\wmiapsrv.exe
16:52:49.0933 4124 WmiApSrv - ok
16:52:49.0980 4124 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc D:\Programme\Windows Media Player\WMPNetwk.exe
16:52:50.0027 4124 WMPNetworkSvc - ok
16:52:50.0089 4124 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:52:50.0120 4124 WPFFontCache_v0400 - ok
16:52:50.0152 4124 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc D:\WINDOWS\system32\wscsvc.dll
16:52:50.0230 4124 wscsvc - ok
16:52:50.0245 4124 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:52:50.0339 4124 WSTCODEC - ok
16:52:50.0339 4124 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv D:\WINDOWS\system32\wuauserv.dll
16:52:50.0433 4124 wuauserv - ok
16:52:50.0433 4124 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf D:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:52:50.0464 4124 WudfPf - ok
16:52:50.0480 4124 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd D:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:52:50.0480 4124 WudfRd - ok
16:52:50.0527 4124 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc D:\WINDOWS\System32\WUDFSvc.dll
16:52:50.0542 4124 WudfSvc - ok
16:52:50.0573 4124 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC D:\WINDOWS\System32\wzcsvc.dll
16:52:50.0652 4124 WZCSVC - ok
16:52:50.0683 4124 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov D:\WINDOWS\System32\xmlprov.dll
16:52:50.0761 4124 xmlprov - ok
16:52:50.0823 4124 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService D:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:52:50.0839 4124 YahooAUService - ok
16:52:50.0855 4124 ================ Scan global ===============================
16:52:50.0870 4124 [ 2C60091CA5F67C3032EAB3B30390C27F ] D:\WINDOWS\system32\basesrv.dll
16:52:50.0902 4124 [ A28CE25B59C90E12743001A1F2AE3613 ] D:\WINDOWS\system32\winsrv.dll
16:52:50.0917 4124 [ A28CE25B59C90E12743001A1F2AE3613 ] D:\WINDOWS\system32\winsrv.dll
16:52:50.0933 4124 [ A3EDBE9053889FB24AB22492472B39DC ] D:\WINDOWS\system32\services.exe
16:52:50.0933 4124 [Global] - ok
16:52:50.0933 4124 ================ Scan MBR ==================================
16:52:50.0948 4124 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
16:52:51.0230 4124 \Device\Harddisk0\DR0 - ok
16:52:51.0230 4124 ================ Scan VBR ==================================
16:52:51.0230 4124 [ 3369F50FBBF4547D73B4C66F861B1205 ] \Device\Harddisk0\DR0\Partition1
16:52:51.0230 4124 \Device\Harddisk0\DR0\Partition1 - ok
16:52:51.0230 4124 [ C4F4B20A418358C03A165F6E8D54A748 ] \Device\Harddisk0\DR0\Partition2
16:52:51.0230 4124 \Device\Harddisk0\DR0\Partition2 - ok
16:52:51.0245 4124 [ E2BF2182EB0D30D68A58587B5A30038F ] \Device\Harddisk0\DR0\Partition3
16:52:51.0261 4124 \Device\Harddisk0\DR0\Partition3 - ok
16:52:51.0261 4124 ============================================================
16:52:51.0261 4124 Scan finished
16:52:51.0261 4124 ============================================================
16:52:51.0370 5480 Detected object count: 19
16:52:51.0370 5480 Actual detected object count: 19
16:53:52.0042 5480 ASAPIW2K ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0042 5480 ASAPIW2K ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0042 5480 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0042 5480 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0058 5480 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0058 5480 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0058 5480 InCDfs ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0058 5480 InCDfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0058 5480 InCDPass ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0058 5480 InCDPass ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0058 5480 InCDrec ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0058 5480 InCDrec ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0058 5480 incdrm ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0058 5480 incdrm ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0058 5480 InCDsrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0058 5480 InCDsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0058 5480 IwUSB ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0058 5480 IwUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0073 5480 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0073 5480 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0073 5480 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0073 5480 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0073 5480 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0073 5480 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0073 5480 PCLEPCI ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0073 5480 PCLEPCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0073 5480 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0073 5480 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0073 5480 PinnacleSys.MediaServer ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0073 5480 PinnacleSys.MediaServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0073 5480 SNP2STD ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0073 5480 SNP2STD ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0073 5480 SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0073 5480 SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0073 5480 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0073 5480 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:52.0089 5480 usbsermpt ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:52.0089 5480 usbsermpt ( UnsignedFile.Multi.Generic ) - User select action: Skip
Geändert von Vorlone (03.10.2012 um 16:16 Uhr) |
|
03.10.2012, 19:37
| #36 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | chatZum und searchsafer.com unerwünscht von softonic Spybot ist eh fast wirklungslos, beschränke dich auf vernünftige Sicherheitsmaßnahmen und max. einem Virenscanner plus Malwarebytes - mehr an Software ist völlig übertrieben! Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ --> chatZum und searchsafer.com unerwünscht von softonic |
Linear-Darstellung
