Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.10.2012, 15:24   #31
TimdZ
 
EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Schade...das war's leider auch nicht...
Bin nun bei 20 min. Bootzeit.
Gibt es eigentlich einen Bootscanner, der aufzeichnet, was da geschieht?
Wäre es sinnvoll, mal die Festplatte zu prüfen?
Das letzte mal, als alles richtig flott lief, war direkt nach dem Combofix.

Viele Grüße
Tim

Alt 05.10.2012, 17:11   #32
schrauber
/// the machine
/// TB-Ausbilder
 

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Lösch mal bitte Combofix falls noch vorhanden und lad ne neue Version lass laufen und poste das Logfile
__________________

__________________

Alt 05.10.2012, 19:12   #33
TimdZ
 
EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Hallo schrauber,

hier das aktuelle Combofix-Logfile:

[Code]
Combofix Logfile:
Code:
ATTFilter
ComboFix 12-10-04.02 - USERNAME 05.10.2012  19:48:11.2.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.2038.939 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\USERNAME\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-09-05 bis 2012-10-05  ))))))))))))))))))))))))))))))
.
.
2012-10-04 20:16 . 2008-04-14 01:22	116736	----a-w-	c:\windows\system32\dllcache\xrxwiadr.dll
2012-10-04 20:16 . 2001-08-18 02:54	23040	----a-w-	c:\windows\system32\dllcache\xrxwbtmp.dll
2012-10-04 20:16 . 2008-04-14 01:22	19456	----a-w-	c:\windows\system32\dllcache\xrxscnui.dll
2012-10-04 20:16 . 2001-08-18 02:55	27648	----a-w-	c:\windows\system32\dllcache\xrxftplt.exe
2012-10-04 20:16 . 2001-08-18 02:55	4608	----a-w-	c:\windows\system32\dllcache\xrxflnch.exe
2012-10-04 20:16 . 2001-08-18 02:55	99865	----a-w-	c:\windows\system32\dllcache\xlog.exe
2012-10-04 20:16 . 2001-08-17 10:11	16970	----a-w-	c:\windows\system32\dllcache\xem336n5.sys
2012-10-04 20:16 . 2004-08-03 20:29	19455	----a-w-	c:\windows\system32\dllcache\wvchntxx.sys
2012-10-04 20:16 . 2004-08-03 20:29	12063	----a-w-	c:\windows\system32\dllcache\wsiintxx.sys
2012-10-04 20:14 . 2004-08-03 20:31	154624	----a-w-	c:\windows\system32\dllcache\wlluc48.sys
2012-10-04 20:14 . 2001-08-18 02:24	35402	----a-w-	c:\windows\system32\dllcache\wlandrv2.sys
2012-10-04 20:14 . 2001-08-17 11:28	771581	----a-w-	c:\windows\system32\dllcache\winacisa.sys
2012-10-04 20:14 . 2001-08-18 02:54	54272	----a-w-	c:\windows\system32\dllcache\wiamsmud.dll
2012-10-04 20:14 . 2001-08-18 02:54	87040	----a-w-	c:\windows\system32\dllcache\wiafbdrv.dll
2012-10-04 20:14 . 2001-08-17 11:28	701386	----a-w-	c:\windows\system32\dllcache\wdhaalba.sys
2012-10-04 20:14 . 2004-08-03 20:29	23615	----a-w-	c:\windows\system32\dllcache\wch7xxnt.sys
2012-10-04 20:14 . 2008-04-14 00:52	32000	----a-w-	c:\windows\system32\dllcache\wceusbsh.sys
2012-10-04 20:14 . 2001-08-17 10:10	35871	----a-w-	c:\windows\system32\dllcache\wbfirdma.sys
2012-10-04 20:12 . 2001-08-17 11:28	687999	----a-w-	c:\windows\system32\dllcache\usrwdxjs.sys
2012-10-04 20:12 . 2001-08-17 11:28	765884	----a-w-	c:\windows\system32\dllcache\usrti.sys
2012-10-04 20:12 . 2001-08-17 11:28	113762	----a-w-	c:\windows\system32\dllcache\usrpda.sys
2012-10-04 20:12 . 2001-08-17 11:28	7556	----a-w-	c:\windows\system32\dllcache\usroslba.sys
2012-10-04 20:12 . 2001-08-17 11:28	224802	----a-w-	c:\windows\system32\dllcache\usr1807a.sys
2012-10-04 20:12 . 2001-08-17 11:28	794399	----a-w-	c:\windows\system32\dllcache\usr1806v.sys
2012-10-04 20:12 . 2001-08-17 11:28	793598	----a-w-	c:\windows\system32\dllcache\usr1806.sys
2012-10-04 20:12 . 2001-08-17 11:28	794654	----a-w-	c:\windows\system32\dllcache\usr1801.sys
2012-10-04 20:12 . 2008-04-13 17:45	17152	----a-w-	c:\windows\system32\dllcache\usbohci.sys
2012-10-04 20:12 . 2008-04-13 17:45	60032	----a-w-	c:\windows\system32\dllcache\usbaudio.sys
2012-10-04 20:12 . 2004-08-03 22:43	32384	----a-w-	c:\windows\system32\dllcache\usb101et.sys
2012-10-04 20:12 . 2001-08-18 02:54	94720	----a-w-	c:\windows\system32\dllcache\umaxud32.dll
2012-10-04 20:12 . 2001-08-18 02:54	28672	----a-w-	c:\windows\system32\dllcache\umaxu40.dll
2012-10-04 20:10 . 2001-08-18 02:52	315520	----a-w-	c:\windows\system32\dllcache\trid3d.dll
2012-10-04 20:10 . 2001-08-17 10:12	34375	----a-w-	c:\windows\system32\dllcache\tpro4.sys
2012-10-04 20:10 . 2001-08-18 02:52	43520	----a-w-	c:\windows\system32\dllcache\tp4res.dll
2012-10-04 20:10 . 2008-04-14 01:23	82944	----a-w-	c:\windows\system32\dllcache\tp4mon.exe
2012-10-04 20:10 . 2001-08-18 02:54	31744	----a-w-	c:\windows\system32\dllcache\tp4.dll
2012-10-04 20:10 . 2001-08-17 12:02	230912	----a-w-	c:\windows\system32\dllcache\tosdvd03.sys
2012-10-04 20:10 . 2001-08-17 12:01	241664	----a-w-	c:\windows\system32\dllcache\tosdvd02.sys
2012-10-04 20:10 . 2001-08-17 10:10	28232	----a-w-	c:\windows\system32\dllcache\tos4mo.sys
2012-10-04 20:10 . 2001-08-17 10:14	123995	----a-w-	c:\windows\system32\dllcache\tjisdn.sys
2012-10-04 20:10 . 2001-08-17 10:51	138528	----a-w-	c:\windows\system32\dllcache\tgiulnt5.sys
2012-10-04 20:10 . 2001-08-18 02:52	81408	----a-w-	c:\windows\system32\dllcache\tgiul50.dll
2012-10-04 20:10 . 2008-04-13 17:40	149376	----a-w-	c:\windows\system32\dllcache\tffsport.sys
2012-10-04 20:09 . 2001-08-17 10:13	17129	----a-w-	c:\windows\system32\dllcache\tdkcd31.sys
2012-10-04 20:09 . 2001-08-17 10:13	37961	----a-w-	c:\windows\system32\dllcache\tdk100b.sys
2012-10-04 20:09 . 2001-08-17 11:49	30464	----a-w-	c:\windows\system32\dllcache\tbatm155.sys
2012-10-04 20:09 . 2001-08-17 11:52	7040	----a-w-	c:\windows\system32\dllcache\tandqic.sys
2012-10-04 20:09 . 2001-08-17 10:50	36640	----a-w-	c:\windows\system32\dllcache\t2r4mini.sys
2012-10-04 20:09 . 2001-08-18 02:52	172768	----a-w-	c:\windows\system32\dllcache\t2r4disp.dll
2012-10-04 20:09 . 2001-08-18 02:54	94293	----a-w-	c:\windows\system32\dllcache\sxports.dll
2012-10-04 20:09 . 2001-08-17 11:50	103936	----a-w-	c:\windows\system32\dllcache\sx.sys
2012-10-04 20:09 . 2001-08-17 12:02	3968	----a-w-	c:\windows\system32\dllcache\swusbflt.sys
2012-10-04 20:09 . 2001-08-18 02:54	10240	----a-w-	c:\windows\system32\dllcache\swpidflt.dll
2012-10-04 20:09 . 2001-08-18 02:54	10240	----a-w-	c:\windows\system32\dllcache\swpdflt2.dll
2012-10-04 20:09 . 2001-08-18 02:54	53760	----a-w-	c:\windows\system32\dllcache\sw_wheel.dll
2012-10-04 20:08 . 2001-08-18 02:54	41472	----a-w-	c:\windows\system32\dllcache\sw_effct.dll
2012-10-04 20:08 . 2001-08-18 02:54	159744	----a-w-	c:\windows\system32\dllcache\stlnprop.dll
2012-10-04 20:08 . 2001-08-18 02:54	53248	----a-w-	c:\windows\system32\dllcache\stlncoin.dll
2012-10-04 20:08 . 2001-08-18 02:18	287232	----a-w-	c:\windows\system32\dllcache\stlnata.sys
2012-10-04 20:08 . 2001-08-18 02:18	17152	----a-w-	c:\windows\system32\dllcache\stcusb.sys
2012-10-04 20:08 . 2001-08-17 10:11	48736	----a-w-	c:\windows\system32\dllcache\srwlnd5.sys
2012-10-04 20:08 . 2001-08-18 02:54	99328	----a-w-	c:\windows\system32\dllcache\srusd.dll
2012-10-04 20:08 . 2001-08-18 02:54	24660	----a-w-	c:\windows\system32\dllcache\spxupchk.dll
2012-10-04 20:08 . 2001-08-17 11:51	61824	----a-w-	c:\windows\system32\dllcache\speed.sys
2012-10-04 20:08 . 2001-08-18 02:54	110680	----a-w-	c:\windows\system32\dllcache\spdports.dll
2012-10-04 20:07 . 2001-08-17 10:51	37040	----a-w-	c:\windows\system32\dllcache\sonypi.sys
2012-10-04 20:07 . 2001-08-18 02:54	114688	----a-w-	c:\windows\system32\dllcache\sonypi.dll
2012-10-04 20:07 . 2001-08-17 10:51	20752	----a-w-	c:\windows\system32\dllcache\sonync.sys
2012-10-04 20:07 . 2001-08-17 11:53	9600	----a-w-	c:\windows\system32\dllcache\sonymc.sys
2012-10-04 20:07 . 2008-04-13 17:40	7552	----a-w-	c:\windows\system32\dllcache\sonyait.sys
2012-10-04 20:07 . 2001-08-17 11:53	7040	----a-w-	c:\windows\system32\dllcache\snyaitmc.sys
2012-10-04 20:07 . 2001-08-17 10:51	58368	----a-w-	c:\windows\system32\dllcache\smiminib.sys
2012-10-04 20:07 . 2001-08-18 02:52	147200	----a-w-	c:\windows\system32\dllcache\smidispb.dll
2012-10-04 20:07 . 2001-08-17 10:12	25034	----a-w-	c:\windows\system32\dllcache\smcpwr2n.sys
2012-10-04 20:07 . 2001-08-18 02:35	35913	----a-w-	c:\windows\system32\dllcache\smcirda.sys
2012-10-04 20:05 . 2001-08-17 10:50	68608	----a-w-	c:\windows\system32\dllcache\sis6306p.sys
2012-10-04 20:05 . 2001-08-18 02:52	252032	----a-w-	c:\windows\system32\dllcache\sis300iv.dll
2012-10-04 20:05 . 2001-08-17 10:50	101760	----a-w-	c:\windows\system32\dllcache\sis300ip.sys
2012-10-04 20:05 . 2001-08-18 02:35	161888	----a-w-	c:\windows\system32\dllcache\sgsmusb.sys
2012-10-04 20:05 . 2001-07-21 12:29	18400	----a-w-	c:\windows\system32\dllcache\sgsmld.sys
2012-10-04 20:05 . 2001-08-17 10:51	98080	----a-w-	c:\windows\system32\dllcache\sgiulnt5.sys
2012-10-04 20:05 . 2001-08-18 02:52	386560	----a-w-	c:\windows\system32\dllcache\sgiul50.dll
2012-10-04 20:05 . 2001-08-17 10:19	36480	----a-w-	c:\windows\system32\dllcache\sfmanm.sys
2012-10-04 20:03 . 2001-08-18 02:52	198400	----a-w-	c:\windows\system32\dllcache\s3sav4.dll
2012-10-04 20:02 . 2001-08-17 10:19	3840	----a-w-	c:\windows\system32\dllcache\rpfun.sys
2012-10-04 20:02 . 2008-04-14 00:53	79360	----a-w-	c:\windows\system32\dllcache\rocket.sys
2012-10-04 20:02 . 2001-08-17 10:12	37563	----a-w-	c:\windows\system32\dllcache\rlnet5.sys
2012-10-04 20:02 . 2001-08-18 02:54	86097	----a-w-	c:\windows\system32\dllcache\reslog32.dll
2012-10-04 20:02 . 2001-08-18 02:33	715242	----a-w-	c:\windows\system32\dllcache\r2mdmkxx.sys
2012-10-04 20:02 . 2001-08-18 02:33	899658	----a-w-	c:\windows\system32\dllcache\r2mdkxga.sys
2012-10-04 20:02 . 2001-08-18 02:54	41472	----a-w-	c:\windows\system32\dllcache\qvusd.dll
2012-10-04 20:02 . 2001-08-17 11:53	3328	----a-w-	c:\windows\system32\dllcache\qv2kux.sys
2012-10-04 20:00 . 2001-08-18 02:54	121344	----a-w-	c:\windows\system32\dllcache\phvfwext.dll
2012-10-04 19:59 . 2004-08-03 20:31	29502	----a-w-	c:\windows\system32\dllcache\pca200e.sys
2012-10-04 19:58 . 2001-08-17 10:50	198144	----a-w-	c:\windows\system32\dllcache\nv3.sys
2012-10-04 19:58 . 2001-08-18 02:52	123776	----a-w-	c:\windows\system32\dllcache\nv3.dll
2012-10-04 19:58 . 2001-08-17 10:49	51552	----a-w-	c:\windows\system32\dllcache\ntgrip.sys
2012-10-04 19:58 . 2001-08-18 02:27	9472	----a-w-	c:\windows\system32\dllcache\ntapm.sys
2012-10-04 19:58 . 2001-08-17 11:53	7552	----a-w-	c:\windows\system32\dllcache\nsmmc.sys
2012-10-04 19:58 . 2001-08-17 10:20	87040	----a-w-	c:\windows\system32\dllcache\nm6wdm.sys
2012-10-04 19:58 . 2001-08-17 10:20	126080	----a-w-	c:\windows\system32\dllcache\nm5a2wdm.sys
2012-10-04 19:57 . 2001-08-17 10:12	32840	----a-w-	c:\windows\system32\dllcache\ngrpci.sys
2012-10-04 19:57 . 2004-08-03 22:49	132695	----a-w-	c:\windows\system32\dllcache\netwlan5.sys
2012-10-04 19:57 . 2001-08-18 02:26	65406	----a-w-	c:\windows\system32\dllcache\netflx3.sys
2012-10-04 19:57 . 2001-08-17 10:50	39264	----a-w-	c:\windows\system32\dllcache\neo20xx.sys
2012-10-04 19:57 . 2001-08-18 02:52	60480	----a-w-	c:\windows\system32\dllcache\neo20xx.dll
2012-10-04 19:57 . 2001-08-17 11:49	15872	----a-w-	c:\windows\system32\dllcache\ne2000.sys
2012-10-04 19:57 . 2001-08-18 02:52	91488	----a-w-	c:\windows\system32\dllcache\n9i3disp.dll
2012-10-04 19:57 . 2001-08-17 10:50	27936	----a-w-	c:\windows\system32\dllcache\n9i3d.sys
2012-10-04 19:57 . 2001-08-17 10:50	33088	----a-w-	c:\windows\system32\dllcache\n9i128v2.sys
2012-10-04 19:57 . 2001-08-18 02:52	59104	----a-w-	c:\windows\system32\dllcache\n9i128v2.dll
2012-10-04 19:57 . 2001-08-17 10:50	13664	----a-w-	c:\windows\system32\dllcache\n9i128.sys
2012-10-04 19:57 . 2001-08-18 02:52	35392	----a-w-	c:\windows\system32\dllcache\n9i128.dll
2012-10-04 19:56 . 2001-08-18 02:25	130048	----a-w-	c:\windows\system32\dllcache\n100325.sys
2012-10-04 19:56 . 2001-08-18 02:25	53279	----a-w-	c:\windows\system32\dllcache\n1000nt5.sys
2012-10-04 19:56 . 2001-08-18 02:25	76288	----a-w-	c:\windows\system32\dllcache\mxport.sys
2012-10-04 19:56 . 2001-08-18 02:54	7168	----a-w-	c:\windows\system32\dllcache\mxport.dll
2012-10-04 19:56 . 2001-08-17 11:49	19968	----a-w-	c:\windows\system32\dllcache\mxnic.sys
2012-10-04 19:56 . 2001-08-18 02:54	20480	----a-w-	c:\windows\system32\dllcache\mxicfg.dll
2012-10-04 19:56 . 2001-08-18 02:25	22144	----a-w-	c:\windows\system32\dllcache\mxcard.sys
2012-10-04 19:56 . 2001-08-17 10:50	103296	----a-w-	c:\windows\system32\dllcache\mtxvideo.sys
2012-10-04 19:56 . 2008-04-13 17:46	49024	----a-w-	c:\windows\system32\dllcache\mstape.sys
2012-10-04 19:56 . 2001-08-17 11:48	12416	----a-w-	c:\windows\system32\dllcache\msriffwv.sys
2012-10-04 19:55 . 2001-08-17 12:00	2944	----a-w-	c:\windows\system32\dllcache\msmpu401.sys
2012-10-04 19:55 . 2001-08-17 12:02	35200	----a-w-	c:\windows\system32\dllcache\msgame.sys
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-31 14:54 . 2012-08-31 14:55	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-08-31 14:54 . 2012-06-16 04:47	143872	----a-w-	c:\windows\system32\javacpl.cpl
2012-08-31 14:54 . 2012-06-16 04:47	821736	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-08-31 14:54 . 2010-05-13 08:58	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-08-28 15:05 . 2007-12-07 01:06	916992	----a-w-	c:\windows\system32\wininet.dll
2012-08-28 15:05 . 2004-08-04 04:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2012-08-28 15:05 . 2004-08-04 04:00	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-04 04:00	385024	----a-w-	c:\windows\system32\html.iec
2012-08-22 19:53 . 2012-03-29 12:35	696520	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-08-22 19:53 . 2011-05-30 13:42	73416	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-08 07:11 . 2011-10-07 12:37	266720	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06	163328	--sha-r-	c:\windows\system32\flvDX.dll
2007-02-21 11:47	31232	--sha-r-	c:\windows\system32\msfDX.dll
2008-03-16 13:30	216064	--sha-r-	c:\windows\system32\nbDX.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\system32\TAKDSDecoder.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-11-21 17:34 . C3A2915C71AE6F225EB906C25CCD29B5 . 24064 . . [1.0.0.5] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-11-21 17:34 . C3A2915C71AE6F225EB906C25CCD29B5 . 24064 . . [1.0.0.5] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-04 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12	121528	----a-w-	c:\programme\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\programme\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"SynTPStart"="c:\programme\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-07-03 252848]
"StarteLock"="c:\acer\Empowering Technology\eLock\Service\startelock.exe" [2008-04-30 24576]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-09-17 614400]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-28 16132608]
"preload"="c:\windows\RUNXMLPL.exe" [2007-04-21 20480]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-13 138008]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-10-17 858632]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"IJNetworkScanUtility"="c:\programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-06-17 128608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-13 142104]
"IAAnotif"="c:\programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-13 162584]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2007-07-11 421888]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2008-01-07 343552]
"CanonSolutionMenu"="c:\programme\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\programme\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"AzMixerSel"="c:\programme\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"Acrobat Assistant 7.0"="c:\programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2007-03-02 208896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-11-21 24064]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
WinColor.exe.lnk - c:\programme\Pro Imaging Powertoys\Microsoft Color Control Panel Applet for Windows XP\WinColor.exe [2005-10-31 371456]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Scrabblev2_0\\Scrabble v2.0.exe"=
"c:\\Programme\\Opera\\opera.exe"=
"c:\\Programme\\FRITZ!\\FriFax32.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Programme\\FRITZ!DSL\\IGDCTRL.EXE"=
"c:\\Programme\\FRITZ!DSL\\FBOXUPD.EXE"=
"c:\\Programme\\FRITZ!DSL\\WebwaIgd.exe"=
"c:\\Dokumente und Einstellungen\\USERNAME\\Lokale Einstellungen\\Apps\\2.0\\GLXC4G2V.YVY\\67Q04YGR.6LT\\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\\fritzbox-usb-fernanschluss.exe"=
"c:\\Programme\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Programme\\Synology\\Assistant\\DSAssistant.exe"=
"c:\\Programme\\Synology Data Replicator  3\\Backup.exe"=
"c:\\Programme\\devolo\\dlan\\devolonetsvc.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
.
R0 BMLoad;Bytemobile Boot Time Load Driver;c:\windows\system32\drivers\BMLoad.sys [11.03.2010 10:36 13184]
R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [16.01.2010 18:01 40560]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [03.10.2012 21:31 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [03.10.2012 21:31 355632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [03.10.2012 21:31 21256]
R2 DevoloNetworkService;devolo Network Service;c:\programme\devolo\dlan\devolonetsvc.exe [19.07.2010 20:57 3304768]
R2 IGDCTRL;AVM IGD CTRL Service;c:\programme\FRITZ!DSL\IGDCTRL.EXE [28.07.2009 17:07 73528]
R2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\system32\drivers\npf_devolo.sys [10.06.2010 14:32 35840]
R2 UsbClientService;UsbClientService;c:\programme\Synology\Assistant\UsbClientService.exe [18.02.2011 08:18 245760]
R3 busenum;Synology Virtual USB Hub;c:\windows\system32\drivers\busenum.sys [18.02.2011 08:20 46304]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [29.01.2012 22:52 72832]
R3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;c:\windows\system32\drivers\vodafone_K3805-z_dc_enum.sys [01.09.2010 15:33 80000]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [23.01.2010 14:51 135664]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;c:\programme\Cobian Backup 10\cbVSCService.exe [16.01.2012 16:17 67584]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [23.01.2010 14:51 135664]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [15.07.2009 09:23 7680]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [25.04.2012 08:00 114144]
S3 PLCMPR5;PLCMPR5 NDIS Protocol Driver;\??\c:\windows\system32\PLCMPR5.SYS --> c:\windows\system32\PLCMPR5.SYS [?]
S3 SDTHelper;Helper driver for SDT-Tool;\??\f:\radix_installer1009\sdthlpr.sys --> f:\radix_installer1009\sdthlpr.sys [?]
S3 SynoDrService;SynoDrService;c:\programme\Synology Data Replicator  3\SynoDrService.exe [17.10.2011 21:50 245760]
S3 VmbService;Vodafone-Mobile-Broadband-Dienst;c:\programme\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [19.04.2011 17:12 9216]
S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [15.07.2009 09:24 114688]
S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\zteusbvoice.sys [15.07.2009 09:24 105856]
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2012-10-05 c:\windows\Tasks\avast! Emergency Update.job
- c:\programme\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-03 09:12]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-01-23 12:51]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-01-23 12:51]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: In vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
LSP: c:\programme\FRITZ!DSL\\sarah.dll
FF - ProfilePath - c:\dokumente und einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-10-05 20:01
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•6~*]
"7040210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*]
"7040210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(1032)
c:\programme\FRITZ!DSL\sarah.dll
c:\programme\FRITZ!DSL\block.dll
.
- - - - - - - > 'explorer.exe'(2960)
c:\windows\system32\MSNCHATHOOK.DLL
c:\windows\system32\sysenv.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\MFC71U.DLL
c:\windows\system32\msi.dll
c:\acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Zeit der Fertigstellung: 2012-10-05  20:07:47
ComboFix-quarantined-files.txt  2012-10-05 18:07
.
Vor Suchlauf: 21 Verzeichnis(se), 11.087.486.976 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 11.072.557.056 Bytes frei
.
- - End Of File - - 1F9CE7C994AAD1E7EF20BD67F3EF1614
         
--- --- ---
__________________

Alt 06.10.2012, 09:16   #34
schrauber
/// the machine
/// TB-Ausbilder
 

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Läuft er jetzt wieder besser?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.10.2012, 10:51   #35
TimdZ
 
EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Leider nicht...
Der Bootvorgang dauert noch immer ewig - habe soeben nebenher zwei riesige Fenster putzen können...

Wenn der Bootprozess beendet ist, läuft er schon anständig, aber bis es soweit ist...

Hast Du noch eine Idee?


Alt 07.10.2012, 09:33   #36
schrauber
/// the machine
/// TB-Ausbilder
 

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Irgendwas am/im Rechner? CD, USB Stick?

Poste mal bitte ein frisches OTL logfile.
__________________
--> EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2

Alt 07.10.2012, 18:24   #37
TimdZ
 
EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



USB Stick/CD-ROM glaub ich eher nicht.

Frisches OTL Log (Extras.log viele Fehler)


Code:
ATTFilter
OTL logfile created on: 07.10.2012 18:22:16 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\USERNAME\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 65,00% Memory free
3,84 Gb Paging File | 3,18 Gb Available in Paging File | 82,79% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 69,65 Gb Total Space | 9,84 Gb Free Space | 14,14% Space Free | Partition Type: NTFS
Drive D: | 69,64 Gb Total Space | 9,40 Gb Free Space | 13,51% Space Free | Partition Type: NTFS
 
Computer Name: USERNAME_PC | User Name: USERNAME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.07 18:20:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\OTL.exe
PRC - [2012.10.06 11:26:52 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\temp\RtkBtMnt.exe
PRC - [2012.09.08 09:11:25 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.08.31 16:54:37 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () -- C:\Programme\Synology\Assistant\UsbClientService.exe
PRC - [2010.12.23 12:41:36 | 003,304,768 | ---- | M] (devolo AG) -- C:\Programme\devolo\dlan\devolonetsvc.exe
PRC - [2009.09.17 12:52:35 | 000,614,400 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009.07.28 17:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2008.04.23 02:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.07 17:39:06 | 000,343,552 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2007.10.17 19:59:44 | 000,858,632 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
PRC - [2007.07.04 12:44:00 | 000,475,136 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007.06.17 13:27:58 | 000,128,608 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
PRC - [2007.06.14 20:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe
PRC - [2007.04.03 18:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007.03.21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.03.21 14:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007.03.02 12:25:08 | 000,208,896 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
PRC - [2007.03.01 19:21:52 | 000,024,576 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007.01.17 12:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.07 14:27:20 | 001,815,040 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\12100701\algo.dll
MOD - [2012.10.06 20:18:30 | 001,815,040 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\12100601\algo.dll
MOD - [2012.09.08 09:11:24 | 002,244,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.06.15 00:32:46 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_adef2e1e\system.drawing.dll
MOD - [2012.06.15 00:32:36 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_392d579f\system.windows.forms.dll
MOD - [2012.06.15 00:32:13 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012.01.08 12:27:42 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_8a1d6637\mscorlib.dll
MOD - [2012.01.08 12:27:17 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_e0117812\system.dll
MOD - [2012.01.08 12:27:06 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012.01.08 12:27:04 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () -- C:\Programme\Synology\Assistant\UsbClientService.exe
MOD - [2009.09.17 12:52:35 | 000,614,400 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
MOD - [2008.06.05 08:58:57 | 000,026,624 | ---- | M] () -- C:\WINDOWS\system32\ssp3ml3.dll
MOD - [2008.03.22 21:38:00 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2008.03.22 21:38:00 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll
MOD - [2007.07.04 12:44:00 | 000,475,136 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
MOD - [2006.01.12 21:20:48 | 001,265,664 | ---- | M] () -- C:\Programme\Adobe\Acrobat 7.0\Distillr\adistres.DEU
MOD - [2006.01.12 21:20:26 | 000,019,968 | ---- | M] () -- C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.DEU
MOD - [2006.01.12 21:13:46 | 000,019,968 | ---- | M] () -- C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.FRA
MOD - [2005.10.20 18:20:24 | 000,208,896 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\DialogDLL.dll
MOD - [2005.10.11 14:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2003.06.07 22:30:08 | 000,057,344 | ---- | M] () -- C:\Programme\Launch Manager\PowerUtl.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.09.08 09:11:24 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.31 16:54:37 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.27 01:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011.10.17 21:50:58 | 000,245,760 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Synology Data Replicator  3\SynoDrService.exe -- (SynoDrService)
SRV - [2011.04.19 17:12:22 | 000,009,216 | ---- | M] (Vodafone) [On_Demand | Stopped] -- C:\Programme\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () [Auto | Running] -- C:\Programme\Synology\Assistant\UsbClientService.exe -- (UsbClientService)
SRV - [2010.12.23 12:41:36 | 003,304,768 | ---- | M] (devolo AG) [Auto | Running] -- C:\Programme\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2010.09.23 10:49:08 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [On_Demand | Stopped] -- C:\Programme\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
SRV - [2009.12.04 15:53:42 | 000,065,248 | ---- | M] (Greatis Software (c)) [Auto | Stopped] -- C:\Programme\BootLog XP\BootLogService.exe -- (BootlogService)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.07.28 17:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2007.09.28 17:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007.06.14 20:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2007.03.21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007.03.01 19:21:52 | 000,024,576 | ---- | M] ( ) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007.01.17 12:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\radix_installer1009\sdthlpr.sys -- (SDTHelper)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PLCMPR5.SYS -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\catchme.sys -- (catchme)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.08.21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.01.29 23:55:13 | 000,013,816 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\WINDOWS\system32\unikey.sys -- (phunter)
DRV - [2012.01.15 23:08:08 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2011.10.07 17:21:06 | 000,066,048 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2011.04.18 16:43:36 | 000,114,688 | R--- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2011.04.18 16:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2011.04.18 16:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2011.04.18 16:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2011.04.18 16:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2011.04.18 16:43:26 | 000,072,832 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011.02.18 08:20:08 | 000,046,304 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\busenum.sys -- (busenum)
DRV - [2010.09.01 15:33:12 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV - [2010.06.10 13:32:14 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf_devolo.sys -- (NPF_devolo)
DRV - [2010.03.11 10:36:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2010.03.11 10:36:24 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2009.11.10 10:15:52 | 000,385,544 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2009.11.10 10:15:52 | 000,034,392 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2009.11.10 10:15:50 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2009.10.06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.10.06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.10.06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.10.06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.04.09 13:38:32 | 000,007,680 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.03.25 17:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008.03.25 14:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2008.03.19 12:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008.01.22 21:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007.12.10 18:59:36 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007.12.10 18:59:36 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2007.12.10 18:59:34 | 000,014,120 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2007.11.29 10:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007.10.18 15:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007.10.02 12:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.09.21 06:26:48 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007.05.30 21:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007.05.02 04:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2007.02.16 16:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006.12.22 20:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006.12.22 20:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006.12.22 20:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.02.20 03:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2005.01.07 06:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2002.04.02 16:30:16 | 000,033,024 | ---- | M] (Colorvision Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cvspydr2.sys -- (cvspydr2)
DRV - [2000.07.24 02:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\BRPAR.SYS -- (BrPar)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {6F2894D0-8492-4C4F-BC43-709280CB71E9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{247AA57F-6A40-4B87-86FF-41F14B1DE46E}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{6F2894D0-8492-4C4F-BC43-709280CB71E9}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: spam@trashmail.net:2.6.2
FF - prefs.js..extensions.enabledAddons: {EDA7B1D7-F793-4e03-B074-E6F303317FB0}:1.2.7
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledAddons: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.9.1
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.6
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1466
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36605
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
FF - prefs.js..extensions.enabledItems: spam@trashmail.net:2.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ff-bmboc@bytemobile.com: C:\Programme\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2012.01.29 22:49:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.10.03 21:29:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.09.08 09:11:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.06.16 06:47:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.05.19 21:50:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2010.01.09 12:44:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Extensions
[2010.01.09 12:44:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.10.03 21:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions
[2012.08.05 09:30:19 | 000,217,069 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\spam@trashmail.net.xpi
[2012.09.24 17:40:31 | 000,506,361 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2012.09.28 18:12:25 | 000,529,316 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.10.03 21:35:32 | 000,741,958 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.15 22:34:05 | 000,823,486 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi
[2011.05.03 14:43:50 | 000,091,556 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi
[2012.06.16 06:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.16 06:47:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.10.03 21:29:49 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAMME\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.09.08 09:11:26 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.01.23 12:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Programme\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012.09.08 09:11:18 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.08 09:11:18 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.09.08 09:11:18 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.08 09:11:18 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.08 09:11:18 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.08 09:11:18 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.10.02 20:02:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StarteLock] C:\Acer\Empowering Technology\eLock\Service\startelock.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinColor.exe.lnk = C:\Programme\Pro Imaging Powertoys\Microsoft Color Control Panel Applet for Windows XP\WinColor.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\FRITZ!DSL\\sarah.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1344194921015 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\x-mem1 {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\WINDOWS\system32\wowctl2.dll (EzTools Software)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\ACERTX.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\ACERTX.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.07 18:20:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\OTL.exe
[2012.10.07 18:11:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\USERNAME\Startmenü\Programme\CyberLink PowerDVD
[2012.10.07 09:36:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\BootLog XP
[2012.10.07 09:36:53 | 000,000,000 | ---D | C] -- C:\Programme\BootLog XP
[2012.10.07 09:36:21 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.10.05 19:44:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.10.05 19:44:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.10.05 19:44:47 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.10.05 19:44:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.10.05 19:44:31 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.10.05 19:42:29 | 004,762,471 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\ComboFix.exe
[2012.10.04 22:16:44 | 000,116,736 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012.10.04 22:16:40 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012.10.04 22:16:22 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012.10.04 22:16:17 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012.10.04 22:14:48 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012.10.04 22:14:44 | 000,035,402 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012.10.04 22:14:28 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012.10.04 22:14:01 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012.10.04 22:13:42 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012.10.04 22:13:38 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012.10.04 22:13:34 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012.10.04 22:13:26 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012.10.04 22:13:20 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012.10.04 22:13:15 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012.10.04 22:13:11 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012.10.04 22:12:52 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012.10.04 22:12:34 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012.10.04 22:12:30 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012.10.04 22:12:26 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012.10.04 22:12:16 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012.10.04 22:11:51 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012.10.04 22:11:36 | 000,212,480 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012.10.04 22:11:32 | 000,216,576 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012.10.04 22:11:17 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012.10.04 22:11:13 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012.10.04 22:11:09 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012.10.04 22:11:06 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012.10.04 22:11:02 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012.10.04 22:10:58 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012.10.04 22:10:17 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012.10.04 22:10:10 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012.10.04 22:10:04 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012.10.04 22:10:03 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012.10.04 22:09:57 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012.10.04 22:09:52 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012.10.04 22:09:33 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012.10.04 22:09:29 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012.10.04 22:08:52 | 000,159,744 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012.10.04 22:08:48 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012.10.04 22:08:45 | 000,287,232 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012.10.04 22:08:39 | 000,017,152 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012.10.04 22:08:30 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012.10.04 22:07:19 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012.10.04 22:07:12 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012.10.04 22:07:07 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012.10.04 22:07:02 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012.10.04 22:06:58 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012.10.04 22:06:27 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012.10.04 22:06:23 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012.10.04 22:06:20 | 000,095,178 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012.10.04 22:06:12 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012.10.04 22:05:17 | 000,161,888 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012.10.04 22:05:14 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012.10.04 22:05:10 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012.10.04 22:05:07 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012.10.04 22:04:35 | 000,017,792 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012.10.04 22:04:27 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012.10.04 22:04:23 | 000,024,192 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012.10.04 22:04:03 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012.10.04 22:03:59 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012.10.04 22:03:56 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012.10.04 22:03:53 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012.10.04 22:03:50 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012.10.04 22:03:47 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012.10.04 22:03:43 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012.10.04 22:03:40 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012.10.04 22:03:37 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012.10.04 22:03:29 | 000,083,968 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012.10.04 22:03:25 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012.10.04 22:03:23 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012.10.04 22:03:22 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012.10.04 22:03:04 | 000,010,752 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012.10.04 22:02:51 | 000,079,360 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012.10.04 22:02:46 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012.10.04 22:02:21 | 000,715,242 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012.10.04 22:02:18 | 000,899,658 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012.10.04 22:01:42 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012.10.04 22:01:38 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012.10.04 22:01:35 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012.10.04 22:01:20 | 000,016,384 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012.10.04 22:00:17 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012.10.04 22:00:04 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012.10.04 21:59:58 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012.10.04 21:59:55 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012.10.04 21:59:13 | 000,054,730 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012.10.04 21:59:06 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012.10.04 21:59:02 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012.10.04 21:58:21 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012.10.04 21:58:04 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012.10.04 21:58:00 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012.10.04 21:57:46 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012.10.04 21:57:30 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012.10.04 21:57:27 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012.10.04 21:57:17 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012.10.04 21:57:14 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012.10.04 21:57:10 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012.10.04 21:57:07 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012.10.04 21:57:04 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012.10.04 21:57:01 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012.10.04 21:56:51 | 000,076,288 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012.10.04 21:56:48 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012.10.04 21:56:45 | 000,019,968 | ---- | C] (Macronix International Co., Ltd.                                               ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012.10.04 21:56:42 | 000,020,480 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012.10.04 21:56:39 | 000,022,144 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012.10.04 21:54:00 | 000,164,970 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012.10.04 21:53:33 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012.10.04 21:53:30 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012.10.04 21:53:29 | 000,422,016 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012.10.04 21:53:26 | 000,577,226 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012.10.04 21:53:25 | 000,607,196 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012.10.04 21:53:22 | 000,728,298 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012.10.04 21:53:11 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012.10.04 21:53:08 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012.10.04 21:53:05 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012.10.04 21:53:02 | 000,016,256 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012.10.04 21:52:57 | 000,026,506 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012.10.04 21:52:54 | 000,019,016 | ---- | C] (Kingston Technology Company                                                             ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012.10.04 21:52:22 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012.10.04 21:51:26 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012.10.04 21:48:58 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012.10.04 21:48:48 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012.10.04 21:48:16 | 000,028,672 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012.10.04 21:48:14 | 000,082,560 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012.10.04 21:48:11 | 000,017,792 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012.10.04 21:47:47 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012.10.04 21:47:36 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012.10.04 21:47:34 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012.10.04 21:47:27 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012.10.04 21:47:25 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012.10.04 21:47:22 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012.10.04 21:47:20 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012.10.04 21:47:03 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012.10.04 21:46:59 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012.10.04 21:46:57 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012.10.04 21:45:01 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012.10.04 21:44:53 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012.10.04 21:44:38 | 000,029,696 | ---- | C] (CNet Technology, Inc.                                                    ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012.10.04 21:44:36 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012.10.04 21:44:34 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012.10.04 21:44:29 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012.10.04 21:44:27 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012.10.04 21:44:25 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012.10.04 21:44:20 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012.10.04 21:43:53 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012.10.04 21:43:51 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012.10.04 21:43:46 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012.10.04 21:43:12 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012.10.04 21:43:11 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012.10.04 21:43:09 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012.10.04 21:43:08 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012.10.04 21:43:07 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012.10.04 21:43:05 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012.10.04 21:43:04 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012.10.04 21:43:02 | 000,252,928 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012.10.04 21:42:50 | 000,216,576 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012.10.04 21:42:26 | 000,020,864 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012.10.04 21:42:13 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012.10.04 21:42:00 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012.10.04 21:41:59 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012.10.04 21:41:58 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012.10.04 21:41:57 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012.10.04 21:41:56 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012.10.04 21:41:51 | 000,715,210 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012.10.04 21:41:50 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012.10.04 21:41:49 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012.10.04 21:41:48 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012.10.04 21:41:45 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012.10.04 21:41:44 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012.10.04 21:40:54 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012.10.04 21:40:53 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012.10.04 21:40:52 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012.10.04 21:40:51 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012.10.04 21:40:50 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012.10.04 21:40:50 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012.10.04 21:40:49 | 000,039,808 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012.10.04 21:40:48 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012.10.04 21:40:45 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012.10.04 21:40:44 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012.10.04 21:40:43 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012.10.04 21:40:42 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012.10.04 21:40:41 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012.10.04 21:40:40 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012.10.04 21:40:39 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012.10.04 21:40:39 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012.10.04 21:40:38 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012.10.04 21:40:37 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012.10.04 21:40:31 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012.10.04 21:40:24 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012.10.04 21:40:23 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012.10.04 21:40:22 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012.10.04 21:40:21 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012.10.04 21:40:20 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012.10.04 21:40:19 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012.10.04 21:40:18 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012.10.04 21:39:37 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012.10.04 21:39:28 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012.10.04 21:39:14 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012.10.04 21:39:10 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012.10.04 21:39:06 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012.10.04 21:39:05 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012.10.04 21:39:04 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012.10.04 21:39:00 | 000,061,952 | ---- | C] (Farb-Flachbett-Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012.10.04 21:38:57 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012.10.04 21:38:56 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012.10.04 21:38:54 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012.10.04 21:38:53 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012.10.04 21:38:52 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012.10.03 21:34:45 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\TFC.exe
[2012.10.03 21:31:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2012.10.03 21:31:12 | 000,355,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.10.03 21:31:12 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.10.03 21:31:07 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.10.03 21:31:06 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.10.03 21:31:05 | 000,729,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.10.03 21:31:04 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.10.03 21:31:04 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.10.03 21:31:03 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.10.03 21:29:37 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.10.03 21:29:34 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.10.03 21:27:42 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2012.10.03 21:27:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.10.02 22:35:35 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.10.02 19:44:46 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.10.02 19:07:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.09.29 16:40:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\USERNAME\Desktop\Defogger
[2012.09.29 15:29:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Malwarebytes
[2012.09.29 15:28:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.09.29 15:28:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.09.29 15:28:51 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.09.29 15:28:50 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.09.09 17:04:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Anwendungsdaten\Sun
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.07 18:20:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\OTL.exe
[2012.10.07 18:09:09 | 000,000,314 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.10.07 18:08:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.10.07 18:08:13 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.07 18:06:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.07 18:06:10 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.07 09:57:04 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.07 09:50:53 | 262,406,144 | ---- | M] () -- C:\LogFile.Etl
[2012.10.05 19:43:03 | 004,762,471 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\ComboFix.exe
[2012.10.04 20:59:17 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.10.03 21:34:54 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\TFC.exe
[2012.10.03 21:31:13 | 000,001,657 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.10.03 21:31:05 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.10.03 20:36:49 | 000,341,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.10.02 20:02:41 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.09.30 15:29:20 | 000,007,254 | RHS- | M] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol
[2012.09.30 12:13:57 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\USERNAME\Desktop\Microsoft Word 2003.lnk
[2012.09.13 23:07:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
 
========== Files Created - No Company Name ==========
 
[2012.10.07 09:41:04 | 262,406,144 | ---- | C] () -- C:\LogFile.Etl
[2012.10.05 19:44:47 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.10.05 19:44:47 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.10.05 19:44:47 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.10.05 19:44:47 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.10.05 19:44:47 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.10.04 22:16:39 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012.10.04 22:16:35 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012.10.04 22:02:42 | 000,086,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012.10.04 22:01:29 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012.10.04 22:01:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012.10.04 21:59:10 | 000,044,105 | ---- | C] () -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012.10.04 21:55:05 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012.10.04 21:48:56 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012.10.04 21:48:51 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012.10.04 21:48:46 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012.10.04 21:48:41 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012.10.04 21:48:36 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012.10.04 21:44:33 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012.10.04 21:44:31 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012.10.04 21:44:30 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012.10.04 21:44:26 | 000,031,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012.10.04 21:40:05 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012.10.04 21:40:05 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012.10.04 21:40:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012.10.04 21:40:03 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012.10.04 21:40:02 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012.10.04 21:40:01 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012.10.04 21:40:01 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012.10.04 21:40:00 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012.10.04 21:39:57 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012.10.04 21:39:49 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012.10.04 20:59:24 | 000,001,177 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinColor.exe.lnk
[2012.10.03 21:31:13 | 000,001,657 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.10.03 21:31:05 | 000,000,314 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.10.02 19:45:12 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.10.02 19:45:05 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2012.09.29 19:40:49 | 2137,444,352 | -HS- | C] () -- C:\hiberfil.sys
[2012.05.20 01:22:20 | 000,000,030 | ---- | C] () -- C:\Programme\Exiferupdate.ini
[2012.05.07 20:04:20 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2012.05.07 20:00:31 | 000,107,520 | RHS- | C] () -- C:\WINDOWS\System32\TAKDSDecoder.dll
[2012.05.07 17:13:49 | 008,913,920 | ---- | C] () -- C:\WINDOWS\System32\mp22.dll
[2012.04.21 13:06:04 | 000,007,254 | RHS- | C] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol
[2012.04.19 22:20:02 | 000,000,182 | ---- | C] () -- C:\WINDOWS\venple.ini
[2012.03.10 13:39:25 | 000,000,031 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012.02.16 08:16:16 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.12 23:40:10 | 000,482,408 | ---- | C] () -- C:\WINDOWS\ssndii.exe
[2012.02.12 23:38:06 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ssp3ml3.dll
[2012.02.06 21:54:46 | 000,000,040 | ---- | C] () -- C:\WINDOWS\BO5150D.INI
[2012.02.06 21:53:12 | 000,000,142 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2012.02.06 21:53:12 | 000,000,040 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2012.02.06 21:53:12 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2012.02.06 21:53:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\bw5150d.ini
[2012.02.06 21:53:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2012.02.06 21:53:11 | 000,000,052 | ---- | C] () -- C:\WINDOWS\brpp2ka.ini
[2012.02.06 21:52:59 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC32.DLL
[2012.02.06 21:52:59 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC16.DLL
[2012.02.06 21:52:58 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2012.02.06 21:52:56 | 000,015,108 | ---- | C] () -- C:\WINDOWS\HL-5150D.INI
[2012.02.06 21:52:47 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\BRSS01A.ini
[2012.02.06 21:47:54 | 000,000,060 | R--- | C] () -- C:\Programme\BRINST.INI
[2012.01.29 23:51:38 | 000,013,816 | ---- | C] () -- C:\WINDOWS\System32\unikey.sys
[2011.11.25 23:00:41 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011.11.25 23:00:41 | 000,000,058 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Anwendungsdaten\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011.10.31 22:52:41 | 000,000,127 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\qtdsyncmonitor.xml
[2011.10.31 22:10:59 | 000,000,394 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\qtdsync.xml
[2011.08.13 19:05:28 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011.08.13 19:05:28 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2030.DAT
[2011.08.08 00:00:17 | 000,000,043 | ---- | C] () -- C:\WINDOWS\GSWIN32.INI
[2011.07.21 22:58:53 | 000,000,001 | R--- | C] () -- C:\Dokumente und Einstellungen\USERNAME\serverport
[2011.04.18 16:39:56 | 000,226,364 | R--- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DeviceManager.xml.rc4
[2009.03.20 23:42:14 | 000,003,899 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html-tasks
[2009.03.20 23:42:14 | 000,003,800 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html-resources
[2009.03.20 23:42:14 | 000,003,713 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html
[2009.03.20 23:42:14 | 000,003,163 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html-chart
[2009.03.20 23:42:14 | 000,002,438 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html.png
[2009.03.20 23:42:14 | 000,002,414 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html.res.png
[2009.03.20 23:41:14 | 000,003,404 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.ganttproject
[2009.03.20 22:27:03 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.recently-used
[2008.12.28 14:37:53 | 000,078,336 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.20 00:14:01 | 000,000,142 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2008.03.22 21:34:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.10.03 21:27:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.03.16 16:04:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2009.04.02 22:25:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2009.02.08 11:59:42 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2010.01.16 17:58:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\explauncher
[2010.01.08 22:13:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2009.12.22 19:58:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ISDNWatch
[2008.12.04 22:36:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2010.01.08 22:14:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2012.03.07 12:46:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ntrip0
[2010.06.22 19:07:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panasonic
[2010.01.16 20:10:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Paragon
[2010.01.08 22:06:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2008.11.20 23:24:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\photools.com
[2009.02.08 12:19:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2012.01.29 22:59:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Vodafone
[2011.07.20 16:21:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010.05.26 20:41:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.10.07 18:49:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011.07.01 23:03:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Amazon
[2012.01.19 23:48:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Assimil_d_ru
[2009.04.02 22:25:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Buhl Data Service
[2010.01.29 22:31:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Canon
[2011.11.25 23:00:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\DonationCoder
[2012.05.07 19:20:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\DVDVideoSoft
[2008.12.22 17:56:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\ePaperPress
[2009.10.21 20:49:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\FileZilla
[2012.02.25 11:09:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Foxit Software
[2010.03.07 18:04:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\FRITZ!
[2009.12.22 19:58:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\FRITZ!fax für FRITZ!Box
[2012.01.15 23:18:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\KeePass
[2010.01.08 22:14:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Nokia
[2008.11.21 00:52:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\OfficeUpdate12
[2009.01.21 22:02:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Opera
[2010.01.09 19:18:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\PC Suite
[2010.10.19 21:40:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Philipp Winterberg
[2008.11.20 23:27:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\photools.com
[2010.02.07 21:49:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Process Hacker
[2009.02.08 12:19:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\ScanSoft
[2011.08.20 17:31:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\TeamViewer
[2010.01.09 12:44:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Thunderbird
[2012.01.16 00:00:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\TrueCrypt
[2012.04.19 22:21:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Vensim
[2012.01.29 22:57:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Vodafone
[2012.02.06 00:41:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Vodafone Mobile Broadband
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

--- --- ---

Hier die Extras.log
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 07.10.2012 18:22:16 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\USERNAME\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 65,00% Memory free
3,84 Gb Paging File | 3,18 Gb Available in Paging File | 82,79% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 69,65 Gb Total Space | 9,84 Gb Free Space | 14,14% Space Free | Partition Type: NTFS
Drive D: | 69,64 Gb Total Space | 9,40 Gb Free Space | 13,51% Space Free | Partition Type: NTFS
 
Computer Name: USERNAME_PC | User Name: USERNAME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Programme\Canon\Digital Photo Professional\DPP\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Scrabblev2_0\Scrabble v2.0.exe" = C:\Programme\Scrabblev2_0\Scrabble v2.0.exe:*:Disabled:Scrabble v2.0 -- ()
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\FRITZ!\FriFax32.exe" = C:\Programme\FRITZ!\FriFax32.exe:*:Enabled:FRITZ!fax -- (AVM Berlin)
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process  -- (Nokia Corporation)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:AVM FRITZ!DSL - igdctrl.exe -- (AVM Berlin)
"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!DSL - fboxupd.exe -- (AVM Berlin)
"C:\Programme\FRITZ!DSL\WebwaIgd.exe" = C:\Programme\FRITZ!DSL\WebwaIgd.exe:*:Enabled:AVM FRITZ!DSL - webwaigd.exe -- (AVM Berlin)
"C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Apps\2.0\GLXC4G2V.YVY\67Q04YGR.6LT\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Apps\2.0\GLXC4G2V.YVY\67Q04YGR.6LT\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- (AVM Berlin)
"C:\Programme\TeamViewer\Version6\TeamViewer.exe" = C:\Programme\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Programme\Synology\Assistant\DSAssistant.exe" = C:\Programme\Synology\Assistant\DSAssistant.exe:*:Enabled:DSAssistant -- ()
"C:\Programme\Synology Data Replicator  3\Backup.exe" = C:\Programme\Synology Data Replicator  3\Backup.exe:*:Enabled:Data Replicator -- (Synology Inc.)
"C:\Programme\devolo\dlan\devolonetsvc.exe" = C:\Programme\devolo\dlan\devolonetsvc.exe:*:Enabled:devolo dLAN Cockpit -- (devolo AG)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}" = WISO Sparbuch 2009
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{0443A856-B498-4FF9-8C15-4B7057242783}" = HD Writer 2.6E for HDC
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX700_series" = Canon MX700 series
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2899C5-8938-4232-98CC-7A075ECB3172}" = t@x 2010 Standard
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}" = Microsoft SQL Server VSS Writer
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A6F4A31-8CFD-46B4-8385-E1F384DB121E}" = PDF-XChange Viewer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}" = Paragon Backup & Recovery™ 10 Kompakt
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AAD21AD-EE06-46C9-8B57-28D53DF9FB06}_is1" = NTRIP
"{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management
"{4BA6C917-E51C-4C49-9CD6-381A0A441CFD}" = PTLens
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}" = Microsoft SQL Server Native Client
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}" = AVM FRITZ!DSL
"{74BE7519-41A7-45A8-8AA6-78C7907A4808}" = EOS Capture 1.2
"{750CF8D7-4B04-404F-AFA2-14C129C42373}" = EOS Viewer Utility 1.2.1
"{75171746-D5CA-4831-948C-B7EAC696E63D}" = IMatch 3.6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846E4C72-DF45-43ED-1680-EDF5F87F279E}" = dLAN Cockpit
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{8E310838-457C-4269-B177-3EFB300CBDDC}" = Synology Data Replicator  3
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A99A1AE2-5EAB-4742-91DB-72A8B2F9529C}" = HardlinkBackup
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-1033-F400-BA7E-100000000002}" = Adobe Acrobat 7.0 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE378F36-E404-4244-A33F-F50A2A6D31BD}" = Microsoft Color Control Panel Applet for Windows XP
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}" = Canon Camera WIA Driver
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FE3D551C-0B6F-4BAA-B4C1-2F0646E52886}}_is1" = Assimil Russisch ohne Mühe heute
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem  (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.62
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.4)
"Adobe Acrobat 7.0 Standard - EFG - V" = Adobe Acrobat 7.1.3 Standard - English, Français, Deutsch
"Adobe Acrobat 7.0 Standard - EFG - V_713" = Adobe Acrobat 7.1.3 - CPSID_49168
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AktienProfi_is1" = AktienProfi 3.20.2
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"avast" = avast! Free Antivirus
"BootLog XP_is1" = BootLog XP
"Bridge Construction Set_is1" = Bridge Construction Set 1.37
"Brother HL-5150D" = Brother HL-5150D
"CamStudio" = CamStudio
"Canon MX700 series Benutzerregistrierung" = Canon MX700 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"CobBackup10" = Cobian Backup 10
"Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1" = dLAN Cockpit
"DPP" = Canon Utilities Digital Photo Professional 3.9
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"Exifer_is1" = Exifer
"ExposurePlot_is1" = ExposurePlot 1.14
"GML Undistorter_is1" = GML Undistorter 1.05
"GPS-Track-Analyse.NET 6.0_is1" = GPS-Track-Analyse.NET 6.0
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.2.5097
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"InstallShield_{74BE7519-41A7-45A8-8AA6-78C7907A4808}" = Canon Utilities EOS Capture 1.2
"InstallShield_{750CF8D7-4B04-404F-AFA2-14C129C42373}" = Canon Utilities EOS Viewer Utility 1.2
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}" = Canon EOS 20D WIA-Treiber
"IrfanView" = IrfanView (remove only)
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.18
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"Mozilla Thunderbird 15.0.1 (x86 de)" = Mozilla Thunderbird 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Neat Image_is1" = Neat Image v5.0 Home
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"OpenAL" = OpenAL
"Opera 12.02.1578" = Opera 12.02
"Pontifex" = Pontifex
"Process_Hacker_is1" = Process Hacker 1.8
"RarZilla Free Unrar" = RarZilla Free Unrar
"Recuva" = Recuva
"Samsung ML-2855 Series" = Samsung ML-2855 Series
"Scrabble v2.0" = Scrabble v2.0
"SpeedFan" = SpeedFan (remove only)
"Spyder2express" = Spyder2express
"Synology Assistant" = Synology Assistant (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
"TrueCrypt" = TrueCrypt
"VLC media player" = VLC media player 2.0.2
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"YDKJG2" = YOU DON'T KNOW JACK® 2
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
"STANLY Track" = STANLY Track
"STANLY Track EDDM" = STANLY Track EDDM
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 04.10.2012 15:18:21 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
 
Error - 04.10.2012 15:18:22 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
 
Error - 05.10.2012 10:10:55 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
 
Error - 05.10.2012 10:10:57 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
 
Error - 06.10.2012 05:23:31 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
 
Error - 06.10.2012 05:23:34 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
 
Error - 07.10.2012 03:43:37 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
 
Error - 07.10.2012 03:43:47 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
 
Error - 07.10.2012 12:08:05 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
 
Error - 07.10.2012 12:08:08 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
 
[ System Events ]
Error - 07.10.2012 03:44:24 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IMAPI-CD-Brenn-COM-Dienste" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 07.10.2012 03:47:58 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst eLock
 Service.
 
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Treiber für parallelen Anschluss" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1058
 
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7002
Description = Der Dienst "BrPar" ist von der Gruppe "Parallel arbitrator" abhängig.
 Kein Mitglied dieser Gruppe wurde jedoch gestartet.
 
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Cyberlink
 RichVideo Service(CRVS).
 
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst eLock
 Service.
 
Error - 07.10.2012 12:12:13 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst eLock
 Service.
 
 
< End of report >
         
--- --- ---


Habe mit BootLog XP mal eine Aufzeichnung gemacht.
Der Bootvorgang ab Desktop beträgt demnach knapp 11 min.

Richtig lange braucht dabei folgender Prozess, aber es gibt noch mehrere, die über 5 min. brauchen:
Code:
ATTFilter
Path: C:\WINDOWS\system32\svchost.exe
Start: 115,457 sec Duration: 401,524 sec
ID: 1468  07.10.2012  09:41:34.175
DLL's:
C:\WINDOWS\system32\svchost.exe Start: 115,457 sec
C:\WINDOWS\system32\ntdll.dll Start: 115,457 sec
C:\WINDOWS\system32\kernel32.dll Start: 115,458 sec
C:\WINDOWS\system32\advapi32.dll Start: 115,463 sec
C:\WINDOWS\system32\rpcrt4.dll Start: 115,463 sec
C:\WINDOWS\system32\secur32.dll Start: 115,463 sec
C:\WINDOWS\system32\shimeng.dll Start: 115,463 sec
C:\WINDOWS\AppPatch\acgenral.dll Start: 115,464 sec
C:\WINDOWS\system32\user32.dll Start: 115,464 sec
C:\WINDOWS\system32\gdi32.dll Start: 115,464 sec
C:\WINDOWS\system32\winmm.dll Start: 115,464 sec
C:\WINDOWS\system32\ole32.dll Start: 115,464 sec
C:\WINDOWS\system32\msvcrt.dll Start: 115,466 sec
C:\WINDOWS\system32\oleaut32.dll Start: 115,466 sec
C:\WINDOWS\system32\msacm32.dll Start: 115,466 sec
C:\WINDOWS\system32\version.dll Start: 115,466 sec
C:\WINDOWS\system32\shell32.dll Start: 115,466 sec
C:\WINDOWS\system32\shlwapi.dll Start: 115,467 sec
C:\WINDOWS\system32\userenv.dll Start: 115,467 sec
C:\WINDOWS\system32\uxtheme.dll Start: 115,467 sec
C:\WINDOWS\system32\imm32.dll Start: 115,474 sec
C:\WINDOWS\system32\lpk.dll Start: 115,474 sec
C:\WINDOWS\system32\usp10.dll Start: 115,475 sec
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll Start: 115,492 sec
C:\WINDOWS\system32\comctl32.dll Start: 115,504 sec
C:\WINDOWS\system32\ntmarta.dll Start: 115,508 sec
C:\WINDOWS\system32\samlib.dll Start: 115,508 sec
C:\WINDOWS\system32\wldap32.dll Start: 115,508 sec
C:\WINDOWS\system32\xpsp2res.dll Start: 115,512 sec
C:\WINDOWS\system32\shsvcs.dll Start: 115,515 sec
C:\WINDOWS\system32\winsta.dll Start: 115,521 sec
C:\WINDOWS\system32\netapi32.dll Start: 115,522 sec
C:\WINDOWS\system32\rsaenh.dll Start: 116,252 sec
C:\WINDOWS\system32\dhcpcsvc.dll Start: 117,468 sec
C:\WINDOWS\system32\dnsapi.dll Start: 117,47 sec
C:\WINDOWS\system32\ws2_32.dll Start: 117,47 sec
C:\WINDOWS\system32\ws2help.dll Start: 117,471 sec
C:\WINDOWS\system32\iphlpapi.dll Start: 117,471 sec
C:\WINDOWS\system32\msapsspc.dll Start: 117,843 sec
C:\WINDOWS\system32\msvcrt40.dll Start: 117,844 sec
C:\WINDOWS\system32\schannel.dll Start: 117,848 sec
C:\WINDOWS\system32\crypt32.dll Start: 117,851 sec
C:\WINDOWS\system32\msasn1.dll Start: 117,851 sec
C:\WINDOWS\system32\digest.dll Start: 117,883 sec
C:\WINDOWS\system32\msnsspc.dll Start: 117,884 sec
C:\WINDOWS\system32\msvcrt40.dll Start: 117,885 sec
C:\Programme\FRITZ!DSL\SARAH.DLL Start: 117,887 sec
C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll Start: 117,898 sec
C:\Programme\FRITZ!DSL\BLOCK.DLL Start: 117,901 sec
C:\WINDOWS\system32\mswsock.dll Start: 117,925 sec
C:\WINDOWS\system32\hnetcfg.dll Start: 117,925 sec
C:\WINDOWS\system32\wshtcpip.dll Start: 117,929 sec
C:\WINDOWS\system32\wzcsvc.dll Start: 119,151 sec
C:\WINDOWS\system32\rtutils.dll Start: 119,152 sec
C:\WINDOWS\system32\wmi.dll Start: 119,152 sec
C:\WINDOWS\system32\crypt32.dll Start: 119,152 sec
C:\WINDOWS\system32\msasn1.dll Start: 119,153 sec
C:\WINDOWS\system32\eapolqec.dll Start: 119,153 sec
C:\WINDOWS\system32\atl.dll Start: 119,153 sec
C:\WINDOWS\system32\qutil.dll Start: 119,154 sec
C:\WINDOWS\system32\msvcp60.dll Start: 119,154 sec
C:\WINDOWS\system32\dot3api.dll Start: 119,155 sec
C:\WINDOWS\system32\wtsapi32.dll Start: 119,156 sec
C:\WINDOWS\system32\esent.dll Start: 119,156 sec
C:\WINDOWS\system32\irmon.dll Start: 119,277 sec
C:\WINDOWS\system32\msv1_0.dll Start: 119,278 sec
C:\WINDOWS\system32\cryptdll.dll Start: 119,279 sec
C:\WINDOWS\system32\clbcatq.dll Start: 119,316 sec
C:\WINDOWS\system32\comres.dll Start: 119,317 sec
C:\WINDOWS\system32\rastls.dll Start: 119,328 sec
C:\WINDOWS\system32\cryptui.dll Start: 119,329 sec
C:\WINDOWS\system32\wininet.dll Start: 119,343 sec
C:\WINDOWS\system32\normaliz.dll Start: 119,344 sec
C:\WINDOWS\system32\urlmon.dll Start: 119,344 sec
C:\WINDOWS\system32\iertutil.dll Start: 119,346 sec
C:\WINDOWS\system32\wintrust.dll Start: 119,355 sec
C:\WINDOWS\system32\imagehlp.dll Start: 119,355 sec
C:\WINDOWS\system32\mprapi.dll Start: 119,364 sec
C:\WINDOWS\system32\activeds.dll Start: 119,364 sec
C:\WINDOWS\system32\adsldpc.dll Start: 119,364 sec
C:\WINDOWS\system32\setupapi.dll Start: 119,365 sec
C:\WINDOWS\system32\rasapi32.dll Start: 119,365 sec
C:\WINDOWS\system32\rasman.dll Start: 119,365 sec
C:\WINDOWS\system32\tapi32.dll Start: 119,366 sec
C:\WINDOWS\system32\schannel.dll Start: 119,366 sec
C:\WINDOWS\system32\winscard.dll Start: 119,366 sec
C:\WINDOWS\system32\psapi.dll Start: 119,368 sec
C:\WINDOWS\system32\riched20.dll Start: 119,399 sec
C:\WINDOWS\system32\raschap.dll Start: 119,42 sec
C:\WINDOWS\system32\wshirda.dll Start: 119,42 sec
C:\WINDOWS\system32\netman.dll Start: 119,539 sec
C:\WINDOWS\system32\netshell.dll Start: 119,541 sec
C:\WINDOWS\system32\credui.dll Start: 119,541 sec
C:\WINDOWS\system32\dot3dlg.dll Start: 119,541 sec
C:\WINDOWS\system32\onex.dll Start: 119,541 sec
C:\WINDOWS\system32\eappcfg.dll Start: 119,541 sec
C:\WINDOWS\system32\eappprxy.dll Start: 119,541 sec
C:\WINDOWS\system32\wzcsapi.dll Start: 119,542 sec
C:\WINDOWS\system32\mlang.dll Start: 122,774 sec
C:\WINDOWS\system32\xmlprovi.dll Start: 122,796 sec
C:\WINDOWS\system32\wzcsapi.dll Start: 122,796 sec
C:\WINDOWS\system32\schedsvc.dll Start: 123,073 sec
C:\WINDOWS\system32\ntdsapi.dll Start: 123,073 sec
C:\WINDOWS\system32\kbdgr.dll Start: 123,132 sec
C:\WINDOWS\system32\msidle.dll Start: 123,136 sec
C:\WINDOWS\system32\audiosrv.dll Start: 123,517 sec
C:\WINDOWS\system32\wkssvc.dll Start: 123,625 sec
C:\WINDOWS\system32\cryptsvc.dll Start: 130,64 sec
C:\WINDOWS\system32\certcli.dll Start: 130,64 sec
C:\WINDOWS\system32\dmserver.dll Start: 130,762 sec
C:\WINDOWS\system32\ersvc.dll Start: 130,767 sec
C:\WINDOWS\system32\es.dll Start: 130,782 sec
C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll Start: 131,042 sec
C:\WINDOWS\system32\srvsvc.dll Start: 132,67 sec
C:\WINDOWS\system32\netmsg.dll Start: 133,197 sec
C:\WINDOWS\system32\netman.dll Start: 150,765 sec
C:\WINDOWS\system32\netshell.dll Start: 150,768 sec
C:\WINDOWS\system32\credui.dll Start: 150,768 sec
C:\WINDOWS\system32\dot3dlg.dll Start: 150,769 sec
C:\WINDOWS\system32\onex.dll Start: 150,77 sec
C:\WINDOWS\system32\eappcfg.dll Start: 150,77 sec
C:\WINDOWS\system32\eappprxy.dll Start: 150,771 sec
C:\WINDOWS\system32\seclogon.dll Start: 155,438 sec
C:\WINDOWS\system32\srsvc.dll Start: 157,925 sec
C:\WINDOWS\system32\powrprof.dll Start: 159,097 sec
C:\WINDOWS\system32\sens.dll Start: 159,337 sec
C:\WINDOWS\system32\trkwks.dll Start: 161,63 sec
C:\WINDOWS\system32\tapisrv.dll Start: 162,482 sec
C:\WINDOWS\system32\w32time.dll Start: 163,836 sec
C:\WINDOWS\system32\wbem\wmisvc.dll Start: 165,165 sec
C:\WINDOWS\system32\vssapi.dll Start: 166,194 sec
C:\WINDOWS\system32\wscsvc.dll Start: 170,363 sec
C:\WINDOWS\system32\msi.dll Start: 170,965 sec
C:\WINDOWS\system32\wbem\wbemcore.dll Start: 171,312 sec
C:\WINDOWS\system32\wbem\esscli.dll Start: 172,255 sec
C:\WINDOWS\system32\wbem\wbemcomn.dll Start: 173,195 sec
C:\WINDOWS\system32\wbem\fastprox.dll Start: 173,35 sec
C:\WINDOWS\system32\actxprxy.dll Start: 177,06 sec
C:\WINDOWS\system32\wuauserv.dll Start: 177,961 sec
C:\WINDOWS\system32\sxs.dll Start: 178,39 sec
C:\WINDOWS\system32\wuaueng.dll Start: 178,661 sec
C:\WINDOWS\system32\winspool.drv Start: 179,184 sec
C:\WINDOWS\system32\winhttp.dll Start: 179,389 sec
C:\WINDOWS\system32\cabinet.dll Start: 179,567 sec
C:\WINDOWS\system32\mspatcha.dll Start: 180,203 sec
C:\WINDOWS\system32\browser.dll Start: 182,879 sec
C:\WINDOWS\system32\wbem\wbemprox.dll Start: 183,452 sec
C:\WINDOWS\system32\wbem\wbemsvc.dll Start: 183,818 sec
C:\WINDOWS\system32\comsvcs.dll Start: 185,311 sec
C:\WINDOWS\system32\colbact.dll Start: 186,357 sec
C:\WINDOWS\system32\mtxclu.dll Start: 187,173 sec
C:\WINDOWS\system32\wsock32.dll Start: 187,939 sec
C:\WINDOWS\system32\clusapi.dll Start: 188,777 sec
C:\WINDOWS\system32\resutils.dll Start: 189,561 sec
C:\WINDOWS\system32\sfc.dll Start: 191,625 sec
C:\WINDOWS\system32\sfc_os.dll Start: 191,626 sec
C:\WINDOWS\system32\wbem\wmiutils.dll Start: 192,135 sec
C:\WINDOWS\system32\wups.dll Start: 193,187 sec
C:\WINDOWS\system32\wups2.dll Start: 193,765 sec
C:\WINDOWS\system32\wbem\repdrvfs.dll Start: 194,784 sec
C:\WINDOWS\system32\wbem\wmiprvsd.dll Start: 199,288 sec
C:\WINDOWS\system32\ncobjapi.dll Start: 199,788 sec
C:\WINDOWS\system32\wbem\wbemess.dll Start: 203,035 sec
C:\WINDOWS\system32\apphelp.dll Start: 205,2 sec
C:\WINDOWS\system32\ipnathlp.dll Start: 207,512 sec
C:\WINDOWS\system32\authz.dll Start: 208,215 sec
C:\WINDOWS\system32\unimdm.tsp Start: 209,434 sec
C:\WINDOWS\system32\uniplat.dll Start: 210,284 sec
C:\WINDOWS\system32\unimdmat.dll Start: 211,523 sec
C:\WINDOWS\system32\modemui.dll Start: 213,516 sec
C:\WINDOWS\system32\kmddsp.tsp Start: 214,787 sec
C:\WINDOWS\system32\ndptsp.tsp Start: 215,746 sec
C:\WINDOWS\system32\ipconf.tsp Start: 216,996 sec
C:\WINDOWS\system32\h323.tsp Start: 217,613 sec
C:\WINDOWS\system32\hidphone.tsp Start: 219,571 sec
C:\WINDOWS\system32\hid.dll Start: 220,777 sec
C:\WINDOWS\system32\wuapi.dll Start: 221,417 sec
C:\WINDOWS\system32\wups.dll Start: 223,871 sec
C:\WINDOWS\system32\upnp.dll Start: 227,303 sec
C:\WINDOWS\system32\ssdpapi.dll Start: 228,447 sec
C:\WINDOWS\system32\wbem\ncprov.dll Start: 231,05 sec
C:\WINDOWS\system32\wbem\wbemcons.dll Start: 234,26 sec
C:\WINDOWS\system32\netcfgx.dll Start: 237,035 sec
C:\WINDOWS\system32\wups2.dll Start: 238,288 sec
C:\WINDOWS\system32\rasmans.dll Start: 240,407 sec
C:\WINDOWS\system32\winipsec.dll Start: 241,407 sec
C:\WINDOWS\system32\rastapi.dll Start: 253,135 sec
C:\WINDOWS\system32\unimdm.tsp Start: 254,216 sec
C:\WINDOWS\system32\uniplat.dll Start: 254,574 sec
C:\WINDOWS\system32\unimdmat.dll Start: 254,788 sec
C:\WINDOWS\system32\modemui.dll Start: 254,799 sec
C:\WINDOWS\system32\kmddsp.tsp Start: 254,84 sec
C:\WINDOWS\system32\ndptsp.tsp Start: 254,843 sec
C:\WINDOWS\system32\ipconf.tsp Start: 254,847 sec
C:\WINDOWS\system32\h323.tsp Start: 254,85 sec
C:\WINDOWS\system32\hidphone.tsp Start: 254,852 sec
C:\WINDOWS\system32\hid.dll Start: 254,852 sec
C:\WINDOWS\system32\rasppp.dll Start: 255,087 sec
C:\WINDOWS\system32\ntlsapi.dll Start: 257,124 sec
C:\WINDOWS\system32\kerberos.dll Start: 257,991 sec
C:\WINDOWS\system32\rasqec.dll Start: 259,281 sec
C:\WINDOWS\system32\msxml3.dll Start: 286,248 sec
C:\WINDOWS\system32\rasadhlp.dll Start: 374,691 sec
C:\WINDOWS\system32\wuapi.dll Start: 374,701 sec
C:\WINDOWS\system32\mlang.dll Start: 375,873 sec
C:\WINDOWS\system32\wbem\wbemprox.dll Start: 378,68 sec
C:\WINDOWS\system32\wups.dll Start: 379,782 sec
C:\WINDOWS\system32\xmlprovi.dll Start: 381,216 sec
C:\WINDOWS\system32\mlang.dll Start: 516,933 sec
C:\WINDOWS\system32\xmlprovi.dll Start: 516,98 sec
         

Geändert von TimdZ (07.10.2012 um 19:10 Uhr) Grund: update

Alt 07.10.2012, 20:15   #38
schrauber
/// the machine
/// TB-Ausbilder
 

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Wie gehtst Du online?

Zieh mal bitte LAN oder WLAN, ausschalten und alles was so netzwerktechnisch eingestellt wurde. Dann rebooten. Schneller?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.10.2012, 20:48   #39
TimdZ
 
EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Trennung vom LAN und Reboot beschleunigt den Bootvorgang leider auch nicht.

Seltsam: nach fast jedem Reboot und Öffnen des Firefox stellt das System neuerdings fest, dass FF nicht der Standardbrowser sei un dob ich ihn dazu machen wolle. Dies bejahe ich stets. Nach Neustart kann es allerdings sein, dass er wieder fragt...

Auch versucht das System beim Booten schon immer ein WLAN-Netz zu suchen. Das war früher nicht so und WLAN wurde wenn, dann ausschließlich durch mich manuell gestartet.

Alt 07.10.2012, 20:50   #40
schrauber
/// the machine
/// TB-Ausbilder
 

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Deaktiviere mal den WLAN Treiber. Systemsteuerung > Netzerkumgebung

WLAN integriert oder mit Stick?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.10.2012, 21:14   #41
TimdZ
 
EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Werde das WLAN (integriert) mal deaktivieren.

Noch so ein Nebenbefund: habe gerade 626 MB-Datei von Desktop auf Partition D:\ (physisch dieselbe Festplatte) kopiert. Das dauerte 10 min. Kopieren von D:\ via LAN auf Netzlaufwerk ging schneller...

Werde morgen erneut berichten (wegen WLAN-Deaktiv.)
Du weißt ja: Neustart dauert 15-20 min.

Alt 08.10.2012, 06:18   #42
schrauber
/// the machine
/// TB-Ausbilder
 

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



alles klar
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.10.2012, 19:19   #43
TimdZ
 
EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Hallo schrauber,

das brachte wohl leider auch nichts.
Habe den Rechner aus dem StandyBy gestartet (scheue mittlerweile die 20minütige Prozedur) und alleine das dauerte ca. 8 min.

Meinst Du, es hat etwas mit den Fehlermeldungen zu tun, die das OTL Extras.Log zeigt?

Meinst Du, es gibt noch Hoffung für das System ohne es neu aufzusetzen?

Viele Grüße
Tim

Alt 08.10.2012, 19:27   #44
schrauber
/// the machine
/// TB-Ausbilder
 

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Sind halt etliche Datenbankfehler. Nutzt Du SQL für irgendwas?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.10.2012, 19:53   #45
TimdZ
 
EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Standard

EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2



Dass ich SQL nutzen würde, wäre mir nicht bekannt.
Habe zwar ein Bildverwaltungsprogramm installiert (iMatch), weiß aber nicht genau, ob das auf SQL basiert. Ansonsten wüßte ich nicht, wozu ich auf SQL zurückgreifen würde...

Antwort

Themen zu EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2
.dll, acer, avg, bildschirm, dateien, desktop, dllhost.exe, e-banking, einstellungen, erste mal, explorer.exe, lsass.exe, microsoft, modul, namen, programm, programme, prozesse, registry, schwarzer bildschirm, service.exe, services.exe, svchost.exe, system, system volume information, warnung, windows, winlogon.exe, überfragt




Ähnliche Themen: EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2


  1. Malwarescan findet CVE 2012-1723.A1
    Log-Analyse und Auswertung - 03.06.2014 (3)
  2. Exp/cve-2012-1723.a.5273
    Plagegeister aller Art und deren Bekämpfung - 10.10.2013 (6)
  3. Kaspersky findet 2 trojanische Programme (Windows 7): HEUR:Exploit.Java.CVE-2012-1723.gen und Exploit.Java.CVE-2012-1723.nh
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (14)
  4. Win 7/ Avira Fund Enthält EXP/CVE-2012-1723.B.Gen
    Log-Analyse und Auswertung - 05.08.2013 (7)
  5. Exp/cve-2012-1723.a1
    Plagegeister aller Art und deren Bekämpfung - 18.07.2013 (13)
  6. Exp/cve-2012-1723.pb
    Plagegeister aller Art und deren Bekämpfung - 11.07.2013 (9)
  7. Exp/cve-2012-1723.a1
    Plagegeister aller Art und deren Bekämpfung - 05.07.2013 (28)
  8. Exploit Java CVE-2012-1723
    Plagegeister aller Art und deren Bekämpfung - 20.03.2013 (13)
  9. HEUR:Exploit.Java.CVE-2012-1723.gen
    Log-Analyse und Auswertung - 18.03.2013 (1)
  10. EXP/CVE-2012-1723.A.3417, *.3228 und EXP/CVE20121723.BZJ
    Log-Analyse und Auswertung - 11.03.2013 (15)
  11. EXP/2012-1723.FY.1, EXP/2012-1723.FX.1 gefunden, was tun?
    Plagegeister aller Art und deren Bekämpfung - 20.12.2012 (3)
  12. EXP/CVE-2012-1723.BU Wie werd ich das wieder los?
    Plagegeister aller Art und deren Bekämpfung - 02.10.2012 (1)
  13. Exploit exp/cve-2012-1723.A13 mit AVIRA gelöscht?
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (2)
  14. EXP/2012-1723 und weitere Trojaner
    Plagegeister aller Art und deren Bekämpfung - 17.09.2012 (3)
  15. Virus EXP/CVE-2012-1723.A.110
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (7)
  16. Exp/cve-2012-1723.br
    Plagegeister aller Art und deren Bekämpfung - 28.08.2012 (10)
  17. Avira findet EXP/CVE-2012-1723.A28
    Log-Analyse und Auswertung - 10.08.2012 (5)

Zum Thema EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 - Schade...das war's leider auch nicht... Bin nun bei 20 min. Bootzeit. Gibt es eigentlich einen Bootscanner, der aufzeichnet, was da geschieht? Wäre es sinnvoll, mal die Festplatte zu prüfen? Das - EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2...
Archiv
Du betrachtest: EXP/CVE-2012-1723.A.300 und EXP/2012-1723.FO.2 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.