|
Plagegeister aller Art und deren Bekämpfung: Wieder CahtZumWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
10.10.2012, 22:13 | #1 |
| Wieder CahtZum Hallo, ich habe mich heute hier angemeldet, da ich ebenfalls seit ein paar Tagen Probleme damit habe. Aus anderen Beiträgen hab ich schon mitbekommen, daß das von Softonic kommt, wobei ich da schon seit Monaten nichts mehr gemacht habe. Und ja, ich werde da schön die Finger davon lassen. Wie soll ich nun vorgehen? Noch etwas, ich bin da absolut doof, wenn es um sochle Dinge geht, hab da keine Ahnung, hoffe, ihr könnt mir trotzdem helfen. Tina |
11.10.2012, 14:08 | #2 |
/// TB-Ausbilder | Wieder CahtZumMein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Schritt 1 Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop (falls noch nicht vorhanden).
Code:
ATTFilter activex netsvcs msconfig drivers32 safebootminimal safebootnetwork CREATERESTOREPOINT
Schritt 2 Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung. Schritt 3 Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit. Schritt 4 Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
11.10.2012, 17:42 | #3 |
| Wieder CahtZum Hallo Matthias,
__________________vielen Dank für Deine nette Antwort und die Unterstützung. Ich hoffe wirklich, daß ich es schaffe. Ich warte aber noch etwas, will bei ebay noch was steigern und habe Bedenken, daß ich es dann verpasse, bzw. die Ersteigerung nicht klappt. Tina |
11.10.2012, 18:39 | #4 |
/// TB-Ausbilder | Wieder CahtZum Servus, dann warte ich auf deine Antwort mit den Logdateien, um die ich gebeten habe. |
11.10.2012, 22:12 | #5 |
| Wieder CahtZum Hier OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 11.10.2012 22:57:36 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Bereinigung Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 65,10% Memory free 6,84 Gb Paging File | 5,47 Gb Available in Paging File | 80,02% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 465,76 Gb Total Space | 287,81 Gb Free Space | 61,79% Space Free | Partition Type: NTFS Drive D: | 596,16 Gb Total Space | 399,23 Gb Free Space | 66,97% Space Free | Partition Type: NTFS Computer Name: MOTIONSIGN | User Name: Hartmann | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.11 22:51:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Bereinigung\OTL.exe PRC - [2012.09.08 01:53:07 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2012.09.04 04:38:13 | 000,947,808 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe PRC - [2012.09.04 04:37:54 | 000,722,528 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe PRC - [2012.05.29 08:32:03 | 001,823,184 | ---- | M] (iMesh, Inc) -- C:\Programme\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe PRC - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe PRC - [2012.01.18 18:36:46 | 001,452,680 | ---- | M] (SPAMfighter ApS) -- C:\Programme\Fighters\Tray\FightersTray.exe PRC - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe PRC - [2010.10.10 19:15:46 | 001,265,664 | ---- | M] (www.bid-o-matic.org) -- C:\Programme\Biet-O-Matic\Biet-O-Matic.exe PRC - [2010.03.03 19:39:40 | 002,598,760 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProTray.exe PRC - [2010.03.03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProSvc.exe PRC - [2010.02.11 02:34:14 | 001,964,528 | ---- | M] (Symantec) -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2001.09.21 14:50:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\Gtwatch.exe PRC - [2001.07.09 15:38:10 | 000,356,352 | ---- | M] (Common Group) -- C:\WINDOWS\twain_32\A12U16KD\WATCH.exe ========== Modules (No Company Name) ========== MOD - [2012.10.09 17:39:51 | 009,814,968 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll MOD - [2012.09.08 01:53:06 | 002,244,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2012.09.04 04:38:13 | 000,947,808 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe MOD - [2012.09.04 04:37:58 | 000,564,832 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll MOD - [2012.09.04 04:37:55 | 000,132,704 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll MOD - [2012.09.04 04:37:54 | 000,722,528 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe MOD - [2012.07.27 22:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU MOD - [2012.06.14 08:54:23 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll MOD - [2012.06.14 08:50:09 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll MOD - [2012.06.14 08:49:13 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012.06.14 08:49:02 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012.05.12 18:22:05 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012.05.12 18:21:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe MOD - [2011.04.25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll MOD - [2011.04.25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll MOD - [2011.04.25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll MOD - [2011.04.25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll MOD - [2011.04.25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll MOD - [2011.04.25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll MOD - [2011.04.20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll MOD - [2010.04.24 23:30:41 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll MOD - [2010.02.11 02:34:38 | 001,727,472 | ---- | M] () -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapProviderXP.dll MOD - [2005.01.06 18:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll MOD - [2004.09.14 19:44:12 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxbxPP5C.DLL MOD - [2002.10.30 09:58:36 | 000,143,360 | ---- | M] () -- C:\WINDOWS\twain_32\A12U16KD\A2dSpi.dll MOD - [2001.12.06 20:55:18 | 000,135,168 | ---- | M] () -- C:\WINDOWS\system32\A2dusd.dll MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll MOD - [2001.09.21 14:50:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\Gtwatch.exe ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - File not found [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2012.10.09 17:39:52 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.08 01:53:07 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.09.04 04:37:54 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer) SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP) SRV - [2010.03.03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost) SRV - [2010.02.12 07:09:06 | 001,574,408 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service) SRV - [2010.02.11 02:34:14 | 001,964,528 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe -- (SymSnapService) SRV - [2007.09.26 10:53:56 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate) SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005.01.07 00:41:22 | 000,462,848 | ---- | M] (Lexmark International, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\lxbxcoms.exe -- (lxbx_device) SRV - [2004.10.22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install) DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\FTD2XX.sys -- (FTD2XX) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avfsfilter.sys -- (AVFSFilter) DRV - [2012.09.04 04:37:56 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012.07.08 22:52:59 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc) DRV - [2012.07.08 22:52:59 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt) DRV - [2012.03.01 14:51:11 | 000,565,552 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2012.01.18 15:55:56 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio) DRV - [2012.01.18 15:55:54 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio) DRV - [2011.08.10 16:39:48 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc3d.sys -- (dc3d) DRV - [2011.06.28 13:15:20 | 006,363,752 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2011.03.22 09:58:42 | 000,065,136 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c) DRV - [2011.03.10 19:34:46 | 000,034,608 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2011.03.04 14:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2011.03.04 14:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (KL1) DRV - [2010.03.03 19:59:22 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr) DRV - [2010.02.12 07:10:12 | 000,057,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GenericMount.sys -- (GenericMount) DRV - [2010.02.11 02:34:46 | 000,138,592 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\symsnap.sys -- (symsnap) DRV - [2009.11.18 01:17:00 | 001,395,800 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009.11.18 01:16:00 | 001,691,480 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009.11.02 21:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009.09.21 20:40:14 | 000,015,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys -- (VProEventMonitor) DRV - [2009.09.17 15:12:32 | 000,093,920 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt ) [Driver] [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SleeN17.sys -- (SLEE_17_DRIVER) DRV - [2009.01.04 15:25:08 | 000,017,408 | ---- | M] (PassMark Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PMUSB.sys -- (PMUSB2G) DRV - [2008.12.02 00:13:40 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2008.11.25 02:35:54 | 000,211,496 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Si3114r5.sys -- (Si3114r5) DRV - [2008.11.25 02:35:54 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter) DRV - [2008.11.25 02:35:54 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiRemFil.sys -- (SiRemFil) DRV - [2008.07.10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0102.sys -- (RsFx0102) DRV - [2008.05.16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) DRV - [2008.05.16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) DRV - [2008.05.16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl) DRV - [2008.05.16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm) DRV - [2008.05.16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) DRV - [2008.05.16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex) DRV - [2008.05.16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) DRV - [2008.02.13 13:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207) DRV - [2008.01.14 17:29:17 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k) DRV - [2007.12.06 10:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2006.09.02 17:09:52 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt) DRV - [2006.09.02 16:36:20 | 000,004,608 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd) DRV - [2006.09.02 15:49:55 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2006.07.24 04:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k) DRV - [2006.07.24 04:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp) DRV - [2005.05.17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2005.05.16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2005.02.09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI) DRV - [2005.01.10 11:45:56 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K) DRV - [2004.12.07 10:15:54 | 000,087,936 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus) DRV - [2004.12.01 14:40:08 | 002,300,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2004.11.24 11:42:48 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2004.11.24 11:42:46 | 000,033,408 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2004.10.21 05:39:44 | 000,035,840 | R--- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004.07.14 12:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock) DRV - [2004.04.26 08:10:00 | 000,038,081 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK) DRV - [2004.04.26 08:09:52 | 000,054,657 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou) DRV - [2004.04.26 08:09:42 | 000,071,405 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2004.04.26 08:09:24 | 000,024,605 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe) DRV - [2003.05.14 14:42:56 | 000,021,216 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2003.05.14 14:42:50 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2003.05.14 14:42:48 | 000,005,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2003.05.14 14:42:44 | 000,044,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2003.03.25 10:55:04 | 000,027,136 | R--- | M] (Mobile Action Tech. Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ma-620.sys -- (MA-620) DRV - [2002.10.21 11:37:16 | 000,515,803 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Ca533av.sys -- (Ca533av) DRV - [2002.07.25 11:19:48 | 000,010,986 | ---- | M] (USB BULK) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Bulk533.sys -- (USBCamera) DRV - [2002.05.31 10:35:02 | 000,076,976 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pnp680r.sys -- (Pnp680r) DRV - [2001.11.08 08:53:54 | 000,018,120 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x) DRV - [2001.08.17 13:49:38 | 000,009,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ativmdcd.sys -- (MVDCODEC) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0504817B-F19C-4569-BF5F-14CA6DE4EFF1} IE - HKLM\..\SearchScopes\{0504817B-F19C-4569-BF5F-14CA6DE4EFF1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1 IE - HKU\.DEFAULT\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={D9D526D9-B0A4-4083-9E0C-A1AE4BD1A28B}&mid=6e5fa980559247d1884bd1584f327592-06ce4fc639803a2e3563922518183d8e94088cb9&lang=de&ds=tt014&pr=sa&d=2012-03-01 12:18:12&v=12.2.5.32&sap=dsp&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={D9D526D9-B0A4-4083-9E0C-A1AE4BD1A28B}&mid=6e5fa980559247d1884bd1584f327592-06ce4fc639803a2e3563922518183d8e94088cb9&lang=de&ds=tt014&pr=sa&d=2012-03-01 12:18:12&v=12.2.5.32&sap=dsp&q={searchTerms} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Wirtschaft: Wirtschaftsnachrichten von t-online.de/wirtschaft IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{04324A13-C562-44B5-98C3-CB910B1B550C}: "URL" = hxxp://search.chatzum.com/?q={searchTerms} IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{0504817B-F19C-4569-BF5F-14CA6DE4EFF1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109980&tt=290312_bexdll&babsrc=SP_ss&mntrId=209027f10000000000005404a6d4fa58 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{131B38B1-CC5B-4A32-9914-62E0ED1FC19C}: "URL" = [String data over 1000 bytes] IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{342032E5-348C-48BE-BFB2-D336898928C9}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{3AA0DE0F-6691-4E93-A74E-D0A366421803}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{3D20C55B-1C6F-44BB-8B64-6EB4DA52524C}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{65B27F1C-B3AA-42A9-82CF-FF5ED3FED24F}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={D9D526D9-B0A4-4083-9E0C-A1AE4BD1A28B}&mid=6e5fa980559247d1884bd1584f327592-06ce4fc639803a2e3563922518183d8e94088cb9&lang=de&ds=tt014&pr=sa&d=2012-03-01 12:18:12&v=12.2.5.32&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://search.chatzum.com/?q={SearchTerms} IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{9F3786B8-EF7C-407E-AF2C-B49DAA6A0D1E}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = hxxp://search.iminent.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E696D696E656E742E636F6D2F3F61707049643D267265663D746F6F6C626F7826713D7B7365617263685465726D737D&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{D6481E63-37A6-44EA-802B-2BC182D0D96E}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost ========== FireFox ========== FF - prefs.js..CT2319825.browser.search.defaultthis.engineName: true FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.defaultthis.engineName: "4shared.com Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-ffpro" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "searchsafer.com" FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.1.9 FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00 FF - prefs.js..extensions.enabledAddons: {ADFA33FD-16F5-4355-8504-DF4D664CFE83}:1.0.16 FF - prefs.js..extensions.enabledAddons: avg@toolbar:11.1.0.12 FF - prefs.js..extensions.enabledAddons: toolbar@web.de:2.3.3 FF - prefs.js..extensions.enabledAddons: {40c3cc16-7269-4b32-9531-17f2950fb06f}:10.10.27.6 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463 FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.7.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.3 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3 FF - prefs.js..keyword.URL: "hxxp://utils.chatzum.com/?url=" FF - prefs.js..network.proxy.type: 0 FF - user.js..browser.startup.homepage: "hxxp://www.google.com/" FF - user.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=" FF - user.js..browser.search.selectedEngine: "Google" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.08.30 19:24:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\linkfilter@kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.08.30 19:24:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\KavAntiBanner@Kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.08.30 19:24:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.09.08 01:53:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.09.08 01:52:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Programme\PriceGong\2.1.0\FF [2010.08.27 22:48:30 | 000,000,000 | ---D | M] [2012.06.01 19:20:47 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions [2008.11.13 03:04:29 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2012.10.11 14:27:37 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions [2012.08.22 13:56:32 | 000,000,000 | ---D | M] (4shared.com Community Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} [2010.05.13 03:16:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.08.23 03:04:37 | 000,000,000 | ---D | M] (Winload) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} [2012.05.19 02:09:13 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2011.10.09 19:46:34 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012.07.26 12:46:10 | 000,000,000 | ---D | M] (ChatZum Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83} [2012.02.29 21:46:43 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} [2011.12.23 19:32:32 | 000,000,000 | ---D | M] (DealPly) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2012.07.10 10:13:03 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\avg@toolbar [2011.12.23 19:32:17 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\ffxtlbr@babylon.com [2012.10.02 23:11:56 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\foxmarks@kei.com [2012.03.01 14:22:25 | 000,000,000 | ---D | M] (Yontoo) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\plugin@yontoo.com [2012.10.11 14:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\staged [2012.01.11 08:43:12 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\toolbar@ask.com [2012.10.11 01:27:04 | 000,565,762 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\toolbar@web.de.xpi [2012.10.11 01:27:10 | 000,000,911 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\11-suche.xml [2012.03.30 00:24:50 | 000,001,086 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\ask.xml [2012.03.30 00:24:50 | 000,002,691 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\askcom.xml [2012.03.30 22:00:10 | 000,000,937 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\conduit.xml [2012.10.11 01:27:10 | 000,002,273 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\englische-ergebnisse.xml [2012.10.11 01:27:10 | 000,010,563 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\gmx-suche.xml [2012.03.30 00:24:50 | 000,002,492 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\google-und-download-suche.xml [2012.10.11 01:27:10 | 000,002,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\lastminute.xml [2012.06.19 21:47:55 | 000,000,641 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\search-web.xml [2011.10.09 19:46:30 | 000,002,520 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\SearchResults.xml [2012.03.30 00:24:50 | 000,002,420 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\SearchTheWeb.xml [2012.06.01 19:20:40 | 000,002,515 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\Search_Results.xml [2012.10.11 01:27:10 | 000,005,545 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\webde-suche.xml [2012.03.30 00:24:51 | 000,001,872 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{044BA39C-AD89-4B4C-B2B0-3517499C48F2}.xml [2012.03.30 00:24:52 | 000,002,079 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{06A29687-A639-4360-9088-A404C00556D1}.xml [2012.03.30 00:24:52 | 000,002,190 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{A75239EF-069B-40AF-831D-CEA4E5C16540}.xml [2012.09.08 01:52:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.09.08 01:52:55 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012.09.08 01:52:53 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012.09.08 01:52:54 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012.09.08 01:52:54 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com [2012.09.08 01:53:07 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2011.04.02 14:36:35 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2012.06.20 22:33:33 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.04 04:38:13 | 000,003,771 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml [2012.03.31 20:36:08 | 000,002,353 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml [2012.09.02 00:55:20 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.06.20 22:33:33 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.06.20 22:33:33 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.09 19:46:30 | 000,002,520 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\SearchResults.xml [2012.03.30 00:24:50 | 000,002,314 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\SearchTheWeb.xml [2012.06.01 19:20:40 | 000,002,515 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml [2012.06.20 22:33:33 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.20 22:33:33 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: Search CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn\1.0.0_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\4.43.0_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.6_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\ O1 HOSTS File: ([2009.10.10 13:27:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.) O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - c:\Programme\IMinent Toolbar\tbcore3.dll () O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll () O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - c:\Programme\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent) O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Programme\DealPly\DealPlyIE.dll (DealPly Technologies Ltd) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.) O2 - BHO: (DataMngr) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\Programme\iMesh Applications\MediaBar\Datamngr\BrowserConnection.dll (iMesh, Inc) O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Programme\Softonic\Softonic\1.5.24.3\bh\Softonic.dll (Softonic.com) O2 - BHO: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWis0.dll (Conduit Ltd.) O2 - BHO: (XBTBPos00 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programme\ChatZum Toolbar\tbunsj4D.tmp\tbcore3.dll () O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (ChatZum Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Programme\ChatZum Toolbar\tbunsj4D.tmp\tbcore3.dll () O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programme\Softonic\Softonic\1.5.24.3\SoftonicTlbr.dll (Softonic.com) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - c:\Programme\IMinent Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWis0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\Toolbar\WebBrowser: (WiseConvert Toolbar) - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - C:\Programme\WiseConvert\prxtbWis0.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [CommonToolkitTray] c:\Programme\Fighters\Tray\FightersTray.exe (SPAMfighter ApS) O4 - HKLM..\Run: [DATAMNGR] C:\Programme\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc) O4 - HKLM..\Run: [Gtwatch] C:\WINDOWS\Gtwatch.exe () O4 - HKLM..\Run: [HF_G_Jul] C:\Programme\AVG Secure Search\HF_G_Jul.exe () O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.) O4 - HKLM..\Run: [Norton Ghost 15.0] C:\Programme\Norton Ghost\Agent\VProTray.exe (Symantec Corporation) O4 - HKLM..\Run: [Ocs_SM] C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe (OCS) O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Programme\AVG Secure Search\ROC_ROC_JULY_P1.exe () O4 - HKLM..\Run: [vProt] C:\Programme\AVG Secure Search\vprot.exe () O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Watch.lnk = C:\WINDOWS\twain_32\A12U16KD\WATCH.exe (Common Group) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 351 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm () O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6ADAB9D3-1DB3-49B2-89FC-F454CD73AD07}: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FC1575C-73E5-4A35-B75A-769B11439EBC}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll () O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Programme\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc) O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Programme\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.10.29 14:53:12 | 000,000,087 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell - "" = AutoRun O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell - "" = AutoRun O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell\AutoRun\command - "" = G:\Startme.exe O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell - "" = AutoRun O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\Auto\command - "" = G:\sxs.exe O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell\AutoRun\command - "" = E:\camera.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: Microsoft Base Smart Card Crypto Provider Package - NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Watch.lnk - Reg Error: Value error. - File not found MsConfig - StartUpReg: 1und1Dispatcher - hkey= - key= - C:\Programme\1und1Softwareaktualisierung\SchedDispatcher.exe (1&1 Mail & Media GmbH) MsConfig - StartUpReg: Acronis Scheduler2 Service - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: AcronisTimounterMonitor - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: ApnUpdater - hkey= - key= - c:\Programme\Ask.com\Updater\Updater.exe (Ask) MsConfig - StartUpReg: avast - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: CommonToolkitTray - hkey= - key= - C:\Programme\Fighters\Tray\FightersTray.exe (SPAMfighter ApS) MsConfig - StartUpReg: DATAMNGR - hkey= - key= - C:\Programme\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc) MsConfig - StartUpReg: FreePDF Assistant - hkey= - key= - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) MsConfig - StartUpReg: Gtwatch - hkey= - key= - C:\WINDOWS\Gtwatch.exe () MsConfig - StartUpReg: Iminent - hkey= - key= - c:\Programme\Iminent\Iminent.exe (Iminent) MsConfig - StartUpReg: IminentMessenger - hkey= - key= - c:\Programme\Iminent\Iminent.Messengers.exe (Iminent) MsConfig - StartUpReg: itype - hkey= - key= - C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) MsConfig - StartUpReg: LDM - hkey= - key= - C:\Programme\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe () MsConfig - StartUpReg: Logitech Hardware Abstraction Layer - hkey= - key= - C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.) MsConfig - StartUpReg: MMTray - hkey= - key= - C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (MUSICMATCH, Inc.) MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found MsConfig - StartUpReg: OM2_Monitor - hkey= - key= - C:\Programme\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.) MsConfig - StartUpReg: OM2_Monitor1 - hkey= - key= - C:\Programme\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.) MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: QuickTime Task1 - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: QuickTime Task2 - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: Sony Ericsson PC Companion - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: Sony PC Companion - hkey= - key= - C:\Programme\Sony\Sony PC Companion\PCCompanion.exe (Sony) MsConfig - StartUpReg: swg - hkey= - key= - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - StartUpReg: swg1 - hkey= - key= - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - StartUpReg: SWPROguard - hkey= - key= - File not found MsConfig - StartUpReg: TrueImageMonitor.exe - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: vProt - hkey= - key= - C:\Programme\AVG Secure Search\vprot.exe () MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS hxxp://hp.vector.co.jp/authors/VA012897/) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.MJPG - C:\WINDOWS\System32\mcmjpg32.dll (MainConcept) Drivers32: VIDC.SP54 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus) Drivers32: VIDC.SP55 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus) Drivers32: VIDC.SP56 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus) Drivers32: VIDC.SP57 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus) Drivers32: VIDC.SP58 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus) Drivers32: vidc.VP31 - C:\WINDOWS\System32\vp31vfw.dll (On2.com) Drivers32: vidc.XVID - C:\WINDOWS\System32\xvid.dll () SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.10.11 22:50:49 | 000,000,000 | ---D | C] -- C:\Bereinigung [2012.09.12 06:43:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype [2012.09.12 06:43:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype [2012.09.12 06:43:16 | 000,000,000 | R--D | C] -- C:\Programme\Skype [2006.12.16 13:34:39 | 000,024,192 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Hartmann\usbsermptxp.sys [2006.12.16 13:34:39 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Hartmann\usbsermpt.sys [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.11 23:03:00 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012.10.11 22:44:00 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.10.11 22:39:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.10.11 20:53:05 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Hartmann-Notification.job [2012.10.11 16:36:17 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2012.10.11 16:36:17 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2012.10.11 13:30:25 | 000,000,402 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{44BE5EBB-6A99-4DE1-B962-E148184E8A04}.job [2012.10.11 12:44:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.10.10 17:15:42 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Hartmann-Startup.job [2012.10.10 17:14:57 | 000,012,682 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.10.10 17:12:08 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job [2012.10.10 17:11:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.10.10 17:11:49 | 000,069,112 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2012.10.10 17:05:21 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.10.09 17:39:52 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.10.09 17:39:52 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.10.08 13:07:36 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX [2012.10.07 15:26:30 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012.09.12 23:27:07 | 000,039,936 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.09.12 06:43:17 | 000,001,872 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.11 16:36:17 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2012.10.11 16:36:17 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2012.09.12 06:43:17 | 000,001,872 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [2012.06.19 16:39:23 | 000,922,184 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe [2012.06.19 16:39:22 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys [2012.06.19 16:39:21 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys [2012.04.03 19:54:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI [2012.04.03 18:32:39 | 000,018,120 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\gt680x.sys [2012.03.30 22:54:46 | 000,117,035 | ---- | C] () -- C:\Programme\jquery.yoxview-2.21.zip [2012.03.30 22:12:11 | 007,558,447 | ---- | C] () -- C:\Programme\aemf20.exe [2012.03.29 21:52:18 | 000,015,416 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2012.03.29 21:17:29 | 000,982,196 | R--- | C] () -- C:\WINDOWS\System32\igkrng500.bin [2012.03.29 21:17:29 | 000,417,344 | R--- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin [2012.03.29 21:16:21 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2012.03.28 16:22:51 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\A2dusd.dll [2012.03.28 14:44:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WATCH.INI [2012.03.28 14:20:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\Gtwatch.exe [2012.03.01 14:55:08 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db [2012.03.01 14:52:55 | 000,116,189 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2012.03.01 14:52:55 | 000,098,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2012.02.16 05:44:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.02.03 07:29:50 | 000,211,614 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2011.03.11 13:43:54 | 000,029,763 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat [2010.11.17 08:12:17 | 000,000,087 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\.octave_hist [2010.10.15 14:38:24 | 000,000,244 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\varicad-work.ini [2010.10.14 17:18:34 | 000,000,399 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini [2010.10.14 17:18:27 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini [2010.10.13 16:34:06 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010.04.28 00:14:16 | 000,038,347 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\dsc2099.jpg [2010.01.06 23:44:31 | 000,000,291 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\PropCalc Preferences [2008.09.27 01:47:18 | 000,278,016 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\mdbu.bin [2008.06.20 14:23:06 | 001,487,202 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\test [2007.08.03 23:47:14 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2007.04.25 23:08:24 | 000,093,209 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\mdb.bin [2006.12.16 13:34:39 | 000,007,195 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USBMOT2000.INF [2006.12.16 13:34:39 | 000,005,891 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USBMOT2000XP.INF [2006.12.16 13:34:39 | 000,005,877 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USB_CMCS_2000.INF [2006.10.06 12:39:40 | 000,104,990 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\wtge61ge.HST [2006.09.02 17:25:29 | 000,039,936 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006.09.02 16:46:03 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== ZeroAccess Check ========== [2006.09.02 16:45:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > HIer Extras:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 11.10.2012 22:57:36 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Bereinigung Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 65,10% Memory free 6,84 Gb Paging File | 5,47 Gb Available in Paging File | 80,02% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 465,76 Gb Total Space | 287,81 Gb Free Space | 61,79% Space Free | Partition Type: NTFS Drive D: | 596,16 Gb Total Space | 399,23 Gb Free Space | 66,97% Space Free | Partition Type: NTFS Computer Name: MOTIONSIGN | User Name: Hartmann | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung "80:TCP" = 80:TCP:*:Disabled:Windows-Remoteverwaltung - Kompatibilitätsmodus (HTTP eingehend) ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Programme\IPACS\easyFly\easyfly.exe" = C:\Programme\IPACS\easyFly\easyfly.exe:*:Enabled:easyfly -- (IPACS) "C:\Programme\Pinnacle\Studio 10\programs\RM.exe" = C:\Programme\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems, Inc.) "C:\Programme\Pinnacle\Studio 10\programs\Studio.exe" = C:\Programme\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems) "C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe:*:Enabled:Installationsprogramm für Kaspersky Internet Security 2009 -- (Kaspersky Lab) "C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen -- (Microsoft Corporation) "C:\Programme\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" = C:\Programme\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Disabled:backWeb-8876480 -- () "C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.) "C:\Programme\Iminent\Iminent.exe" = C:\Programme\Iminent\Iminent.exe:*:Enabled:Iminent Firewall Rule -- (Iminent) "C:\Programme\Iminent\Iminent.Messengers.exe" = C:\Programme\Iminent\Iminent.Messengers.exe:*:Enabled:Iminent.Messengers Firewall Rule -- (Iminent) "C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- () "C:\Ubisoft\Silent Hunter 5\sh5.exe" = C:\Ubisoft\Silent Hunter 5\sh5.exe:*:Enabled:Silent Hunter 5 -- (Ubisoft) "E:\DVD-Start.exe" = E:\DVD-Start.exe:*:Enabled:Schnellstart-DVD "C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\C06YGF3E\cimatron_e10_german_downloader_142[1].exe" = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\C06YGF3E\cimatron_e10_german_downloader_142[1].exe:*:Enabled:ExpressFilesInstaller "C:\Programme\ExpressFiles\ExpressFiles.exe" = C:\Programme\ExpressFiles\ExpressFiles.exe:*:Enabled:ExpressFiles "C:\Programme\ExpressFiles\ExpressDL.exe" = C:\Programme\ExpressFiles\ExpressDL.exe:*:Enabled:ExpressFilesDL "C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- () "C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator 0.8.0 "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0153A77C-A981-4A1F-BAA9-16A80FBC358A}" = Full Spectrum Warrior "{03CDDD00-BD57-4326-9480-4C74449AF597}" = PhotoStitch "{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn "{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC "{095659A2-739F-4D9A-A916-66C7CAD16F9E}" = Canon Camera WIA Driver "{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu "{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12 "{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday "{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1" = KompoZer 0.8b3 "{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2 "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24 "{295EAB46-0541-497E-9520-83E5CCCDA2AC}" = CADsymbols "{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt "{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint "{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English) "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types "{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1" = MiniTool Partition Wizard Home Edition 7.1 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35B8CC58-F128-4169-82EB-0E6CB0C3AFE6}" = ArcSoft PhotoImpression "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10 "{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore "{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg "{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox "{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2 "{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared "{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0 "{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files "{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser "{4BD8E034-E0F4-4509-A753-467A8E854CD8}" = Iminent "{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP "{51DDFE79-3B2B-4AC7-8CAD-803D7D0DF6DD}" = MySQL Server 6.0 "{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001 "{59CEACE1-2A1D-4CA7-908C-84CA8596E950}" = Cimatron E 6.0 Deutsche Benutzeroberfläche "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Camera Window "{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services "{5EF16AA8-597E-4779-AEF7-1589EA1A7EC4}" = Nokia 6230i Infrared-Handset Manager "{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA "{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}" = Roxio PhotoSuite 5 "{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink "{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package "{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids "{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch) "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7A506386-BF2E-4C8E-8BE7-751B028134D2}" = X1TLD-FB "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02 "{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS "{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday "{8CA071D3-A3DD-4EDD-A997-AFB178A181C7}" = DaViDeo ultimate "{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles "{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{8F714418-F3C3-3BF0-B548-E4BDA7AD41DE}" = Microsoft Visual Basic 2008 Express Edition with SP1 - DEU "{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger "{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui "{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime "{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III "{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2 "{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8 "{9E9DC77E-045B-4A28-990A-30CC4E1E8D80}" = SLOW-PCfighter "{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove "{A166CC47-2B02-427D-9619-58A935C66794}" = Tilgungsplaner Professional 9 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar "{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI (Studio 10) "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A979B2D8-E3EE-4523-A26C-4AF0A6809280}" = Sniper Elite "{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5 "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch "{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK "{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com "{B0255743-165B-4BD5-8DA8-37DFB9930015}" = Norton Ghost "{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0 "{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI "{B3282FB8-874B-4054-8356-9EB391A826F9}" = OLYMPUS muvee theaterPack "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services "{B651B3EC-1827-4CF5-8398-397B789E3151}" = File Viewer Utility 1.2.1 "{B7F98125-4955-41E3-8A71-4CE11CE9C198}" = KODAK Gallery Upload-Software "{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1205500-2179-11D7-B0B9-0000E24D4B29}" = Digital Camera "{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX "{C2490885-D566-405F-889B-670C6CF0F7F2}" = Steganos Live Encryption Engine 17 "{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU "{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU "{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam "{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client "{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CC4BBCBA-89F6-47C3-9B0F-5CE5BB1C316C}" = WEB.DE Toolbar MSVC100 CRT x86 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF6E4D8E-F6F3-40DF-B6C9-BA379F4E9FA3}" = RemoteCapture 2.7.1 "{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer "{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software "{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord "{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR "{DD066C5F-A5C6-4A2B-8A08-7E3395B72C24}" = CIG "{DEF2E5A3-0317-4822-B930-8B721EB483E4}" = ArcSoft VideoImpression 1.6 "{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips "{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}" = Lock On: Modern Air Combat "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID (Studio 10) "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.079 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}" = mobile PhoneTools "{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver "{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase "{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared "{F40A958E-AABD-4D6F-A0FB-4D78DC02BEEF}" = Cimatron E 6.0 "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK "{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS "{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch) "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock "{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files "1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung "1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE Toolbar für Internet Explorer "7-Zip" = 7-Zip 9.20 "Adobe Acrobat 4.0" = Adobe Acrobat 4.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop Elements 1.0" = Adobe Photoshop Elements "Advanced Effect Maker Free Edition_is1" = Advanced Effect Maker Free Edition Version 2 (With VAC 2.0 B1) "ATI Display Driver" = ATI Display Driver "AVG Secure Search" = AVG Security Toolbar "Avidemux 2.5" = Avidemux 2.5 "BabylonToolbar" = Babylon toolbar on IE "BattleStrike_ger" = Battle Strike "BearPaw 2400CS Plus v2.1" = BearPaw 2400CS Plus v2.1 "Biet-O-Matic v2.0.29" = Biet-O-Matic v2.0.29 "bs_thesiege_ger" = BattleStrike The Siege "BVSSOL_is1" = BVS Solitaire Sammlung version 4.0 "CamStudio" = CamStudio "CANONBJ_Deinstall_CNMCP61.DLL" = Canon PIXMA iP3000 "ChatZum Toolbar" = ChatZum Toolbar "Cucusoft Ultimate DVD Converter_is1" = Cucusoft Ultimate DVD Converter 7.15 "DealPly" = DealPly "DesktopIconAmazon" = Desktop Icon für Amazon "Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter 3.0 "easyFly" = easyFly "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint "Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox "Evrsoft First Page 2006_is1" = Evrsoft First Page 2006 "Excel" = Microsoft Excel 97 "FEMM_is1" = femm 4.2 09Nov2010 "FileZilla" = FileZilla (remove only) "FlightGear_is1" = FlightGear v1.0.0 "Foto-Mosaik_is1" = Foto-Mosaik 4.1.0 "Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.1 "Free FLV to AVI MP4 3GP WMV MP3 Converter_is1" = Free FLV to AVI MP4 3GP WMV MP3 Converter v2.2 "Free Video Converter_is1" = Free Video Converter V 3.0 "FreePDF_XP" = FreePDF XP (Remove only) "ftp-uploader" = ftp-uploader "GETrans" = GETrans 1.6 "Google Chrome" = Google Chrome "GPL Ghostscript 8.60" = GPL Ghostscript 8.60 "GPL Ghostscript Fonts" = GPL Ghostscript Fonts "Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 2.36 build 1181 "HDMI" = Intel(R) Graphics Media Accelerator Driver "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "IMBoosterARP" = Iminent "Inno Setup 5_is1" = Inno Setup Version 5.4.2 "InstallShield_{03CDDD00-BD57-4326-9480-4C74449AF597}" = Canon Utilities PhotoStitch 3.1 "InstallShield_{095659A2-739F-4D9A-A916-66C7CAD16F9E}" = Canon EOS 10D WIA-Treiber "InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "InstallShield_{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Canon Camera Window for ZoomBrowser EX "InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2 "InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles "InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III "InstallShield_{B651B3EC-1827-4CF5-8398-397B789E3151}" = Canon Utilities File Viewer Utility 1.2 "InstallShield_{CF6E4D8E-F6F3-40DF-B6C9-BA379F4E9FA3}" = Canon Utilities RemoteCapture 2.7 "InstallShield_{DD066C5F-A5C6-4A2B-8A08-7E3395B72C24}" = Canon Internet Library for ZoomBrowser EX "InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "Lexmark 7100 Series" = Lexmark 7100 Series "LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation) "MediaNavigation.CDLabelPrint" = CD-LabelPrint "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 "Microsoft Visual Basic 2008 Express Edition with SP1 - DEU" = Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU "Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package "Movies" = Movies "Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero OEM "NetObjects Fusion Essentials" = NetObjects Fusion Essentials "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA Drivers" = NVIDIA Drivers "Nvu_is1" = Nvu 1.0 "Outlook" = Microsoft Outlook 97 "phase5" = phase5 "PhotoRecord" = Canon PhotoRecord "Picasa 3" = Picasa 3 "PriceGong" = PriceGong 2.1.0 "Redirection Port Monitor" = RedMon - Redirection Port Monitor "Santa Claus in Trouble" = Santa Claus in Trouble "SearchAnonymizer" = SearchAnonymizer "Searchqu 414 MediaBar" = Windows Searchqu Toolbar "Sid Meier's Railroad Tycoon" = Sid Meier's Railroad Tycoon "SLOW-PCfighter" = SLOW-PCfighter "Softonic" = Softonic toolbar on IE "Sunplus CA533A" = Icatch(IV) Camera Driver "Switch" = Switch "Take ONE 4" = Take ONE 4 "The Royal Marines Commando_is1" = The Royal Marines Commando (1.0) "U-Boote: Schlacht im Mittelmeer" = U-Boote: Schlacht im Mittelmeer "Uninstall_is1" = Uninstall 1.0.0.1 "Update Engine" = Sony Ericsson Update Engine "VariCAD_20100828_DE" = VariCAD 2010-3.00 DE "VariCADViewer_20100828_DE" = VariCAD Viewer 2010-3.00 DE "Verbose" = Verbose Uninstall "VLC media player" = VLC media player 1.1.5 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Web Diashow_is1" = Web Diashow "Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.5 "WIC" = Windows Imaging Component "Wincore MediaBar" = Wincore MediaBar "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "Winload Toolbar" = Winload Toolbar "WinRAR archiver" = WinRAR "WiseConvert Toolbar" = WiseConvert Toolbar "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Word8.0" = Microsoft Word 97 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 08.10.2012 09:06:46 | Computer Name = MOTIONSIGN | Source = Windows Search Service | ID = 3013 Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\HARTMANN\EIGENE DATEIEN\EIGENE BILDER\OLYMPUS MASTER 2\2012\10\06\ERSATZTEIL.JPG> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error - 09.10.2012 10:23:26 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 09.10.2012 20:31:16 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 09.10.2012 20:32:54 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 09.10.2012 22:27:55 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 10.10.2012 07:51:22 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 10.10.2012 07:51:34 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 10.10.2012 19:26:55 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 11.10.2012 16:56:22 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung OTL.exe, Version 3.2.69.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 11.10.2012 16:56:28 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung OTL.exe, Version 3.2.69.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. [ OSession Events ] Error - 15.10.2010 20:11:32 | Computer Name = MOTIONSIGN | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1087 seconds with 720 seconds of active time. This session ended with a crash. Error - 22.04.2011 13:51:10 | Computer Name = MOTIONSIGN | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2643 seconds with 2160 seconds of active time. This session ended with a crash. [ System Events ] Error - 10.10.2012 11:02:34 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7009 Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows Search. Error - 10.10.2012 11:02:34 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 10.10.2012 11:03:01 | Computer Name = MOTIONSIGN | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1053" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error - 10.10.2012 11:03:01 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7009 Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows Search. Error - 10.10.2012 11:03:01 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 10.10.2012 11:05:01 | Computer Name = MOTIONSIGN | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1053" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error - 10.10.2012 11:05:02 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7009 Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows Search. Error - 10.10.2012 11:05:02 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 10.10.2012 11:14:34 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Acronis Scheduler2 Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error - 10.10.2012 11:14:34 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Icatch(IV) Video Camera Device" wurde aufgrund folgenden Fehlers nicht gestartet: %%1058 < End of report > Habe nun das aswmbr ausführen wollen. Da meldet mir kapersky, daß eine hohe Gefahr besteht (Risikoindex 100 %), 0% der Benutzer vertrauen dem Programm. Soll ich es dennoch ausführen? Tina |
12.10.2012, 18:34 | #6 |
/// TB-Ausbilder | Wieder CahtZum Servus, ja, bitte wie beschrieben ausführen und die Logdatei posten. Das Gleiche gilt für TDSSKiller. |
13.10.2012, 00:12 | #7 |
| Wieder CahtZum aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-10-13 00:06:19 ----------------------------- 00:06:19.968 OS Version: Windows 5.1.2600 Service Pack 3 00:06:19.968 Number of processors: 2 586 0x605 00:06:19.968 ComputerName: MOTIONSIGN UserName: Hartmann 00:06:22.421 Initialize success 00:13:52.906 AVAST engine defs: 12101202 00:14:11.031 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-f 00:14:11.031 Disk 0 Vendor: SAMSUNG_HD501LJ CR100-13 Size: 476940MB BusType: 3 00:14:11.031 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-17 00:14:11.031 Disk 1 Vendor: SAMSUNG_HD642JJ 1AA01118 Size: 610480MB BusType: 3 00:14:11.046 Disk 0 MBR read successfully 00:14:11.046 Disk 0 MBR scan 00:14:11.062 Disk 0 Windows XP default MBR code 00:14:11.062 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476937 MB offset 63 00:14:11.062 Disk 0 scanning sectors +976768065 00:14:11.140 Disk 0 scanning C:\WINDOWS\system32\drivers 00:14:25.500 Service scanning 00:14:33.093 Service KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys **LOCKED** 5 00:14:33.453 Service kl2 C:\WINDOWS\system32\DRIVERS\kl2.sys **LOCKED** 5 00:14:33.921 Service klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys **LOCKED** 5 00:14:33.937 Service klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys **LOCKED** 5 00:14:49.000 Modules scanning 00:14:54.546 Disk 0 trace - called modules: 00:14:54.562 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys atapi.sys pciide.sys PCIIDEX.SYS 00:14:54.562 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ac52ab8] 00:14:54.578 3 CLASSPNP.SYS[f7667fd7] -> nt!IofCallDriver -> \Device\00000081[0x8abbf9e8] 00:14:54.578 5 ACPI.sys[f75ad620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-f[0x8ac3cd98] 00:14:54.578 \Driver\atapi[0x8ac57d20] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> sfsync02.sys[0xf76388b4] 00:14:55.546 AVAST engine scan C:\WINDOWS 00:15:16.875 AVAST engine scan C:\WINDOWS\system32 00:19:44.781 AVAST engine scan C:\WINDOWS\system32\drivers 00:20:19.406 AVAST engine scan C:\Dokumente und Einstellungen\Hartmann 00:56:46.640 AVAST engine scan C:\Dokumente und Einstellungen\All Users 01:11:03.843 Scan finished successfully 01:11:23.140 Disk 0 MBR has been saved successfully to "C:\Bereinigung\MBR.dat" 01:11:23.140 The log file has been saved successfully to "C:\Bereinigung\aswMBR.txt" 01:13:09.0734 3608 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 01:13:09.0890 3608 ============================================================ 01:13:09.0890 3608 Current date / time: 2012/10/13 01:13:09.0890 01:13:09.0890 3608 SystemInfo: 01:13:09.0890 3608 01:13:09.0890 3608 OS Version: 5.1.2600 ServicePack: 3.0 01:13:09.0890 3608 Product type: Workstation 01:13:09.0890 3608 ComputerName: MOTIONSIGN 01:13:09.0890 3608 UserName: Hartmann 01:13:09.0890 3608 Windows directory: C:\WINDOWS 01:13:09.0890 3608 System windows directory: C:\WINDOWS 01:13:09.0890 3608 Processor architecture: Intel x86 01:13:09.0890 3608 Number of processors: 2 01:13:09.0890 3608 Page size: 0x1000 01:13:09.0890 3608 Boot type: Normal boot 01:13:09.0890 3608 ============================================================ 01:13:10.0968 3608 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 01:13:10.0984 3608 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 01:13:10.0984 3608 ============================================================ 01:13:10.0984 3608 \Device\Harddisk0\DR0: 01:13:10.0984 3608 MBR partitions: 01:13:10.0984 3608 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02 01:13:10.0984 3608 \Device\Harddisk1\DR1: 01:13:10.0984 3608 MBR partitions: 01:13:10.0984 3608 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852FC1 01:13:10.0984 3608 ============================================================ 01:13:11.0015 3608 C: <-> \Device\Harddisk0\DR0\Partition1 01:13:11.0031 3608 D: <-> \Device\Harddisk1\DR1\Partition1 01:13:11.0031 3608 ============================================================ 01:13:11.0031 3608 Initialize success 01:13:11.0031 3608 ============================================================ 01:13:19.0500 6096 ============================================================ 01:13:19.0500 6096 Scan started 01:13:19.0500 6096 Mode: Manual; 01:13:19.0500 6096 ============================================================ 01:13:21.0093 6096 ================ Scan system memory ======================== 01:13:21.0093 6096 System memory - ok 01:13:21.0093 6096 ================ Scan services ============================= 01:13:21.0218 6096 Abiosdsk - ok 01:13:21.0218 6096 abp480n5 - ok 01:13:21.0265 6096 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 01:13:21.0265 6096 ACPI - ok 01:13:21.0296 6096 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 01:13:21.0312 6096 ACPIEC - ok 01:13:21.0375 6096 AcrSch2Svc - ok 01:13:21.0453 6096 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 01:13:21.0468 6096 AdobeFlashPlayerUpdateSvc - ok 01:13:21.0468 6096 adpu160m - ok 01:13:21.0515 6096 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 01:13:21.0515 6096 aec - ok 01:13:21.0578 6096 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys 01:13:21.0578 6096 Afc - ok 01:13:21.0625 6096 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 01:13:21.0625 6096 AFD - ok 01:13:21.0625 6096 Aha154x - ok 01:13:21.0625 6096 aic78u2 - ok 01:13:21.0640 6096 aic78xx - ok 01:13:21.0718 6096 [ 4E0ACA5290B2966F24C45250A56C2DA1 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS 01:13:21.0750 6096 ALCXWDM - ok 01:13:21.0796 6096 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 01:13:21.0796 6096 Alerter - ok 01:13:21.0812 6096 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 01:13:21.0812 6096 ALG - ok 01:13:21.0828 6096 AliIde - ok 01:13:21.0906 6096 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys 01:13:21.0921 6096 Ambfilt - ok 01:13:22.0000 6096 [ E6A2299284013EC4DE3419481A62069F ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 01:13:22.0000 6096 AmdK8 - ok 01:13:22.0000 6096 amsint - ok 01:13:22.0015 6096 AppMgmt - ok 01:13:22.0015 6096 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 01:13:22.0015 6096 Arp1394 - ok 01:13:22.0062 6096 [ 875F9079CABEE679D34B49E466B61701 ] ASAPIW2K C:\WINDOWS\system32\Drivers\ASAPIW2K.sys 01:13:22.0062 6096 ASAPIW2K - ok 01:13:22.0062 6096 asc - ok 01:13:22.0062 6096 asc3350p - ok 01:13:22.0062 6096 asc3550 - ok 01:13:22.0109 6096 [ EB62FA6D7DA4E774E47D376E4D19CA5F ] Aspi32 C:\WINDOWS\system32\drivers\aspi32.sys 01:13:22.0125 6096 Aspi32 - ok 01:13:22.0234 6096 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 01:13:22.0250 6096 aspnet_state - ok 01:13:22.0281 6096 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 01:13:22.0281 6096 AsyncMac - ok 01:13:22.0312 6096 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 01:13:22.0312 6096 atapi - ok 01:13:22.0312 6096 Atdisk - ok 01:13:22.0359 6096 [ ECA673779ECD27D674953D692FE070F6 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 01:13:22.0375 6096 Ati HotKey Poller - ok 01:13:22.0421 6096 [ 1428C586BB318E1404575834E428ADDD ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe 01:13:22.0437 6096 ATI Smart - ok 01:13:22.0515 6096 [ 15B2FE76E2ECEB98C49ED52311A6F26F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 01:13:22.0562 6096 ati2mtag - ok 01:13:22.0593 6096 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 01:13:22.0593 6096 Atmarpc - ok 01:13:22.0625 6096 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 01:13:22.0625 6096 AudioSrv - ok 01:13:22.0656 6096 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 01:13:22.0656 6096 audstub - ok 01:13:22.0656 6096 AVFSFilter - ok 01:13:22.0687 6096 [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys 01:13:22.0687 6096 avgtp - ok 01:13:22.0765 6096 [ 2718DC27571BD1E37813F5759D2DC118 ] AVP C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe 01:13:22.0765 6096 AVP - ok 01:13:22.0796 6096 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 01:13:22.0796 6096 Beep - ok 01:13:22.0843 6096 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 01:13:22.0843 6096 BITS - ok 01:13:22.0875 6096 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 01:13:22.0875 6096 Browser - ok 01:13:22.0890 6096 btaudio - ok 01:13:22.0890 6096 BTDriver - ok 01:13:22.0890 6096 BTKRNL - ok 01:13:22.0906 6096 BTWDNDIS - ok 01:13:22.0906 6096 BTWUSB - ok 01:13:22.0937 6096 [ A8EAE8E358DE3A21E6EB54F4FC7F65EC ] Ca533av C:\WINDOWS\system32\Drivers\Ca533av.sys 01:13:22.0953 6096 Ca533av - ok 01:13:22.0953 6096 catchme - ok 01:13:22.0984 6096 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 01:13:22.0984 6096 cbidf2k - ok 01:13:23.0015 6096 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 01:13:23.0015 6096 CCDECODE - ok 01:13:23.0015 6096 cd20xrnt - ok 01:13:23.0062 6096 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 01:13:23.0062 6096 Cdaudio - ok 01:13:23.0062 6096 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 01:13:23.0062 6096 Cdfs - ok 01:13:23.0093 6096 [ BF79E659C506674C0497CC9C61F1A165 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys 01:13:23.0093 6096 Cdr4_xp - ok 01:13:23.0109 6096 [ 2C41CD49D82D5FD85C72D57B6CA25471 ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys 01:13:23.0109 6096 Cdralw2k - ok 01:13:23.0125 6096 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 01:13:23.0125 6096 Cdrom - ok 01:13:23.0125 6096 Changer - ok 01:13:23.0171 6096 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 01:13:23.0171 6096 CiSvc - ok 01:13:23.0187 6096 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 01:13:23.0187 6096 ClipSrv - ok 01:13:23.0203 6096 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 01:13:23.0250 6096 clr_optimization_v2.0.50727_32 - ok 01:13:23.0343 6096 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 01:13:23.0343 6096 clr_optimization_v4.0.30319_32 - ok 01:13:23.0343 6096 CmdIde - ok 01:13:23.0343 6096 COMSysApp - ok 01:13:23.0359 6096 Cpqarray - ok 01:13:23.0390 6096 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 01:13:23.0390 6096 CryptSvc - ok 01:13:23.0406 6096 dac2w2k - ok 01:13:23.0406 6096 dac960nt - ok 01:13:23.0453 6096 [ B7EF38C2C22A7805DE919CFF5E16A372 ] dc3d C:\WINDOWS\system32\DRIVERS\dc3d.sys 01:13:23.0453 6096 dc3d - ok 01:13:23.0500 6096 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 01:13:23.0500 6096 DcomLaunch - ok 01:13:23.0515 6096 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 01:13:23.0515 6096 Dhcp - ok 01:13:23.0531 6096 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 01:13:23.0531 6096 Disk - ok 01:13:23.0546 6096 dmadmin - ok 01:13:23.0562 6096 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 01:13:23.0578 6096 dmboot - ok 01:13:23.0593 6096 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 01:13:23.0609 6096 dmio - ok 01:13:23.0625 6096 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 01:13:23.0625 6096 dmload - ok 01:13:23.0656 6096 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 01:13:23.0656 6096 dmserver - ok 01:13:23.0687 6096 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 01:13:23.0687 6096 DMusic - ok 01:13:23.0718 6096 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 01:13:23.0734 6096 Dnscache - ok 01:13:23.0765 6096 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 01:13:23.0765 6096 Dot3svc - ok 01:13:23.0765 6096 dpti2o - ok 01:13:23.0781 6096 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 01:13:23.0781 6096 drmkaud - ok 01:13:23.0812 6096 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 01:13:23.0812 6096 EapHost - ok 01:13:23.0859 6096 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 01:13:23.0859 6096 ERSvc - ok 01:13:23.0890 6096 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 01:13:23.0906 6096 Eventlog - ok 01:13:23.0953 6096 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 01:13:23.0953 6096 EventSystem - ok 01:13:23.0953 6096 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 01:13:23.0953 6096 Fastfat - ok 01:13:24.0000 6096 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 01:13:24.0000 6096 FastUserSwitchingCompatibility - ok 01:13:24.0031 6096 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 01:13:24.0031 6096 Fdc - ok 01:13:24.0062 6096 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 01:13:24.0062 6096 Fips - ok 01:13:24.0078 6096 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 01:13:24.0078 6096 Flpydisk - ok 01:13:24.0093 6096 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 01:13:24.0109 6096 FltMgr - ok 01:13:24.0187 6096 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 01:13:24.0187 6096 FontCache3.0.0.0 - ok 01:13:24.0203 6096 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 01:13:24.0203 6096 Fs_Rec - ok 01:13:24.0218 6096 FTD2XX - ok 01:13:24.0218 6096 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 01:13:24.0218 6096 Ftdisk - ok 01:13:24.0250 6096 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 01:13:24.0250 6096 GEARAspiWDM - ok 01:13:24.0281 6096 [ 69F8F310654D699C7E5BD5C67279980F ] GenericMount C:\WINDOWS\system32\DRIVERS\GenericMount.sys 01:13:24.0281 6096 GenericMount - ok 01:13:24.0406 6096 [ 5F0F786D91087C0A76C3EF689A51CA48 ] GenericMount Helper Service C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe 01:13:24.0421 6096 GenericMount Helper Service - ok 01:13:24.0468 6096 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\WINDOWS\system32\DRIVERS\ggflt.sys 01:13:24.0468 6096 ggflt - ok 01:13:24.0500 6096 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\WINDOWS\system32\DRIVERS\ggsemc.sys 01:13:24.0500 6096 ggsemc - ok 01:13:24.0500 6096 GMSIPCI - ok 01:13:24.0531 6096 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 01:13:24.0531 6096 Gpc - ok 01:13:24.0562 6096 [ 4A2102DDF08472527B4872FA68EE87D1 ] GT680x C:\WINDOWS\system32\Drivers\gt680x.sys 01:13:24.0562 6096 GT680x - ok 01:13:24.0671 6096 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 01:13:24.0671 6096 gupdate - ok 01:13:24.0687 6096 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 01:13:24.0687 6096 gupdatem - ok 01:13:24.0734 6096 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe 01:13:24.0734 6096 gusvc - ok 01:13:24.0796 6096 [ ED32D389F8B0E74E400932E020BCFBDF ] Hardlock C:\WINDOWS\system32\drivers\hardlock.sys 01:13:24.0796 6096 Hardlock - ok 01:13:24.0859 6096 [ 2DD25F060DC9F79B5CDF33D90ED93669 ] Haspnt C:\WINDOWS\system32\drivers\Haspnt.sys 01:13:24.0859 6096 Haspnt - ok 01:13:24.0875 6096 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 01:13:24.0875 6096 HDAudBus - ok 01:13:24.0968 6096 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 01:13:24.0968 6096 helpsvc - ok 01:13:25.0000 6096 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll 01:13:25.0015 6096 HidServ - ok 01:13:25.0015 6096 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys 01:13:25.0015 6096 hidusb - ok 01:13:25.0062 6096 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 01:13:25.0062 6096 hkmsvc - ok 01:13:25.0062 6096 hpn - ok 01:13:25.0109 6096 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 01:13:25.0125 6096 HTTP - ok 01:13:25.0156 6096 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 01:13:25.0156 6096 HTTPFilter - ok 01:13:25.0171 6096 i2omgmt - ok 01:13:25.0171 6096 i2omp - ok 01:13:25.0187 6096 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 01:13:25.0187 6096 i8042prt - ok 01:13:25.0250 6096 [ 696A461DD24EA039E0521877CB944BE3 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 01:13:25.0281 6096 ialm - ok 01:13:25.0390 6096 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe 01:13:25.0390 6096 IDriverT - ok 01:13:25.0453 6096 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 01:13:25.0468 6096 idsvc - ok 01:13:25.0500 6096 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 01:13:25.0500 6096 Imapi - ok 01:13:25.0546 6096 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 01:13:25.0546 6096 ImapiService - ok 01:13:25.0546 6096 ini910u - ok 01:13:25.0718 6096 [ 9D04EE981B9F2AD4AFEDD5CF376F3148 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 01:13:25.0796 6096 IntcAzAudAddService - ok 01:13:25.0796 6096 IntelIde - ok 01:13:25.0828 6096 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 01:13:25.0828 6096 intelppm - ok 01:13:25.0843 6096 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 01:13:25.0843 6096 Ip6Fw - ok 01:13:25.0875 6096 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 01:13:25.0875 6096 IpFilterDriver - ok 01:13:25.0890 6096 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 01:13:25.0890 6096 IpInIp - ok 01:13:25.0921 6096 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 01:13:25.0937 6096 IpNat - ok 01:13:25.0953 6096 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 01:13:25.0953 6096 IPSec - ok 01:13:26.0000 6096 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys 01:13:26.0000 6096 irda - ok 01:13:26.0015 6096 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 01:13:26.0015 6096 IRENUM - ok 01:13:26.0046 6096 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll 01:13:26.0046 6096 Irmon - ok 01:13:26.0078 6096 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 01:13:26.0078 6096 isapnp - ok 01:13:26.0187 6096 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe 01:13:26.0203 6096 JavaQuickStarterService - ok 01:13:26.0218 6096 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 01:13:26.0234 6096 Kbdclass - ok 01:13:26.0234 6096 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 01:13:26.0234 6096 kbdhid - ok 01:13:26.0265 6096 [ 186B54479D98E48AEE0E9ADA4B3C4D31 ] KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys 01:13:26.0265 6096 KL1 - ok 01:13:26.0281 6096 [ BF485BFBA13C0AB116701FD9C55324D0 ] kl2 C:\WINDOWS\system32\DRIVERS\kl2.sys 01:13:26.0281 6096 kl2 - ok 01:13:26.0328 6096 [ 5D92A03045A6A98708975B3D77B39A36 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys 01:13:26.0328 6096 KLIF - ok 01:13:26.0375 6096 [ 96A7EC308A93DA26DFE481308BAAC2A2 ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys 01:13:26.0375 6096 klim5 - ok 01:13:26.0375 6096 [ 3959530F69E19DA56F1F24F2C89F1E2C ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys 01:13:26.0375 6096 klmouflt - ok 01:13:26.0406 6096 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 01:13:26.0406 6096 kmixer - ok 01:13:26.0406 6096 KodakCCS - ok 01:13:26.0437 6096 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 01:13:26.0437 6096 KSecDD - ok 01:13:26.0468 6096 [ 0A2E5A1963708AEE3BEE39D17726D736 ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys 01:13:26.0468 6096 L1c - ok 01:13:26.0484 6096 [ FD1D572C705BD70953621DA8334F5A5C ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys 01:13:26.0484 6096 L8042mou - ok 01:13:26.0531 6096 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 01:13:26.0531 6096 lanmanserver - ok 01:13:26.0578 6096 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 01:13:26.0578 6096 lanmanworkstation - ok 01:13:26.0593 6096 lbrtfdc - ok 01:13:26.0609 6096 [ 6F6FED015CD3D33A048F9FC40F42E076 ] LHidKe C:\WINDOWS\system32\DRIVERS\LHidKE.Sys 01:13:26.0609 6096 LHidKe - ok 01:13:26.0625 6096 [ C9FEEB4604C303CBD68E0A6780B5F50C ] LHidUsbK C:\WINDOWS\system32\Drivers\LHidUsbK.Sys 01:13:26.0625 6096 LHidUsbK - ok 01:13:26.0734 6096 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 01:13:26.0765 6096 LiveUpdate - ok 01:13:26.0781 6096 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 01:13:26.0781 6096 LmHosts - ok 01:13:26.0796 6096 [ E424EB5F4FCF486490A17BEA3DFC64A9 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys 01:13:26.0796 6096 LMouKE - ok 01:13:26.0796 6096 lxbx_device - ok 01:13:26.0859 6096 [ D57A920490362C89A0EF2A61FE249AFA ] MA-620 C:\WINDOWS\system32\DRIVERS\MA-620.sys 01:13:26.0859 6096 MA-620 - ok 01:13:26.0875 6096 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 01:13:26.0875 6096 Messenger - ok 01:13:26.0921 6096 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 01:13:26.0921 6096 mnmdd - ok 01:13:26.0953 6096 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 01:13:26.0953 6096 mnmsrvc - ok 01:13:27.0000 6096 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 01:13:27.0000 6096 Modem - ok 01:13:27.0062 6096 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys 01:13:27.0078 6096 Monfilt - ok 01:13:27.0109 6096 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 01:13:27.0109 6096 Mouclass - ok 01:13:27.0109 6096 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 01:13:27.0109 6096 mouhid - ok 01:13:27.0140 6096 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 01:13:27.0140 6096 MountMgr - ok 01:13:27.0187 6096 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe 01:13:27.0187 6096 MozillaMaintenance - ok 01:13:27.0187 6096 mraid35x - ok 01:13:27.0218 6096 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 01:13:27.0218 6096 MRxDAV - ok 01:13:27.0265 6096 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 01:13:27.0265 6096 MRxSmb - ok 01:13:27.0312 6096 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 01:13:27.0312 6096 MSDTC - ok 01:13:27.0343 6096 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 01:13:27.0343 6096 Msfs - ok 01:13:27.0359 6096 [ 95C6432151CCFF8617352F8E616A1AA4 ] MSIRCOMM C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys 01:13:27.0359 6096 MSIRCOMM - ok 01:13:27.0375 6096 MSIServer - ok 01:13:27.0375 6096 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 01:13:27.0375 6096 MSKSSRV - ok 01:13:27.0406 6096 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 01:13:27.0406 6096 MSPCLOCK - ok 01:13:27.0406 6096 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 01:13:27.0406 6096 MSPQM - ok 01:13:27.0437 6096 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 01:13:27.0437 6096 mssmbios - ok 01:13:27.0515 6096 MSSQL$SQLEXPRESS - ok 01:13:27.0593 6096 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Programme\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 01:13:27.0593 6096 MSSQLServerADHelper100 - ok 01:13:27.0609 6096 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 01:13:27.0609 6096 MSTEE - ok 01:13:27.0625 6096 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 01:13:27.0625 6096 Mup - ok 01:13:27.0656 6096 [ FC3EB08186946EB22370DE70F778DF08 ] MVDCODEC C:\WINDOWS\system32\DRIVERS\ativmdcd.sys 01:13:27.0656 6096 MVDCODEC - ok 01:13:27.0687 6096 [ E91FC8B52D21E38317DC61A3C7CCFA4B ] MxlW2k C:\WINDOWS\system32\drivers\MxlW2k.sys 01:13:27.0687 6096 MxlW2k - ok 01:13:27.0718 6096 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 01:13:27.0718 6096 NABTSFEC - ok 01:13:27.0750 6096 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 01:13:27.0750 6096 napagent - ok 01:13:27.0765 6096 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 01:13:27.0765 6096 NDIS - ok 01:13:27.0796 6096 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 01:13:27.0796 6096 NdisIP - ok 01:13:27.0843 6096 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 01:13:27.0843 6096 NdisTapi - ok 01:13:27.0843 6096 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 01:13:27.0859 6096 Ndisuio - ok 01:13:27.0875 6096 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 01:13:27.0875 6096 NdisWan - ok 01:13:27.0906 6096 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 01:13:27.0906 6096 NDProxy - ok 01:13:27.0953 6096 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 01:13:27.0953 6096 NetBIOS - ok 01:13:27.0968 6096 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 01:13:27.0984 6096 NetBT - ok 01:13:28.0015 6096 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 01:13:28.0015 6096 NetDDE - ok 01:13:28.0015 6096 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 01:13:28.0031 6096 NetDDEdsdm - ok 01:13:28.0046 6096 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 01:13:28.0062 6096 Netlogon - ok 01:13:28.0093 6096 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 01:13:28.0109 6096 Netman - ok 01:13:28.0140 6096 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 01:13:28.0140 6096 NetTcpPortSharing - ok 01:13:28.0140 6096 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 01:13:28.0140 6096 NIC1394 - ok 01:13:28.0187 6096 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 01:13:28.0187 6096 Nla - ok 01:13:28.0375 6096 [ A1787754952A0B700E386DC7C5FA5726 ] Norton Ghost C:\Programme\Norton Ghost\Agent\VProSvc.exe 01:13:28.0437 6096 Norton Ghost - ok 01:13:28.0468 6096 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 01:13:28.0468 6096 Npfs - ok 01:13:28.0515 6096 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 01:13:28.0515 6096 Ntfs - ok 01:13:28.0531 6096 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 01:13:28.0531 6096 NtLmSsp - ok 01:13:28.0578 6096 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 01:13:28.0593 6096 NtmsSvc - ok 01:13:28.0609 6096 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 01:13:28.0609 6096 Null - ok 01:13:28.0625 6096 [ E4F1F95A6BBBFBBFF9A713C6063AA2CB ] nvatabus C:\WINDOWS\system32\DRIVERS\nvatabus.sys 01:13:28.0640 6096 nvatabus - ok 01:13:28.0656 6096 [ 812F45DA883BDB87C5960B25295A7E9C ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 01:13:28.0656 6096 NVENETFD - ok 01:13:28.0687 6096 [ 507B332B431392ED37C23B7CFB66DCF7 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 01:13:28.0687 6096 nvnetbus - ok 01:13:28.0734 6096 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 01:13:28.0734 6096 NwlnkFlt - ok 01:13:28.0734 6096 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 01:13:28.0734 6096 NwlnkFwd - ok 01:13:28.0875 6096 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE 01:13:28.0890 6096 odserv - ok 01:13:28.0906 6096 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 01:13:28.0906 6096 ohci1394 - ok 01:13:28.0937 6096 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 01:13:28.0937 6096 ose - ok 01:13:29.0000 6096 [ 4A410C7AEA51123519C20D43A20BCE96 ] PAC207 C:\WINDOWS\system32\DRIVERS\PFC027.SYS 01:13:29.0015 6096 PAC207 - ok 01:13:29.0031 6096 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 01:13:29.0031 6096 Parport - ok 01:13:29.0031 6096 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 01:13:29.0031 6096 PartMgr - ok 01:13:29.0078 6096 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 01:13:29.0078 6096 ParVdm - ok 01:13:29.0093 6096 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 01:13:29.0109 6096 PCI - ok 01:13:29.0109 6096 PCIDump - ok 01:13:29.0125 6096 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 01:13:29.0125 6096 PCIIde - ok 01:13:29.0156 6096 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\WINDOWS\system32\drivers\pclepci.sys 01:13:29.0156 6096 PCLEPCI - ok 01:13:29.0156 6096 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 01:13:29.0156 6096 Pcmcia - ok 01:13:29.0171 6096 PDCOMP - ok 01:13:29.0171 6096 PDFRAME - ok 01:13:29.0171 6096 PDRELI - ok 01:13:29.0187 6096 PDRFRAME - ok 01:13:29.0187 6096 perc2 - ok 01:13:29.0187 6096 perc2hib - ok 01:13:29.0218 6096 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 01:13:29.0218 6096 PlugPlay - ok 01:13:29.0250 6096 [ 3ABDF04C0137F45568D5E960E7D5D73A ] PMUSB2G C:\WINDOWS\system32\Drivers\PMUSB.sys 01:13:29.0250 6096 PMUSB2G - ok 01:13:29.0265 6096 [ A1D7A9214B71EBBB6F31CB84AAC15525 ] Pnp680r C:\WINDOWS\system32\DRIVERS\pnp680r.sys 01:13:29.0265 6096 Pnp680r - ok 01:13:29.0265 6096 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 01:13:29.0265 6096 PolicyAgent - ok 01:13:29.0312 6096 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 01:13:29.0312 6096 PptpMiniport - ok 01:13:29.0359 6096 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 01:13:29.0359 6096 Processor - ok 01:13:29.0359 6096 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 01:13:29.0359 6096 ProtectedStorage - ok 01:13:29.0375 6096 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 01:13:29.0375 6096 PSched - ok 01:13:29.0390 6096 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 01:13:29.0390 6096 Ptilink - ok 01:13:29.0421 6096 [ 681AE4F1927FE0FDEEE2863F1684088D ] pwdrvio C:\WINDOWS\system32\pwdrvio.sys 01:13:29.0421 6096 pwdrvio - ok 01:13:29.0468 6096 [ BC60895CE021309EBD887D2F22055654 ] pwdspio C:\WINDOWS\system32\pwdspio.sys 01:13:29.0468 6096 pwdspio - ok 01:13:29.0515 6096 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 01:13:29.0515 6096 PxHelp20 - ok 01:13:29.0515 6096 ql1080 - ok 01:13:29.0515 6096 Ql10wnt - ok 01:13:29.0531 6096 ql12160 - ok 01:13:29.0531 6096 ql1240 - ok 01:13:29.0531 6096 ql1280 - ok 01:13:29.0578 6096 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 01:13:29.0578 6096 RasAcd - ok 01:13:29.0593 6096 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 01:13:29.0593 6096 RasAuto - ok 01:13:29.0625 6096 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys 01:13:29.0625 6096 Rasirda - ok 01:13:29.0625 6096 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 01:13:29.0625 6096 Rasl2tp - ok 01:13:29.0671 6096 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 01:13:29.0671 6096 RasMan - ok 01:13:29.0671 6096 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 01:13:29.0671 6096 RasPppoe - ok 01:13:29.0687 6096 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 01:13:29.0687 6096 Raspti - ok 01:13:29.0718 6096 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 01:13:29.0734 6096 Rdbss - ok 01:13:29.0750 6096 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 01:13:29.0750 6096 RDPCDD - ok 01:13:29.0796 6096 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 01:13:29.0796 6096 RDPWD - ok 01:13:29.0812 6096 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 01:13:29.0828 6096 RDSessMgr - ok 01:13:29.0859 6096 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 01:13:29.0859 6096 redbook - ok 01:13:29.0875 6096 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 01:13:29.0875 6096 RemoteAccess - ok 01:13:29.0906 6096 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 01:13:29.0906 6096 RpcLocator - ok 01:13:29.0937 6096 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll 01:13:29.0937 6096 RpcSs - ok 01:13:30.0000 6096 [ FEDD2710B75BE3ECF078ADACE790C423 ] RsFx0102 C:\WINDOWS\system32\DRIVERS\RsFx0102.sys 01:13:30.0000 6096 RsFx0102 - ok 01:13:30.0031 6096 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 01:13:30.0031 6096 RSVP - ok 01:13:30.0062 6096 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\WINDOWS\system32\DRIVERS\s0016bus.sys 01:13:30.0062 6096 s0016bus - ok 01:13:30.0109 6096 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys 01:13:30.0109 6096 s0016mdfl - ok 01:13:30.0140 6096 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\WINDOWS\system32\DRIVERS\s0016mdm.sys 01:13:30.0156 6096 s0016mdm - ok 01:13:30.0187 6096 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys 01:13:30.0187 6096 s0016mgmt - ok 01:13:30.0218 6096 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\WINDOWS\system32\DRIVERS\s0016nd5.sys 01:13:30.0218 6096 s0016nd5 - ok 01:13:30.0250 6096 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\WINDOWS\system32\DRIVERS\s0016obex.sys 01:13:30.0250 6096 s0016obex - ok 01:13:30.0296 6096 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\WINDOWS\system32\DRIVERS\s0016unic.sys 01:13:30.0296 6096 s0016unic - ok 01:13:30.0312 6096 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 01:13:30.0312 6096 SamSs - ok 01:13:30.0343 6096 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 01:13:30.0359 6096 SCardSvr - ok 01:13:30.0390 6096 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 01:13:30.0390 6096 Schedule - ok 01:13:30.0515 6096 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe 01:13:30.0515 6096 SearchAnonymizer - ok 01:13:30.0546 6096 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 01:13:30.0546 6096 Secdrv - ok 01:13:30.0578 6096 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 01:13:30.0578 6096 seclogon - ok 01:13:30.0593 6096 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 01:13:30.0593 6096 SENS - ok 01:13:30.0625 6096 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 01:13:30.0625 6096 serenum - ok 01:13:30.0625 6096 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 01:13:30.0640 6096 Serial - ok 01:13:30.0703 6096 [ 0B179A959FF6B6CA5927D4F255AB9F90 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys 01:13:30.0703 6096 sfdrv01 - ok 01:13:30.0734 6096 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys 01:13:30.0750 6096 sfhlp02 - ok 01:13:30.0765 6096 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 01:13:30.0765 6096 Sfloppy - ok 01:13:30.0796 6096 [ A62EFE6AA55C6A599DDBB6BD00E8FB9C ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys 01:13:30.0796 6096 sfsync02 - ok 01:13:30.0828 6096 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 01:13:30.0843 6096 SharedAccess - ok 01:13:30.0859 6096 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 01:13:30.0859 6096 ShellHWDetection - ok 01:13:30.0890 6096 [ 09889D435EDC82435B18C7C311FE5721 ] Si3114r5 C:\WINDOWS\system32\DRIVERS\Si3114r5.sys 01:13:30.0890 6096 Si3114r5 - ok 01:13:30.0921 6096 [ 46B92189FE4DB53A09E3A0099AA3084C ] SiFilter C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys 01:13:30.0921 6096 SiFilter - ok 01:13:30.0921 6096 Simbad - ok 01:13:30.0937 6096 [ B688378D258D1ECCE4768CDB55D48D92 ] SiRemFil C:\WINDOWS\system32\DRIVERS\SiRemFil.sys 01:13:30.0937 6096 SiRemFil - ok 01:13:30.0984 6096 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 01:13:31.0000 6096 SkypeUpdate - ok 01:13:31.0031 6096 [ 6352FA01BD438E88250D534A1A6D22FF ] SLEE_17_DRIVER C:\WINDOWS\system32\drivers\Sleen17.sys 01:13:31.0031 6096 SLEE_17_DRIVER - ok 01:13:31.0031 6096 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 01:13:31.0031 6096 SLIP - ok 01:13:31.0156 6096 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Programme\Sony\Sony PC Companion\PCCService.exe 01:13:31.0156 6096 Sony PC Companion - ok 01:13:31.0156 6096 Sparrow - ok 01:13:31.0187 6096 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 01:13:31.0187 6096 splitter - ok 01:13:31.0218 6096 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 01:13:31.0234 6096 Spooler - ok 01:13:31.0265 6096 [ EB2FD937449B7ACEB39372F875EB8E78 ] SQLAgent$SQLEXPRESS c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 01:13:31.0296 6096 SQLAgent$SQLEXPRESS - ok 01:13:31.0375 6096 [ 99DE6ACFA5CA83FAD6A765C81C6F129F ] SQLBrowser c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe 01:13:31.0390 6096 SQLBrowser - ok 01:13:31.0421 6096 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe 01:13:31.0421 6096 SQLWriter - ok 01:13:31.0421 6096 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 01:13:31.0421 6096 sr - ok 01:13:31.0468 6096 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 01:13:31.0468 6096 srservice - ok 01:13:31.0515 6096 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 01:13:31.0515 6096 Srv - ok 01:13:31.0531 6096 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 01:13:31.0546 6096 SSDPSRV - ok 01:13:31.0562 6096 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 01:13:31.0562 6096 stisvc - ok 01:13:31.0609 6096 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 01:13:31.0609 6096 streamip - ok 01:13:31.0625 6096 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 01:13:31.0625 6096 swenum - ok 01:13:31.0656 6096 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 01:13:31.0656 6096 swmidi - ok 01:13:31.0656 6096 SwPrv - ok 01:13:31.0671 6096 Symantec SymSnap VSS Provider - ok 01:13:31.0671 6096 symc810 - ok 01:13:31.0671 6096 symc8xx - ok 01:13:31.0718 6096 [ 5220576EE29BEA7C18DFF9ECABF18BBC ] symlcbrd C:\WINDOWS\system32\drivers\symlcbrd.sys 01:13:31.0718 6096 symlcbrd - ok 01:13:31.0734 6096 [ A5CF31080E99718949BCC38C83F13452 ] symsnap C:\WINDOWS\system32\DRIVERS\symsnap.sys 01:13:31.0734 6096 symsnap - ok 01:13:31.0812 6096 [ 21FF886E6F679FC1EB352F231E846357 ] SymSnapService C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe 01:13:31.0843 6096 SymSnapService - ok 01:13:31.0843 6096 sym_hi - ok 01:13:31.0859 6096 sym_u3 - ok 01:13:31.0875 6096 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 01:13:31.0875 6096 sysaudio - ok 01:13:31.0906 6096 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 01:13:31.0906 6096 SysmonLog - ok 01:13:31.0921 6096 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 01:13:31.0937 6096 TapiSrv - ok 01:13:32.0000 6096 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 01:13:32.0000 6096 Tcpip - ok 01:13:32.0015 6096 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 01:13:32.0015 6096 TDPIPE - ok 01:13:32.0031 6096 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 01:13:32.0031 6096 TDTCP - ok 01:13:32.0031 6096 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 01:13:32.0031 6096 TermDD - ok 01:13:32.0062 6096 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 01:13:32.0078 6096 TermService - ok 01:13:32.0093 6096 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 01:13:32.0093 6096 Themes - ok 01:13:32.0109 6096 TosIde - ok 01:13:32.0125 6096 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 01:13:32.0125 6096 TrkWks - ok 01:13:32.0156 6096 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 01:13:32.0156 6096 Udfs - ok 01:13:32.0156 6096 ultra - ok 01:13:32.0187 6096 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 01:13:32.0203 6096 Update - ok 01:13:32.0218 6096 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 01:13:32.0234 6096 upnphost - ok 01:13:32.0250 6096 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 01:13:32.0250 6096 UPS - ok 01:13:32.0281 6096 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 01:13:32.0281 6096 usbaudio - ok 01:13:32.0296 6096 [ 0C28DD9EC68CCB6E95D49BFD24FD2C11 ] USBCamera C:\WINDOWS\system32\Drivers\Bulk533.sys 01:13:32.0296 6096 USBCamera - ok 01:13:32.0328 6096 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 01:13:32.0328 6096 usbccgp - ok 01:13:32.0343 6096 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 01:13:32.0343 6096 usbehci - ok 01:13:32.0343 6096 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 01:13:32.0343 6096 usbhub - ok 01:13:32.0359 6096 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 01:13:32.0359 6096 usbohci - ok 01:13:32.0390 6096 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 01:13:32.0390 6096 usbprint - ok 01:13:32.0406 6096 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 01:13:32.0406 6096 usbscan - ok 01:13:32.0421 6096 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys 01:13:32.0421 6096 usbser - ok 01:13:32.0421 6096 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 01:13:32.0437 6096 USBSTOR - ok 01:13:32.0437 6096 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 01:13:32.0437 6096 usbuhci - ok 01:13:32.0453 6096 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 01:13:32.0468 6096 VgaSave - ok 01:13:32.0468 6096 ViaIde - ok 01:13:32.0500 6096 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 01:13:32.0500 6096 VolSnap - ok 01:13:32.0531 6096 [ EF3506B04EB9124240B35148EAACBAA5 ] VProEventMonitor C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys 01:13:32.0531 6096 VProEventMonitor - ok 01:13:32.0562 6096 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 01:13:32.0578 6096 VSS - ok 01:13:32.0687 6096 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe 01:13:32.0687 6096 vToolbarUpdater12.2.6 - ok 01:13:32.0718 6096 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 01:13:32.0734 6096 W32Time - ok 01:13:32.0781 6096 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 01:13:32.0781 6096 Wanarp - ok 01:13:32.0843 6096 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys 01:13:32.0843 6096 Wdf01000 - ok 01:13:32.0843 6096 WDICA - ok 01:13:32.0875 6096 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 01:13:32.0875 6096 wdmaud - ok 01:13:32.0875 6096 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 01:13:32.0890 6096 WebClient - ok 01:13:32.0921 6096 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\WINDOWS\system32\DRIVERS\wimfltr.sys 01:13:32.0937 6096 WimFltr - ok 01:13:33.0000 6096 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 01:13:33.0015 6096 winmgmt - ok 01:13:33.0078 6096 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 01:13:33.0093 6096 WinRM - ok 01:13:33.0156 6096 [ 671DB6A9B772B807721147C28FAF760F ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys 01:13:33.0156 6096 WmBEnum - ok 01:13:33.0171 6096 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 01:13:33.0171 6096 WmdmPmSN - ok 01:13:33.0203 6096 [ CFFE18DB8140B00335221907A694DD01 ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys 01:13:33.0203 6096 WmFilter - ok 01:13:33.0234 6096 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 01:13:33.0234 6096 WmiApSrv - ok 01:13:33.0312 6096 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 01:13:33.0328 6096 WMPNetworkSvc - ok 01:13:33.0359 6096 [ 2E17EA3B132963E3C07D50D68D2DF54E ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys 01:13:33.0359 6096 WmVirHid - ok 01:13:33.0375 6096 [ 0ECE3BB49EB9EE42C411A0F1EC39DDA9 ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys 01:13:33.0375 6096 WmXlCore - ok 01:13:33.0375 6096 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 01:13:33.0375 6096 WpdUsb - ok 01:13:33.0515 6096 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 01:13:33.0531 6096 WPFFontCache_v0400 - ok 01:13:33.0578 6096 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 01:13:33.0593 6096 wscsvc - ok 01:13:33.0593 6096 WSearch - ok 01:13:33.0640 6096 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 01:13:33.0640 6096 WSTCODEC - ok 01:13:33.0671 6096 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 01:13:33.0671 6096 wuauserv - ok 01:13:33.0718 6096 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 01:13:33.0718 6096 WudfPf - ok 01:13:33.0750 6096 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 01:13:33.0750 6096 WudfRd - ok 01:13:33.0765 6096 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 01:13:33.0781 6096 WudfSvc - ok 01:13:33.0812 6096 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 01:13:33.0828 6096 WZCSVC - ok 01:13:33.0843 6096 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 01:13:33.0843 6096 xmlprov - ok 01:13:33.0890 6096 [ 4322C32CED8C4772E039616DCBF01D3F ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys 01:13:33.0890 6096 yukonwxp - ok 01:13:33.0906 6096 ================ Scan global =============================== 01:13:33.0937 6096 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 01:13:33.0953 6096 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 01:13:33.0968 6096 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 01:13:34.0000 6096 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 01:13:34.0000 6096 [Global] - ok 01:13:34.0000 6096 ================ Scan MBR ================================== 01:13:34.0015 6096 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 01:13:34.0171 6096 \Device\Harddisk0\DR0 - ok 01:13:34.0187 6096 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1 01:13:34.0453 6096 \Device\Harddisk1\DR1 - ok 01:13:34.0453 6096 ================ Scan VBR ================================== 01:13:34.0453 6096 [ 43E89A61C3AF49F8D624AA2DE4002AED ] \Device\Harddisk0\DR0\Partition1 01:13:34.0453 6096 \Device\Harddisk0\DR0\Partition1 - ok 01:13:34.0453 6096 [ 889D8DC8733C621E99545E859CABB2A9 ] \Device\Harddisk1\DR1\Partition1 01:13:34.0453 6096 \Device\Harddisk1\DR1\Partition1 - ok 01:13:34.0453 6096 ============================================================ 01:13:34.0453 6096 Scan finished 01:13:34.0453 6096 ============================================================ 01:13:34.0468 4880 Detected object count: 0 01:13:34.0468 4880 Actual detected object count: 0 01:15:08.0437 3480 ============================================================ 01:15:08.0437 3480 Scan started 01:15:08.0437 3480 Mode: Manual; 01:15:08.0437 3480 ============================================================ 01:15:10.0109 3480 ================ Scan system memory ======================== 01:15:10.0125 3480 System memory - ok 01:15:10.0125 3480 ================ Scan services ============================= 01:15:10.0218 3480 Abiosdsk - ok 01:15:10.0218 3480 abp480n5 - ok 01:15:10.0281 3480 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 01:15:10.0281 3480 ACPI - ok 01:15:10.0312 3480 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 01:15:10.0312 3480 ACPIEC - ok 01:15:10.0390 3480 AcrSch2Svc - ok 01:15:10.0453 3480 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 01:15:10.0453 3480 AdobeFlashPlayerUpdateSvc - ok 01:15:10.0453 3480 adpu160m - ok 01:15:10.0500 3480 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 01:15:10.0500 3480 aec - ok 01:15:10.0546 3480 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys 01:15:10.0546 3480 Afc - ok 01:15:10.0593 3480 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 01:15:10.0593 3480 AFD - ok 01:15:10.0593 3480 Aha154x - ok 01:15:10.0609 3480 aic78u2 - ok 01:15:10.0609 3480 aic78xx - ok 01:15:10.0687 3480 [ 4E0ACA5290B2966F24C45250A56C2DA1 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS 01:15:10.0703 3480 ALCXWDM - ok 01:15:10.0734 3480 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 01:15:10.0734 3480 Alerter - ok 01:15:10.0765 3480 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 01:15:10.0765 3480 ALG - ok 01:15:10.0765 3480 AliIde - ok 01:15:10.0843 3480 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys 01:15:10.0843 3480 Ambfilt - ok 01:15:10.0890 3480 [ E6A2299284013EC4DE3419481A62069F ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 01:15:10.0890 3480 AmdK8 - ok 01:15:10.0890 3480 amsint - ok 01:15:10.0906 3480 AppMgmt - ok 01:15:10.0921 3480 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 01:15:10.0921 3480 Arp1394 - ok 01:15:10.0953 3480 [ 875F9079CABEE679D34B49E466B61701 ] ASAPIW2K C:\WINDOWS\system32\Drivers\ASAPIW2K.sys 01:15:10.0953 3480 ASAPIW2K - ok 01:15:10.0953 3480 asc - ok 01:15:10.0968 3480 asc3350p - ok 01:15:10.0968 3480 asc3550 - ok 01:15:11.0000 3480 [ EB62FA6D7DA4E774E47D376E4D19CA5F ] Aspi32 C:\WINDOWS\system32\drivers\aspi32.sys 01:15:11.0015 3480 Aspi32 - ok 01:15:11.0125 3480 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 01:15:11.0125 3480 aspnet_state - ok 01:15:11.0156 3480 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 01:15:11.0156 3480 AsyncMac - ok 01:15:11.0171 3480 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 01:15:11.0171 3480 atapi - ok 01:15:11.0171 3480 Atdisk - ok 01:15:11.0250 3480 [ ECA673779ECD27D674953D692FE070F6 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 01:15:11.0250 3480 Ati HotKey Poller - ok 01:15:11.0296 3480 [ 1428C586BB318E1404575834E428ADDD ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe 01:15:11.0296 3480 ATI Smart - ok 01:15:11.0390 3480 [ 15B2FE76E2ECEB98C49ED52311A6F26F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 01:15:11.0406 3480 ati2mtag - ok 01:15:11.0437 3480 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 01:15:11.0437 3480 Atmarpc - ok 01:15:11.0484 3480 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 01:15:11.0484 3480 AudioSrv - ok 01:15:11.0500 3480 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 01:15:11.0500 3480 audstub - ok 01:15:11.0515 3480 AVFSFilter - ok 01:15:11.0546 3480 [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys 01:15:11.0546 3480 avgtp - ok 01:15:11.0625 3480 [ 2718DC27571BD1E37813F5759D2DC118 ] AVP C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe 01:15:11.0625 3480 AVP - ok 01:15:11.0656 3480 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 01:15:11.0656 3480 Beep - ok 01:15:11.0687 3480 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 01:15:11.0687 3480 BITS - ok 01:15:11.0718 3480 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 01:15:11.0718 3480 Browser - ok 01:15:11.0718 3480 btaudio - ok 01:15:11.0734 3480 BTDriver - ok 01:15:11.0734 3480 BTKRNL - ok 01:15:11.0734 3480 BTWDNDIS - ok 01:15:11.0750 3480 BTWUSB - ok 01:15:11.0796 3480 [ A8EAE8E358DE3A21E6EB54F4FC7F65EC ] Ca533av C:\WINDOWS\system32\Drivers\Ca533av.sys 01:15:11.0812 3480 Ca533av - ok 01:15:11.0812 3480 catchme - ok 01:15:11.0843 3480 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 01:15:11.0843 3480 cbidf2k - ok 01:15:11.0875 3480 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 01:15:11.0875 3480 CCDECODE - ok 01:15:11.0875 3480 cd20xrnt - ok 01:15:11.0906 3480 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 01:15:11.0906 3480 Cdaudio - ok 01:15:11.0906 3480 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 01:15:11.0906 3480 Cdfs - ok 01:15:11.0937 3480 [ BF79E659C506674C0497CC9C61F1A165 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys 01:15:11.0937 3480 Cdr4_xp - ok 01:15:11.0968 3480 [ 2C41CD49D82D5FD85C72D57B6CA25471 ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys 01:15:11.0968 3480 Cdralw2k - ok 01:15:11.0968 3480 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 01:15:11.0968 3480 Cdrom - ok 01:15:11.0968 3480 Changer - ok 01:15:12.0015 3480 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 01:15:12.0015 3480 CiSvc - ok 01:15:12.0031 3480 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 01:15:12.0031 3480 ClipSrv - ok 01:15:12.0046 3480 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 01:15:12.0046 3480 clr_optimization_v2.0.50727_32 - ok 01:15:12.0125 3480 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 01:15:12.0125 3480 clr_optimization_v4.0.30319_32 - ok 01:15:12.0125 3480 CmdIde - ok 01:15:12.0125 3480 COMSysApp - ok 01:15:12.0140 3480 Cpqarray - ok 01:15:12.0171 3480 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 01:15:12.0171 3480 CryptSvc - ok 01:15:12.0187 3480 dac2w2k - ok 01:15:12.0187 3480 dac960nt - ok 01:15:12.0234 3480 [ B7EF38C2C22A7805DE919CFF5E16A372 ] dc3d C:\WINDOWS\system32\DRIVERS\dc3d.sys 01:15:12.0234 3480 dc3d - ok 01:15:12.0281 3480 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 01:15:12.0281 3480 DcomLaunch - ok 01:15:12.0296 3480 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 01:15:12.0296 3480 Dhcp - ok 01:15:12.0328 3480 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 01:15:12.0328 3480 Disk - ok 01:15:12.0328 3480 dmadmin - ok 01:15:12.0359 3480 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 01:15:12.0359 3480 dmboot - ok 01:15:12.0390 3480 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 01:15:12.0390 3480 dmio - ok 01:15:12.0406 3480 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 01:15:12.0406 3480 dmload - ok 01:15:12.0437 3480 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 01:15:12.0437 3480 dmserver - ok 01:15:12.0468 3480 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 01:15:12.0468 3480 DMusic - ok 01:15:12.0515 3480 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 01:15:12.0515 3480 Dnscache - ok 01:15:12.0546 3480 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 01:15:12.0546 3480 Dot3svc - ok 01:15:12.0546 3480 dpti2o - ok 01:15:12.0593 3480 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 01:15:12.0593 3480 drmkaud - ok 01:15:12.0625 3480 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 01:15:12.0640 3480 EapHost - ok 01:15:12.0687 3480 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 01:15:12.0687 3480 ERSvc - ok 01:15:12.0734 3480 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 01:15:12.0734 3480 Eventlog - ok 01:15:12.0781 3480 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 01:15:12.0781 3480 EventSystem - ok 01:15:12.0781 3480 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 01:15:12.0796 3480 Fastfat - ok 01:15:12.0828 3480 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 01:15:12.0843 3480 FastUserSwitchingCompatibility - ok 01:15:12.0859 3480 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 01:15:12.0859 3480 Fdc - ok 01:15:12.0906 3480 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 01:15:12.0906 3480 Fips - ok 01:15:12.0921 3480 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 01:15:12.0921 3480 Flpydisk - ok 01:15:12.0968 3480 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 01:15:12.0968 3480 FltMgr - ok 01:15:13.0078 3480 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 01:15:13.0078 3480 FontCache3.0.0.0 - ok 01:15:13.0093 3480 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 01:15:13.0093 3480 Fs_Rec - ok 01:15:13.0093 3480 FTD2XX - ok 01:15:13.0109 3480 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 01:15:13.0109 3480 Ftdisk - ok 01:15:13.0140 3480 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 01:15:13.0140 3480 GEARAspiWDM - ok 01:15:13.0171 3480 [ 69F8F310654D699C7E5BD5C67279980F ] GenericMount C:\WINDOWS\system32\DRIVERS\GenericMount.sys 01:15:13.0171 3480 GenericMount - ok 01:15:13.0296 3480 [ 5F0F786D91087C0A76C3EF689A51CA48 ] GenericMount Helper Service C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe 01:15:13.0296 3480 GenericMount Helper Service - ok 01:15:13.0328 3480 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\WINDOWS\system32\DRIVERS\ggflt.sys 01:15:13.0328 3480 ggflt - ok 01:15:13.0359 3480 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\WINDOWS\system32\DRIVERS\ggsemc.sys 01:15:13.0359 3480 ggsemc - ok 01:15:13.0359 3480 GMSIPCI - ok 01:15:13.0390 3480 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 01:15:13.0390 3480 Gpc - ok 01:15:13.0421 3480 [ 4A2102DDF08472527B4872FA68EE87D1 ] GT680x C:\WINDOWS\system32\Drivers\gt680x.sys 01:15:13.0421 3480 GT680x - ok 01:15:13.0546 3480 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 01:15:13.0546 3480 gupdate - ok 01:15:13.0546 3480 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 01:15:13.0546 3480 gupdatem - ok 01:15:13.0593 3480 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe 01:15:13.0593 3480 gusvc - ok 01:15:13.0656 3480 [ ED32D389F8B0E74E400932E020BCFBDF ] Hardlock C:\WINDOWS\system32\drivers\hardlock.sys 01:15:13.0656 3480 Hardlock - ok 01:15:13.0703 3480 [ 2DD25F060DC9F79B5CDF33D90ED93669 ] Haspnt C:\WINDOWS\system32\drivers\Haspnt.sys 01:15:13.0703 3480 Haspnt - ok 01:15:13.0718 3480 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 01:15:13.0718 3480 HDAudBus - ok 01:15:13.0812 3480 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 01:15:13.0812 3480 helpsvc - ok 01:15:13.0843 3480 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll 01:15:13.0843 3480 HidServ - ok 01:15:13.0859 3480 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys 01:15:13.0859 3480 hidusb - ok 01:15:13.0906 3480 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 01:15:13.0906 3480 hkmsvc - ok 01:15:13.0906 3480 hpn - ok 01:15:13.0968 3480 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 01:15:13.0968 3480 HTTP - ok 01:15:13.0984 3480 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 01:15:14.0000 3480 HTTPFilter - ok 01:15:14.0000 3480 i2omgmt - ok 01:15:14.0000 3480 i2omp - ok 01:15:14.0015 3480 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 01:15:14.0015 3480 i8042prt - ok 01:15:14.0093 3480 [ 696A461DD24EA039E0521877CB944BE3 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 01:15:14.0093 3480 ialm - ok 01:15:14.0203 3480 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe 01:15:14.0203 3480 IDriverT - ok 01:15:14.0265 3480 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 01:15:14.0281 3480 idsvc - ok 01:15:14.0296 3480 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 01:15:14.0296 3480 Imapi - ok 01:15:14.0343 3480 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 01:15:14.0343 3480 ImapiService - ok 01:15:14.0343 3480 ini910u - ok 01:15:14.0531 3480 [ 9D04EE981B9F2AD4AFEDD5CF376F3148 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 01:15:14.0562 3480 IntcAzAudAddService - ok 01:15:14.0562 3480 IntelIde - ok 01:15:14.0593 3480 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 01:15:14.0609 3480 intelppm - ok 01:15:14.0625 3480 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 01:15:14.0625 3480 Ip6Fw - ok 01:15:14.0656 3480 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 01:15:14.0656 3480 IpFilterDriver - ok 01:15:14.0656 3480 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 01:15:14.0656 3480 IpInIp - ok 01:15:14.0703 3480 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 01:15:14.0703 3480 IpNat - ok 01:15:14.0734 3480 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 01:15:14.0734 3480 IPSec - ok 01:15:14.0781 3480 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys 01:15:14.0781 3480 irda - ok 01:15:14.0796 3480 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 01:15:14.0796 3480 IRENUM - ok 01:15:14.0828 3480 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll 01:15:14.0843 3480 Irmon - ok 01:15:14.0859 3480 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 01:15:14.0859 3480 isapnp - ok 01:15:14.0984 3480 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe 01:15:14.0984 3480 JavaQuickStarterService - ok 01:15:15.0015 3480 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 01:15:15.0015 3480 Kbdclass - ok 01:15:15.0031 3480 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 01:15:15.0031 3480 kbdhid - ok 01:15:15.0046 3480 [ 186B54479D98E48AEE0E9ADA4B3C4D31 ] KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys 01:15:15.0046 3480 KL1 - ok 01:15:15.0078 3480 [ BF485BFBA13C0AB116701FD9C55324D0 ] kl2 C:\WINDOWS\system32\DRIVERS\kl2.sys 01:15:15.0078 3480 kl2 - ok 01:15:15.0125 3480 [ 5D92A03045A6A98708975B3D77B39A36 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys 01:15:15.0125 3480 KLIF - ok 01:15:15.0156 3480 [ 96A7EC308A93DA26DFE481308BAAC2A2 ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys 01:15:15.0171 3480 klim5 - ok 01:15:15.0171 3480 [ 3959530F69E19DA56F1F24F2C89F1E2C ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys 01:15:15.0171 3480 klmouflt - ok 01:15:15.0203 3480 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 01:15:15.0203 3480 kmixer - ok 01:15:15.0203 3480 KodakCCS - ok 01:15:15.0234 3480 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 01:15:15.0234 3480 KSecDD - ok 01:15:15.0250 3480 [ 0A2E5A1963708AEE3BEE39D17726D736 ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys 01:15:15.0250 3480 L1c - ok 01:15:15.0281 3480 [ FD1D572C705BD70953621DA8334F5A5C ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys 01:15:15.0281 3480 L8042mou - ok 01:15:15.0312 3480 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 01:15:15.0328 3480 lanmanserver - ok 01:15:15.0375 3480 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 01:15:15.0375 3480 lanmanworkstation - ok 01:15:15.0375 3480 lbrtfdc - ok 01:15:15.0406 3480 [ 6F6FED015CD3D33A048F9FC40F42E076 ] LHidKe C:\WINDOWS\system32\DRIVERS\LHidKE.Sys 01:15:15.0406 3480 LHidKe - ok 01:15:15.0421 3480 [ C9FEEB4604C303CBD68E0A6780B5F50C ] LHidUsbK C:\WINDOWS\system32\Drivers\LHidUsbK.Sys 01:15:15.0421 3480 LHidUsbK - ok 01:15:15.0531 3480 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 01:15:15.0546 3480 LiveUpdate - ok 01:15:15.0562 3480 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 01:15:15.0562 3480 LmHosts - ok 01:15:15.0578 3480 [ E424EB5F4FCF486490A17BEA3DFC64A9 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys 01:15:15.0578 3480 LMouKE - ok 01:15:15.0578 3480 lxbx_device - ok 01:15:15.0609 3480 [ D57A920490362C89A0EF2A61FE249AFA ] MA-620 C:\WINDOWS\system32\DRIVERS\MA-620.sys 01:15:15.0609 3480 MA-620 - ok 01:15:15.0640 3480 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 01:15:15.0640 3480 Messenger - ok 01:15:15.0687 3480 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 01:15:15.0687 3480 mnmdd - ok 01:15:15.0750 3480 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 01:15:15.0750 3480 mnmsrvc - ok 01:15:15.0781 3480 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 01:15:15.0796 3480 Modem - ok 01:15:15.0859 3480 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys 01:15:15.0859 3480 Monfilt - ok 01:15:15.0906 3480 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 01:15:15.0906 3480 Mouclass - ok 01:15:15.0906 3480 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 01:15:15.0906 3480 mouhid - ok 01:15:15.0937 3480 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 01:15:15.0937 3480 MountMgr - ok 01:15:15.0984 3480 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe 01:15:15.0984 3480 MozillaMaintenance - ok 01:15:15.0984 3480 mraid35x - ok 01:15:16.0015 3480 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 01:15:16.0015 3480 MRxDAV - ok 01:15:16.0078 3480 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 01:15:16.0078 3480 MRxSmb - ok 01:15:16.0109 3480 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 01:15:16.0125 3480 MSDTC - ok 01:15:16.0140 3480 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 01:15:16.0140 3480 Msfs - ok 01:15:16.0171 3480 [ 95C6432151CCFF8617352F8E616A1AA4 ] MSIRCOMM C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys 01:15:16.0171 3480 MSIRCOMM - ok 01:15:16.0171 3480 MSIServer - ok 01:15:16.0171 3480 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 01:15:16.0171 3480 MSKSSRV - ok 01:15:16.0218 3480 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 01:15:16.0218 3480 MSPCLOCK - ok 01:15:16.0218 3480 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 01:15:16.0218 3480 MSPQM - ok 01:15:16.0250 3480 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 01:15:16.0250 3480 mssmbios - ok 01:15:16.0312 3480 MSSQL$SQLEXPRESS - ok 01:15:16.0390 3480 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Programme\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 01:15:16.0406 3480 MSSQLServerADHelper100 - ok 01:15:16.0406 3480 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 01:15:16.0421 3480 MSTEE - ok 01:15:16.0421 3480 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 01:15:16.0421 3480 Mup - ok 01:15:16.0468 3480 [ FC3EB08186946EB22370DE70F778DF08 ] MVDCODEC C:\WINDOWS\system32\DRIVERS\ativmdcd.sys 01:15:16.0468 3480 MVDCODEC - ok 01:15:16.0500 3480 [ E91FC8B52D21E38317DC61A3C7CCFA4B ] MxlW2k C:\WINDOWS\system32\drivers\MxlW2k.sys 01:15:16.0500 3480 MxlW2k - ok 01:15:16.0515 3480 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 01:15:16.0515 3480 NABTSFEC - ok 01:15:16.0546 3480 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 01:15:16.0546 3480 napagent - ok 01:15:16.0546 3480 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 01:15:16.0562 3480 NDIS - ok 01:15:16.0578 3480 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 01:15:16.0578 3480 NdisIP - ok 01:15:16.0625 3480 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 01:15:16.0625 3480 NdisTapi - ok 01:15:16.0640 3480 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 01:15:16.0640 3480 Ndisuio - ok 01:15:16.0656 3480 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 01:15:16.0656 3480 NdisWan - ok 01:15:16.0687 3480 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 01:15:16.0687 3480 NDProxy - ok 01:15:16.0703 3480 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 01:15:16.0703 3480 NetBIOS - ok 01:15:16.0734 3480 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 01:15:16.0734 3480 NetBT - ok 01:15:16.0765 3480 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 01:15:16.0765 3480 NetDDE - ok 01:15:16.0765 3480 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 01:15:16.0781 3480 NetDDEdsdm - ok 01:15:16.0796 3480 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 01:15:16.0796 3480 Netlogon - ok 01:15:16.0843 3480 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 01:15:16.0843 3480 Netman - ok 01:15:16.0921 3480 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 01:15:16.0921 3480 NetTcpPortSharing - ok 01:15:16.0953 3480 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 01:15:16.0953 3480 NIC1394 - ok 01:15:17.0000 3480 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 01:15:17.0000 3480 Nla - ok 01:15:18.0187 3480 [ A1787754952A0B700E386DC7C5FA5726 ] Norton Ghost C:\Programme\Norton Ghost\Agent\VProSvc.exe 01:15:18.0218 3480 Norton Ghost - ok 01:15:18.0250 3480 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 01:15:18.0250 3480 Npfs - ok 01:15:18.0578 3480 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 01:15:18.0593 3480 Ntfs - ok 01:15:18.0625 3480 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 01:15:18.0625 3480 NtLmSsp - ok 01:15:18.0937 3480 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 01:15:18.0937 3480 NtmsSvc - ok 01:15:18.0968 3480 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 01:15:18.0968 3480 Null - ok 01:15:19.0078 3480 [ E4F1F95A6BBBFBBFF9A713C6063AA2CB ] nvatabus C:\WINDOWS\system32\DRIVERS\nvatabus.sys 01:15:19.0078 3480 nvatabus - ok 01:15:19.0171 3480 [ 812F45DA883BDB87C5960B25295A7E9C ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 01:15:19.0171 3480 NVENETFD - ok 01:15:19.0203 3480 [ 507B332B431392ED37C23B7CFB66DCF7 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 01:15:19.0203 3480 nvnetbus - ok 01:15:19.0281 3480 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 01:15:19.0281 3480 NwlnkFlt - ok 01:15:19.0328 3480 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 01:15:19.0343 3480 NwlnkFwd - ok 01:15:19.0609 3480 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE 01:15:19.0609 3480 odserv - ok 01:15:19.0656 3480 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 01:15:19.0656 3480 ohci1394 - ok 01:15:19.0718 3480 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 01:15:19.0718 3480 ose - ok 01:15:19.0781 3480 [ 4A410C7AEA51123519C20D43A20BCE96 ] PAC207 C:\WINDOWS\system32\DRIVERS\PFC027.SYS 01:15:19.0781 3480 PAC207 - ok 01:15:19.0796 3480 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 01:15:19.0796 3480 Parport - ok 01:15:19.0812 3480 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 01:15:19.0812 3480 PartMgr - ok 01:15:19.0859 3480 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 01:15:19.0859 3480 ParVdm - ok 01:15:19.0921 3480 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 01:15:19.0921 3480 PCI - ok 01:15:19.0921 3480 PCIDump - ok 01:15:19.0953 3480 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 01:15:19.0953 3480 PCIIde - ok 01:15:19.0984 3480 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\WINDOWS\system32\drivers\pclepci.sys 01:15:20.0000 3480 PCLEPCI - ok 01:15:20.0000 3480 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 01:15:20.0000 3480 Pcmcia - ok 01:15:20.0000 3480 PDCOMP - ok 01:15:20.0015 3480 PDFRAME - ok 01:15:20.0015 3480 PDRELI - ok 01:15:20.0015 3480 PDRFRAME - ok 01:15:20.0031 3480 perc2 - ok 01:15:20.0031 3480 perc2hib - ok 01:15:20.0062 3480 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 01:15:20.0062 3480 PlugPlay - ok 01:15:20.0093 3480 [ 3ABDF04C0137F45568D5E960E7D5D73A ] PMUSB2G C:\WINDOWS\system32\Drivers\PMUSB.sys 01:15:20.0093 3480 PMUSB2G - ok 01:15:20.0093 3480 [ A1D7A9214B71EBBB6F31CB84AAC15525 ] Pnp680r C:\WINDOWS\system32\DRIVERS\pnp680r.sys 01:15:20.0093 3480 Pnp680r - ok 01:15:20.0125 3480 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 01:15:20.0125 3480 PolicyAgent - ok 01:15:20.0171 3480 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 01:15:20.0171 3480 PptpMiniport - ok 01:15:20.0187 3480 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 01:15:20.0187 3480 Processor - ok 01:15:20.0187 3480 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 01:15:20.0187 3480 ProtectedStorage - ok 01:15:20.0203 3480 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 01:15:20.0203 3480 PSched - ok 01:15:20.0218 3480 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 01:15:20.0218 3480 Ptilink - ok 01:15:20.0250 3480 [ 681AE4F1927FE0FDEEE2863F1684088D ] pwdrvio C:\WINDOWS\system32\pwdrvio.sys 01:15:20.0250 3480 pwdrvio - ok 01:15:20.0296 3480 [ BC60895CE021309EBD887D2F22055654 ] pwdspio C:\WINDOWS\system32\pwdspio.sys 01:15:20.0296 3480 pwdspio - ok 01:15:20.0343 3480 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 01:15:20.0343 3480 PxHelp20 - ok 01:15:20.0343 3480 ql1080 - ok 01:15:20.0359 3480 Ql10wnt - ok 01:15:20.0359 3480 ql12160 - ok 01:15:20.0359 3480 ql1240 - ok 01:15:20.0359 3480 ql1280 - ok 01:15:20.0406 3480 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 01:15:20.0421 3480 RasAcd - ok 01:15:20.0437 3480 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 01:15:20.0437 3480 RasAuto - ok 01:15:20.0484 3480 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys 01:15:20.0484 3480 Rasirda - ok 01:15:20.0484 3480 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 01:15:20.0484 3480 Rasl2tp - ok 01:15:20.0531 3480 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 01:15:20.0531 3480 RasMan - ok 01:15:20.0546 3480 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 01:15:20.0546 3480 RasPppoe - ok 01:15:20.0546 3480 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 01:15:20.0546 3480 Raspti - ok 01:15:20.0578 3480 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 01:15:20.0578 3480 Rdbss - ok 01:15:20.0593 3480 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 01:15:20.0593 3480 RDPCDD - ok 01:15:20.0640 3480 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 01:15:20.0640 3480 RDPWD - ok 01:15:20.0671 3480 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 01:15:20.0671 3480 RDSessMgr - ok 01:15:20.0718 3480 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 01:15:20.0718 3480 redbook - ok 01:15:20.0750 3480 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 01:15:20.0750 3480 RemoteAccess - ok 01:15:20.0765 3480 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 01:15:20.0765 3480 RpcLocator - ok 01:15:20.0796 3480 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll 01:15:20.0812 3480 RpcSs - ok 01:15:20.0859 3480 [ FEDD2710B75BE3ECF078ADACE790C423 ] RsFx0102 C:\WINDOWS\system32\DRIVERS\RsFx0102.sys 01:15:20.0859 3480 RsFx0102 - ok 01:15:20.0890 3480 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 01:15:20.0890 3480 RSVP - ok 01:15:20.0921 3480 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\WINDOWS\system32\DRIVERS\s0016bus.sys 01:15:20.0921 3480 s0016bus - ok 01:15:20.0968 3480 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys 01:15:20.0968 3480 s0016mdfl - ok 01:15:21.0000 3480 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\WINDOWS\system32\DRIVERS\s0016mdm.sys 01:15:21.0000 3480 s0016mdm - ok 01:15:21.0031 3480 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys 01:15:21.0031 3480 s0016mgmt - ok 01:15:21.0062 3480 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\WINDOWS\system32\DRIVERS\s0016nd5.sys 01:15:21.0062 3480 s0016nd5 - ok 01:15:21.0093 3480 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\WINDOWS\system32\DRIVERS\s0016obex.sys 01:15:21.0109 3480 s0016obex - ok 01:15:21.0140 3480 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\WINDOWS\system32\DRIVERS\s0016unic.sys 01:15:21.0140 3480 s0016unic - ok 01:15:21.0171 3480 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 01:15:21.0171 3480 SamSs - ok 01:15:21.0203 3480 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 01:15:21.0203 3480 SCardSvr - ok 01:15:21.0234 3480 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 01:15:21.0250 3480 Schedule - ok 01:15:21.0375 3480 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe 01:15:21.0375 3480 SearchAnonymizer - ok 01:15:21.0421 3480 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 01:15:21.0421 3480 Secdrv - ok 01:15:21.0453 3480 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 01:15:21.0453 3480 seclogon - ok 01:15:21.0500 3480 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 01:15:21.0500 3480 SENS - ok 01:15:21.0531 3480 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 01:15:21.0531 3480 serenum - ok 01:15:21.0531 3480 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 01:15:21.0546 3480 Serial - ok 01:15:21.0625 3480 [ 0B179A959FF6B6CA5927D4F255AB9F90 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys 01:15:21.0625 3480 sfdrv01 - ok 01:15:21.0656 3480 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys 01:15:21.0656 3480 sfhlp02 - ok 01:15:21.0671 3480 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 01:15:21.0671 3480 Sfloppy - ok 01:15:21.0703 3480 [ A62EFE6AA55C6A599DDBB6BD00E8FB9C ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys 01:15:21.0703 3480 sfsync02 - ok 01:15:21.0718 3480 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 01:15:21.0718 3480 SharedAccess - ok 01:15:21.0750 3480 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 01:15:21.0750 3480 ShellHWDetection - ok 01:15:21.0781 3480 [ 09889D435EDC82435B18C7C311FE5721 ] Si3114r5 C:\WINDOWS\system32\DRIVERS\Si3114r5.sys 01:15:21.0781 3480 Si3114r5 - ok 01:15:21.0812 3480 [ 46B92189FE4DB53A09E3A0099AA3084C ] SiFilter C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys 01:15:21.0812 3480 SiFilter - ok 01:15:21.0812 3480 Simbad - ok 01:15:21.0828 3480 [ B688378D258D1ECCE4768CDB55D48D92 ] SiRemFil C:\WINDOWS\system32\DRIVERS\SiRemFil.sys 01:15:21.0828 3480 SiRemFil - ok 01:15:21.0859 3480 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 01:15:21.0859 3480 SkypeUpdate - ok 01:15:21.0906 3480 [ 6352FA01BD438E88250D534A1A6D22FF ] SLEE_17_DRIVER C:\WINDOWS\system32\drivers\Sleen17.sys 01:15:21.0906 3480 SLEE_17_DRIVER - ok 01:15:21.0906 3480 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 01:15:21.0906 3480 SLIP - ok 01:15:21.0984 3480 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Programme\Sony\Sony PC Companion\PCCService.exe 01:15:22.0000 3480 Sony PC Companion - ok 01:15:22.0000 3480 Sparrow - ok 01:15:22.0031 3480 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 01:15:22.0031 3480 splitter - ok 01:15:22.0062 3480 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 01:15:22.0062 3480 Spooler - ok 01:15:22.0109 3480 [ EB2FD937449B7ACEB39372F875EB8E78 ] SQLAgent$SQLEXPRESS c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 01:15:22.0109 3480 SQLAgent$SQLEXPRESS - ok 01:15:22.0187 3480 [ 99DE6ACFA5CA83FAD6A765C81C6F129F ] SQLBrowser c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe 01:15:22.0203 3480 SQLBrowser - ok 01:15:22.0234 3480 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe 01:15:22.0234 3480 SQLWriter - ok 01:15:22.0234 3480 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 01:15:22.0234 3480 sr - ok 01:15:22.0265 3480 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 01:15:22.0265 3480 srservice - ok 01:15:22.0312 3480 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 01:15:22.0312 3480 Srv - ok 01:15:22.0343 3480 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 01:15:22.0343 3480 SSDPSRV - ok 01:15:22.0359 3480 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 01:15:22.0359 3480 stisvc - ok 01:15:22.0406 3480 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 01:15:22.0406 3480 streamip - ok 01:15:22.0421 3480 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 01:15:22.0421 3480 swenum - ok 01:15:22.0453 3480 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 01:15:22.0453 3480 swmidi - ok 01:15:22.0453 3480 SwPrv - ok 01:15:22.0468 3480 Symantec SymSnap VSS Provider - ok 01:15:22.0468 3480 symc810 - ok 01:15:22.0468 3480 symc8xx - ok 01:15:22.0515 3480 [ 5220576EE29BEA7C18DFF9ECABF18BBC ] symlcbrd C:\WINDOWS\system32\drivers\symlcbrd.sys 01:15:22.0515 3480 symlcbrd - ok 01:15:22.0531 3480 [ A5CF31080E99718949BCC38C83F13452 ] symsnap C:\WINDOWS\system32\DRIVERS\symsnap.sys 01:15:22.0531 3480 symsnap - ok 01:15:22.0609 3480 [ 21FF886E6F679FC1EB352F231E846357 ] SymSnapService C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe 01:15:22.0625 3480 SymSnapService - ok 01:15:22.0625 3480 sym_hi - ok 01:15:22.0640 3480 sym_u3 - ok 01:15:22.0656 3480 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 01:15:22.0656 3480 sysaudio - ok 01:15:22.0687 3480 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 01:15:22.0687 3480 SysmonLog - ok 01:15:22.0718 3480 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 01:15:22.0718 3480 TapiSrv - ok 01:15:22.0765 3480 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 01:15:22.0765 3480 Tcpip - ok 01:15:22.0781 3480 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 01:15:22.0781 3480 TDPIPE - ok 01:15:22.0781 3480 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 01:15:22.0781 3480 TDTCP - ok 01:15:22.0796 3480 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 01:15:22.0796 3480 TermDD - ok 01:15:22.0812 3480 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 01:15:22.0828 3480 TermService - ok 01:15:22.0843 3480 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 01:15:22.0843 3480 Themes - ok 01:15:22.0859 3480 TosIde - ok 01:15:22.0875 3480 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 01:15:22.0875 3480 TrkWks - ok 01:15:22.0906 3480 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 01:15:22.0906 3480 Udfs - ok 01:15:22.0906 3480 ultra - ok 01:15:22.0937 3480 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 01:15:22.0937 3480 Update - ok 01:15:22.0968 3480 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 01:15:22.0984 3480 upnphost - ok 01:15:23.0000 3480 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 01:15:23.0000 3480 UPS - ok 01:15:23.0031 3480 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 01:15:23.0031 3480 usbaudio - ok 01:15:23.0046 3480 [ 0C28DD9EC68CCB6E95D49BFD24FD2C11 ] USBCamera C:\WINDOWS\system32\Drivers\Bulk533.sys 01:15:23.0046 3480 USBCamera - ok 01:15:23.0078 3480 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 01:15:23.0078 3480 usbccgp - ok 01:15:23.0078 3480 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 01:15:23.0078 3480 usbehci - ok 01:15:23.0093 3480 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 01:15:23.0093 3480 usbhub - ok 01:15:23.0109 3480 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 01:15:23.0109 3480 usbohci - ok 01:15:23.0125 3480 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 01:15:23.0125 3480 usbprint - ok 01:15:23.0140 3480 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 01:15:23.0140 3480 usbscan - ok 01:15:23.0156 3480 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys 01:15:23.0156 3480 usbser - ok 01:15:23.0171 3480 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 01:15:23.0171 3480 USBSTOR - ok 01:15:23.0187 3480 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 01:15:23.0187 3480 usbuhci - ok 01:15:23.0203 3480 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 01:15:23.0203 3480 VgaSave - ok 01:15:23.0203 3480 ViaIde - ok 01:15:23.0250 3480 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 01:15:23.0250 3480 VolSnap - ok 01:15:23.0296 3480 [ EF3506B04EB9124240B35148EAACBAA5 ] VProEventMonitor C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys 01:15:23.0296 3480 VProEventMonitor - ok 01:15:23.0312 3480 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 01:15:23.0328 3480 VSS - ok 01:15:23.0437 3480 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe 01:15:23.0437 3480 vToolbarUpdater12.2.6 - ok 01:15:23.0468 3480 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 01:15:23.0468 3480 W32Time - ok 01:15:23.0546 3480 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 01:15:23.0546 3480 Wanarp - ok 01:15:23.0640 3480 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys 01:15:23.0640 3480 Wdf01000 - ok 01:15:23.0640 3480 WDICA - ok 01:15:23.0671 3480 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 01:15:23.0671 3480 wdmaud - ok 01:15:23.0671 3480 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 01:15:23.0687 3480 WebClient - ok 01:15:23.0734 3480 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\WINDOWS\system32\DRIVERS\wimfltr.sys 01:15:23.0734 3480 WimFltr - ok 01:15:23.0796 3480 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 01:15:23.0796 3480 winmgmt - ok 01:15:23.0859 3480 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 01:15:23.0859 3480 WinRM - ok 01:15:23.0921 3480 [ 671DB6A9B772B807721147C28FAF760F ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys 01:15:23.0921 3480 WmBEnum - ok 01:15:23.0937 3480 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 01:15:23.0937 3480 WmdmPmSN - ok 01:15:23.0968 3480 [ CFFE18DB8140B00335221907A694DD01 ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys 01:15:23.0968 3480 WmFilter - ok 01:15:24.0000 3480 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 01:15:24.0000 3480 WmiApSrv - ok 01:15:24.0078 3480 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 01:15:24.0078 3480 WMPNetworkSvc - ok 01:15:24.0109 3480 [ 2E17EA3B132963E3C07D50D68D2DF54E ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys 01:15:24.0109 3480 WmVirHid - ok 01:15:24.0125 3480 [ 0ECE3BB49EB9EE42C411A0F1EC39DDA9 ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys 01:15:24.0125 3480 WmXlCore - ok 01:15:24.0140 3480 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 01:15:24.0140 3480 WpdUsb - ok 01:15:24.0250 3480 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 01:15:24.0250 3480 WPFFontCache_v0400 - ok 01:15:24.0312 3480 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 01:15:24.0312 3480 wscsvc - ok 01:15:24.0312 3480 WSearch - ok 01:15:24.0343 3480 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 01:15:24.0359 3480 WSTCODEC - ok 01:15:24.0390 3480 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 01:15:24.0390 3480 wuauserv - ok 01:15:24.0437 3480 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 01:15:24.0437 3480 WudfPf - ok 01:15:24.0468 3480 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 01:15:24.0468 3480 WudfRd - ok 01:15:24.0484 3480 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 01:15:24.0484 3480 WudfSvc - ok 01:15:24.0515 3480 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 01:15:24.0531 3480 WZCSVC - ok 01:15:24.0546 3480 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 01:15:24.0562 3480 xmlprov - ok 01:15:24.0593 3480 [ 4322C32CED8C4772E039616DCBF01D3F ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys 01:15:24.0593 3480 yukonwxp - ok 01:15:24.0609 3480 ================ Scan global =============================== 01:15:24.0671 3480 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 01:15:24.0687 3480 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 01:15:24.0703 3480 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 01:15:24.0718 3480 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 01:15:24.0718 3480 [Global] - ok 01:15:24.0718 3480 ================ Scan MBR ================================== 01:15:24.0750 3480 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 01:15:24.0921 3480 \Device\Harddisk0\DR0 - ok 01:15:24.0921 3480 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1 01:15:25.0171 3480 \Device\Harddisk1\DR1 - ok 01:15:25.0171 3480 ================ Scan VBR ================================== 01:15:25.0187 3480 [ 43E89A61C3AF49F8D624AA2DE4002AED ] \Device\Harddisk0\DR0\Partition1 01:15:25.0203 3480 \Device\Harddisk0\DR0\Partition1 - ok 01:15:25.0203 3480 [ 889D8DC8733C621E99545E859CABB2A9 ] \Device\Harddisk1\DR1\Partition1 01:15:25.0203 3480 \Device\Harddisk1\DR1\Partition1 - ok 01:15:25.0203 3480 ============================================================ 01:15:25.0203 3480 Scan finished 01:15:25.0203 3480 ============================================================ 01:15:25.0218 3772 Detected object count: 0 01:15:25.0218 3772 Actual detected object count: 0 |
13.10.2012, 01:53 | #8 |
| Wieder CahtZum Hoffe, daß soweit alles paßt. LG Tina |
13.10.2012, 10:18 | #9 |
/// TB-Ausbilder | Wieder CahtZum Servus, Auf deinem Rechner tummelt sich ziemlich viel Müll... wird Zeit, dass wir dagegen vorgehen. Schritt 1
Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3 Starte bitte OTL.exe. Wähle unter Extra Registrierung: Benutze Safe List und klicke auf den Scan Button. Poste die OTL.txt und die Extras.txt hier in deinen Thread. Bitte poste mit deiner nächsten Antwort
|
13.10.2012, 12:39 | #10 |
| Wieder CahtZum Hallo Matthias, Müll??? Weiß gar nicht, was Du meinst*gg* ich habe nun fast alles von Schritt 1 entfernt. Ein Problem gibt es jedoch, wenn ich Yontoo Desinstallieren will kommt folgende Meldung: Setup initalization error. Habe ich Schritt 2 richtig verstanden? Adwcleaner mit Doppelklick starten und dann löschen? Einen Erfolg gibt es schon, ein Programm kann ich wieder öffnen!!!!! Wenn ich aber bei Firefox einen neuen Reiter aufmache, kommt immer noch Babylon Search. Tina Geändert von Tina666 (13.10.2012 um 12:59 Uhr) |
13.10.2012, 16:07 | #11 |
/// TB-Ausbilder | Wieder CahtZum Servus, Downloade Dir bitte den Revo Uninstaller
Starte den Rechner abschließend neu auf. Führe anschließend AdwCleaner und OTL wie beschrieben aus und poste die drei Logdateien (1 von AdwCleaner, 2 von OTL). |
14.10.2012, 00:32 | #12 |
| Wieder CahtZum Danke, werde es aber wahrscheinlich erst morgen machen. Tina Also doch noch heute Nacht... Yantoo ist weg, super, danke. Hier adwCleaner: # AdwCleaner v2.004 - Datei am 14/10/2012 um 01:58:07 erstellt # Aktualisiert am 06/10/2012 von Xplode # Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits) # Benutzer : Hartmann - MOTIONSIGN # Bootmodus : Normal # Ausgeführt unter : C:\Bereinigung\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gelöscht : C:\Programme\Mozilla FireFox\Components\AskSearch.js Datei Gelöscht : C:\Programme\Mozilla Firefox\searchplugins\avg-secure-search.xml Datei Gelöscht : C:\Programme\Mozilla Firefox\searchplugins\babylon.xml Datei Gelöscht : C:\Programme\Mozilla FireFox\searchplugins\Search_Results.xml Datei Gelöscht : C:\Programme\Mozilla Firefox\searchplugins\SearchResults.xml Datei Gelöscht : c:\temp\searchqutoolbar-manifest.xml Datei Gelöscht : c:\temp\Uninstall.exe Datei Gelöscht : C:\user.js Datei Gelöscht : C:\WINDOWS\system32\conduitEngine.tmp Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer Ordner Gelöscht : C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Babylon Ordner Gelöscht : C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\PriceGong Ordner Gelöscht : C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\searchquband Ordner Gelöscht : C:\Programme\Ask.com Ordner Gelöscht : C:\Programme\ChatZum Toolbar Ordner Gelöscht : C:\Programme\Conduit Ordner Gelöscht : C:\Programme\PriceGong Ordner Gelöscht : C:\Programme\Search Settings Ordner Gelöscht : C:\Programme\Windows Searchqu Toolbar Ordner Gelöscht : C:\Programme\Yontoo Ordner Gelöscht : c:\temp\BabylonToolbar Ordner Gelöscht : c:\temp\Iminent ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit Schlüssel Gelöscht : HKCU\Software\Babylon Schlüssel Gelöscht : HKCU\Software\ChatZum Toolbar Schlüssel Gelöscht : HKCU\Software\Conduit Schlüssel Gelöscht : HKCU\Software\ConduitSearchScopes Schlüssel Gelöscht : HKCU\Software\DataMngr Schlüssel Gelöscht : HKCU\Software\Iminent Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6A87B991-A31F-4130-AE72-6D0C294BF082} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E908B145-C847-4E85-B315-07E2E70DECF8} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A87B991-A31F-4130-AE72-6D0C294BF082} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E908B145-C847-4E85-B315-07E2E70DECF8} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Schlüssel Gelöscht : HKCU\Software\PriceGong Schlüssel Gelöscht : HKCU\Software\SmartBar Schlüssel Gelöscht : HKLM\Software\APN Schlüssel Gelöscht : HKLM\Software\AskBarDis Schlüssel Gelöscht : HKLM\Software\AskToolbar Schlüssel Gelöscht : HKLM\Software\Babylon Schlüssel Gelöscht : HKLM\Software\ChatZum Toolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2319825 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3196716 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Schlüssel Gelöscht : HKLM\Software\Conduit Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Schlüssel Gelöscht : HKLM\Software\Iminent Schlüssel Gelöscht : HKLM\Software\ImInstaller Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5F05C28D-DEA9-4AD6-A73A-064175988EAB} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C878CD69-85DB-426B-81A3-E71175AAEB91} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ChatZum Toolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong Schlüssel Gelöscht : HKLM\SOFTWARE\Software Schlüssel Gelöscht : HKLM\Software\Tarma Installer Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{8a9386b4-e958-4c4c-adf4-8f26db3e4829}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}] ***** [Internet Browser] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Die Registrierungsdatenbank ist sauber. ************************* AdwCleaner[S1].txt - [18811 octets] - [14/10/2012 01:58:07] ########## EOF - C:\AdwCleaner[S1].txt - [18872 octets] ########## |
14.10.2012, 22:18 | #14 |
| Wieder CahtZum Hallo, ich habs nicht vergessen, aber beim Scannen gestern hat sich der Rechner aufgehängt. Dann hatte ich keine Nerven mehr dazu....OTL Logfile: Code:
ATTFilter OTL logfile created on: 14.10.2012 23:05:34 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Bereinigung Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,13% Memory free 6,84 Gb Paging File | 5,94 Gb Available in Paging File | 86,86% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 465,76 Gb Total Space | 288,54 Gb Free Space | 61,95% Space Free | Partition Type: NTFS Drive D: | 596,16 Gb Total Space | 399,23 Gb Free Space | 66,97% Space Free | Partition Type: NTFS Computer Name: MOTIONSIGN | User Name: Hartmann | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.11 22:51:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Bereinigung\OTL.exe PRC - [2012.09.08 01:53:07 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe PRC - [2012.01.18 18:36:46 | 001,452,680 | ---- | M] (SPAMfighter ApS) -- C:\Programme\Fighters\Tray\FightersTray.exe PRC - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe PRC - [2010.03.03 19:39:40 | 002,598,760 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProTray.exe PRC - [2010.03.03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProSvc.exe PRC - [2010.02.11 02:34:14 | 001,964,528 | ---- | M] (Symantec) -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2001.09.21 14:50:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\Gtwatch.exe PRC - [2001.07.09 15:38:10 | 000,356,352 | ---- | M] (Common Group) -- C:\WINDOWS\twain_32\A12U16KD\WATCH.exe ========== Modules (No Company Name) ========== MOD - [2012.10.09 17:39:51 | 009,814,968 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll MOD - [2012.09.08 01:53:06 | 002,244,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2012.07.27 22:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU MOD - [2012.06.14 08:54:23 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll MOD - [2012.06.14 08:50:09 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll MOD - [2012.06.14 08:49:13 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012.06.14 08:49:02 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012.05.12 18:22:05 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012.05.12 18:21:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe MOD - [2011.04.25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll MOD - [2011.04.25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll MOD - [2011.04.25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll MOD - [2011.04.25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll MOD - [2011.04.25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll MOD - [2011.04.25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll MOD - [2011.04.20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll MOD - [2010.04.24 23:30:41 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll MOD - [2005.01.06 18:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll MOD - [2004.09.14 19:44:12 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxbxPP5C.DLL MOD - [2002.10.30 09:58:36 | 000,143,360 | ---- | M] () -- C:\WINDOWS\twain_32\A12U16KD\A2dSpi.dll MOD - [2001.12.06 20:55:18 | 000,135,168 | ---- | M] () -- C:\WINDOWS\system32\A2dusd.dll MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll MOD - [2001.09.21 14:50:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\Gtwatch.exe ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - File not found [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2012.10.09 17:39:52 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.08 01:53:07 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer) SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP) SRV - [2010.03.03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost) SRV - [2010.02.12 07:09:06 | 001,574,408 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service) SRV - [2010.02.11 02:34:14 | 001,964,528 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe -- (SymSnapService) SRV - [2007.09.26 10:53:56 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate) SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005.01.07 00:41:22 | 000,462,848 | ---- | M] (Lexmark International, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\lxbxcoms.exe -- (lxbx_device) SRV - [2004.10.22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install) DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\FTD2XX.sys -- (FTD2XX) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avfsfilter.sys -- (AVFSFilter) DRV - [2012.07.08 22:52:59 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc) DRV - [2012.07.08 22:52:59 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt) DRV - [2012.03.01 14:51:11 | 000,565,552 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2012.01.18 15:55:56 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio) DRV - [2012.01.18 15:55:54 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio) DRV - [2011.08.10 16:39:48 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc3d.sys -- (dc3d) DRV - [2011.06.28 13:15:20 | 006,363,752 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2011.03.22 09:58:42 | 000,065,136 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c) DRV - [2011.03.10 19:34:46 | 000,034,608 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2011.03.04 14:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2011.03.04 14:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (KL1) DRV - [2010.03.03 19:59:22 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr) DRV - [2010.02.12 07:10:12 | 000,057,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GenericMount.sys -- (GenericMount) DRV - [2010.02.11 02:34:46 | 000,138,592 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\symsnap.sys -- (symsnap) DRV - [2009.11.18 01:17:00 | 001,395,800 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009.11.18 01:16:00 | 001,691,480 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009.11.02 21:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009.09.21 20:40:14 | 000,015,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys -- (VProEventMonitor) DRV - [2009.09.17 15:12:32 | 000,093,920 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt ) [Driver] [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SleeN17.sys -- (SLEE_17_DRIVER) DRV - [2009.01.04 15:25:08 | 000,017,408 | ---- | M] (PassMark Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PMUSB.sys -- (PMUSB2G) DRV - [2008.12.02 00:13:40 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2008.11.25 02:35:54 | 000,211,496 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Si3114r5.sys -- (Si3114r5) DRV - [2008.11.25 02:35:54 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter) DRV - [2008.11.25 02:35:54 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiRemFil.sys -- (SiRemFil) DRV - [2008.07.10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0102.sys -- (RsFx0102) DRV - [2008.05.16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) DRV - [2008.05.16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) DRV - [2008.05.16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl) DRV - [2008.05.16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm) DRV - [2008.05.16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) DRV - [2008.05.16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex) DRV - [2008.05.16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) DRV - [2008.02.13 13:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207) DRV - [2008.01.14 17:29:17 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k) DRV - [2007.12.06 10:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2006.09.02 17:09:52 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt) DRV - [2006.09.02 16:36:20 | 000,004,608 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd) DRV - [2006.09.02 15:49:55 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2006.07.24 04:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k) DRV - [2006.07.24 04:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp) DRV - [2005.05.17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2005.05.16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2005.02.09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI) DRV - [2005.01.10 11:45:56 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K) DRV - [2004.12.07 10:15:54 | 000,087,936 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus) DRV - [2004.12.01 14:40:08 | 002,300,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2004.11.24 11:42:48 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2004.11.24 11:42:46 | 000,033,408 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2004.10.21 05:39:44 | 000,035,840 | R--- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004.07.14 12:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock) DRV - [2004.04.26 08:10:00 | 000,038,081 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK) DRV - [2004.04.26 08:09:52 | 000,054,657 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou) DRV - [2004.04.26 08:09:42 | 000,071,405 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2004.04.26 08:09:24 | 000,024,605 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe) DRV - [2003.05.14 14:42:56 | 000,021,216 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2003.05.14 14:42:50 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2003.05.14 14:42:48 | 000,005,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2003.05.14 14:42:44 | 000,044,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2003.03.25 10:55:04 | 000,027,136 | R--- | M] (Mobile Action Tech. Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ma-620.sys -- (MA-620) DRV - [2002.10.21 11:37:16 | 000,515,803 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Ca533av.sys -- (Ca533av) DRV - [2002.07.25 11:19:48 | 000,010,986 | ---- | M] (USB BULK) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Bulk533.sys -- (USBCamera) DRV - [2002.05.31 10:35:02 | 000,076,976 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pnp680r.sys -- (Pnp680r) DRV - [2001.11.08 08:53:54 | 000,018,120 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x) DRV - [2001.08.17 13:49:38 | 000,009,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ativmdcd.sys -- (MVDCODEC) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0504817B-F19C-4569-BF5F-14CA6DE4EFF1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 88 CC C8 01 08 05 C8 01 02 00 02 00 53 01 0C 00 98 CC C8 01 F8 04 C8 01 02 00 02 00 51 01 0C 00 00 00 00 00 [binary data] IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Wirtschaft: Wirtschaftsnachrichten von t-online.de/wirtschaft IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes,DefaultScope = {04324A13-C562-44B5-98C3-CB910B1B550C} IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{04324A13-C562-44B5-98C3-CB910B1B550C}: "URL" = hxxp://search.chatzum.com/?q={searchTerms} IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{0504817B-F19C-4569-BF5F-14CA6DE4EFF1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{131B38B1-CC5B-4A32-9914-62E0ED1FC19C}: "URL" = [String data over 1000 bytes] IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{342032E5-348C-48BE-BFB2-D336898928C9}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{3AA0DE0F-6691-4E93-A74E-D0A366421803}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{3D20C55B-1C6F-44BB-8B64-6EB4DA52524C}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{65B27F1C-B3AA-42A9-82CF-FF5ED3FED24F}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{9F3786B8-EF7C-407E-AF2C-B49DAA6A0D1E}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{D6481E63-37A6-44EA-802B-2BC182D0D96E}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost ========== FireFox ========== FF - prefs.js..CT2319825.browser.search.defaultthis.engineName: true FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.defaultthis.engineName: "4shared.com Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-ffpro" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com/" FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.1.9 FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00 FF - prefs.js..extensions.enabledAddons: toolbar@web.de:2.3.3 FF - prefs.js..extensions.enabledAddons: {40c3cc16-7269-4b32-9531-17f2950fb06f}:10.10.27.6 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463 FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.7.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.3 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3 FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=" FF - prefs.js..network.proxy.type: 0 FF - user.js..browser.startup.homepage: "hxxp://www.google.com/" FF - user.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=" FF - user.js..browser.search.selectedEngine: "Google" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.08.30 19:24:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\linkfilter@kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.08.30 19:24:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\KavAntiBanner@Kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.08.30 19:24:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.10.14 01:58:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.09.08 01:52:58 | 000,000,000 | ---D | M] [2012.10.13 13:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions [2008.11.13 03:04:29 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2012.10.13 13:36:54 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions [2012.08.22 13:56:32 | 000,000,000 | ---D | M] (4shared.com Community Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} [2010.05.13 03:16:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.08.23 03:04:37 | 000,000,000 | ---D | M] (Winload) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} [2012.10.12 00:29:40 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012.02.29 21:46:43 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} [2011.12.23 19:32:17 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\ffxtlbr@babylon.com [2012.10.02 23:11:56 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\foxmarks@kei.com [2012.03.01 14:22:25 | 000,000,000 | ---D | M] (Yontoo) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\plugin@yontoo.com [2012.10.11 01:27:04 | 000,565,762 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\toolbar@web.de.xpi [2012.10.11 01:27:10 | 000,000,911 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\11-suche.xml [2012.03.30 00:24:50 | 000,001,086 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\ask.xml [2012.03.30 00:24:50 | 000,002,691 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\askcom.xml [2012.03.30 22:00:10 | 000,000,937 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\conduit.xml [2012.10.11 01:27:10 | 000,002,273 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\englische-ergebnisse.xml [2012.10.11 01:27:10 | 000,010,563 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\gmx-suche.xml [2012.03.30 00:24:50 | 000,002,492 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\google-und-download-suche.xml [2012.10.11 01:27:10 | 000,002,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\lastminute.xml [2012.06.19 21:47:55 | 000,000,641 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\search-web.xml [2011.10.09 19:46:30 | 000,002,520 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\SearchResults.xml [2012.06.01 19:20:40 | 000,002,515 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\Search_Results.xml [2012.10.11 01:27:10 | 000,005,545 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\webde-suche.xml [2012.03.30 00:24:51 | 000,001,872 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{044BA39C-AD89-4B4C-B2B0-3517499C48F2}.xml [2012.03.30 00:24:52 | 000,002,079 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{06A29687-A639-4360-9088-A404C00556D1}.xml [2012.03.30 00:24:52 | 000,002,190 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{A75239EF-069B-40AF-831D-CEA4E5C16540}.xml [2012.10.13 13:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.09.08 01:52:55 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012.09.08 01:52:53 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012.09.08 01:52:54 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012.09.08 01:53:07 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2011.04.02 14:36:35 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2012.06.20 22:33:33 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.02 00:55:20 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.06.20 22:33:33 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.06.20 22:33:33 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.20 22:33:33 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.20 22:33:33 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: Search CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn\1.0.0_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\4.43.0_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.6_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\ O1 HOSTS File: ([2009.10.10 13:27:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.) O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{C424171E-592A-415a-9EB1-DFD6D95D3530} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [CommonToolkitTray] c:\Programme\Fighters\Tray\FightersTray.exe (SPAMfighter ApS) O4 - HKLM..\Run: [Gtwatch] C:\WINDOWS\Gtwatch.exe () O4 - HKLM..\Run: [HF_G_Jul] "C:\Programme\AVG Secure Search\HF_G_Jul.exe" /DoAction File not found O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.) O4 - HKLM..\Run: [Norton Ghost 15.0] C:\Programme\Norton Ghost\Agent\VProTray.exe (Symantec Corporation) O4 - HKLM..\Run: [Ocs_SM] C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe (OCS) O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Programme\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Watch.lnk = C:\WINDOWS\twain_32\A12U16KD\WATCH.exe (Common Group) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 351 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm () O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6ADAB9D3-1DB3-49B2-89FC-F454CD73AD07}: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FC1575C-73E5-4A35-B75A-769B11439EBC}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.10.29 14:53:12 | 000,000,087 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell - "" = AutoRun O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell - "" = AutoRun O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell\AutoRun\command - "" = G:\Startme.exe O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell - "" = AutoRun O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\Auto\command - "" = G:\sxs.exe O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell\AutoRun\command - "" = E:\camera.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.10.14 01:41:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Hartmann\Startmenü\Programme\Revo Uninstaller [2012.10.14 01:38:32 | 000,000,000 | ---D | C] -- C:\Programme\VS Revo Group [2012.10.11 22:50:49 | 000,000,000 | ---D | C] -- C:\Bereinigung [2006.12.16 13:34:39 | 000,024,192 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Hartmann\usbsermptxp.sys [2006.12.16 13:34:39 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Hartmann\usbsermpt.sys ========== Files - Modified Within 30 Days ========== [2012.10.14 22:50:07 | 000,000,402 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{44BE5EBB-6A99-4DE1-B962-E148184E8A04}.job [2012.10.14 22:50:06 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Hartmann-Startup.job [2012.10.14 22:47:53 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Hartmann-Notification.job [2012.10.14 22:47:42 | 000,012,682 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.10.14 22:45:48 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.10.14 22:45:45 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job [2012.10.14 22:45:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.10.14 22:45:29 | 000,069,112 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2012.10.14 01:59:04 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX [2012.10.14 01:44:00 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.10.14 01:41:22 | 000,000,908 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Desktop\Revo Uninstaller.lnk [2012.10.14 01:39:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.10.13 13:24:01 | 000,000,010 | ---- | M] () -- C:\WINDOWS\WININIT.INI [2012.10.13 13:19:49 | 000,000,838 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog [2012.10.13 05:18:43 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2012.10.11 23:41:42 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\defogger_reenable [2012.10.11 16:36:17 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2012.10.10 17:05:21 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.10.09 17:39:52 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.10.09 17:39:52 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.10.07 15:26:30 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini ========== Files Created - No Company Name ========== [2012.10.14 01:38:32 | 000,000,908 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Desktop\Revo Uninstaller.lnk [2012.10.13 13:23:57 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2012.10.11 23:41:42 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\defogger_reenable [2012.10.11 16:36:17 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2012.10.11 16:36:17 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2012.06.19 16:39:23 | 000,922,184 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe [2012.06.19 16:39:22 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys [2012.06.19 16:39:21 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys [2012.04.03 19:54:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI [2012.04.03 18:32:39 | 000,018,120 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\gt680x.sys [2012.03.30 22:54:46 | 000,117,035 | ---- | C] () -- C:\Programme\jquery.yoxview-2.21.zip [2012.03.30 22:12:11 | 007,558,447 | ---- | C] () -- C:\Programme\aemf20.exe [2012.03.29 21:52:18 | 000,015,416 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2012.03.29 21:17:29 | 000,982,196 | R--- | C] () -- C:\WINDOWS\System32\igkrng500.bin [2012.03.29 21:17:29 | 000,417,344 | R--- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin [2012.03.29 21:16:21 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2012.03.28 16:22:51 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\A2dusd.dll [2012.03.28 14:44:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WATCH.INI [2012.03.28 14:20:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\Gtwatch.exe [2012.03.01 14:55:08 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db [2012.03.01 14:52:55 | 000,116,189 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2012.03.01 14:52:55 | 000,098,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2012.02.16 05:44:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.02.03 07:29:50 | 000,211,614 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2011.03.11 13:43:54 | 000,029,763 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat [2010.11.17 08:12:17 | 000,000,087 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\.octave_hist [2010.10.15 14:38:24 | 000,000,244 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\varicad-work.ini [2010.04.28 00:14:16 | 000,038,347 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\dsc2099.jpg [2010.01.06 23:44:31 | 000,000,291 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\PropCalc Preferences [2008.09.27 01:47:18 | 000,278,016 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\mdbu.bin [2008.06.20 14:23:06 | 001,487,202 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\test [2007.08.03 23:47:14 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2007.04.25 23:08:24 | 000,093,209 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\mdb.bin [2006.12.16 13:34:39 | 000,007,195 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USBMOT2000.INF [2006.12.16 13:34:39 | 000,005,891 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USBMOT2000XP.INF [2006.12.16 13:34:39 | 000,005,877 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USB_CMCS_2000.INF [2006.10.06 12:39:40 | 000,104,990 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\wtge61ge.HST [2006.09.02 17:25:29 | 000,039,936 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006.09.02 16:46:03 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== ZeroAccess Check ========== [2006.09.02 16:45:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 14.10.2012 23:05:34 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Bereinigung Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,13% Memory free 6,84 Gb Paging File | 5,94 Gb Available in Paging File | 86,86% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 465,76 Gb Total Space | 288,54 Gb Free Space | 61,95% Space Free | Partition Type: NTFS Drive D: | 596,16 Gb Total Space | 399,23 Gb Free Space | 66,97% Space Free | Partition Type: NTFS Computer Name: MOTIONSIGN | User Name: Hartmann | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung "80:TCP" = 80:TCP:*:Disabled:Windows-Remoteverwaltung - Kompatibilitätsmodus (HTTP eingehend) ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Programme\IPACS\easyFly\easyfly.exe" = C:\Programme\IPACS\easyFly\easyfly.exe:*:Enabled:easyfly -- (IPACS) "C:\Programme\Pinnacle\Studio 10\programs\RM.exe" = C:\Programme\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems, Inc.) "C:\Programme\Pinnacle\Studio 10\programs\Studio.exe" = C:\Programme\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems) "C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe:*:Enabled:Installationsprogramm für Kaspersky Internet Security 2009 -- (Kaspersky Lab) "C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen -- (Microsoft Corporation) "C:\Programme\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" = C:\Programme\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Disabled:backWeb-8876480 -- () "C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- () "C:\Ubisoft\Silent Hunter 5\sh5.exe" = C:\Ubisoft\Silent Hunter 5\sh5.exe:*:Enabled:Silent Hunter 5 -- (Ubisoft) "E:\DVD-Start.exe" = E:\DVD-Start.exe:*:Enabled:Schnellstart-DVD "C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\C06YGF3E\cimatron_e10_german_downloader_142[1].exe" = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\C06YGF3E\cimatron_e10_german_downloader_142[1].exe:*:Enabled:ExpressFilesInstaller "C:\Programme\ExpressFiles\ExpressFiles.exe" = C:\Programme\ExpressFiles\ExpressFiles.exe:*:Enabled:ExpressFiles "C:\Programme\ExpressFiles\ExpressDL.exe" = C:\Programme\ExpressFiles\ExpressDL.exe:*:Enabled:ExpressFilesDL "C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- () "C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator 0.8.0 "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0153A77C-A981-4A1F-BAA9-16A80FBC358A}" = Full Spectrum Warrior "{03CDDD00-BD57-4326-9480-4C74449AF597}" = PhotoStitch "{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn "{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC "{095659A2-739F-4D9A-A916-66C7CAD16F9E}" = Canon Camera WIA Driver "{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu "{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12 "{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday "{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1" = KompoZer 0.8b3 "{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2 "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24 "{295EAB46-0541-497E-9520-83E5CCCDA2AC}" = CADsymbols "{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt "{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint "{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English) "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types "{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1" = MiniTool Partition Wizard Home Edition 7.1 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35B8CC58-F128-4169-82EB-0E6CB0C3AFE6}" = ArcSoft PhotoImpression "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10 "{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore "{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg "{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox "{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2 "{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared "{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0 "{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files "{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser "{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP "{51DDFE79-3B2B-4AC7-8CAD-803D7D0DF6DD}" = MySQL Server 6.0 "{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001 "{59CEACE1-2A1D-4CA7-908C-84CA8596E950}" = Cimatron E 6.0 Deutsche Benutzeroberfläche "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Camera Window "{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services "{5EF16AA8-597E-4779-AEF7-1589EA1A7EC4}" = Nokia 6230i Infrared-Handset Manager "{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA "{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}" = Roxio PhotoSuite 5 "{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink "{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package "{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids "{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch) "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7A506386-BF2E-4C8E-8BE7-751B028134D2}" = X1TLD-FB "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS "{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday "{8CA071D3-A3DD-4EDD-A997-AFB178A181C7}" = DaViDeo ultimate "{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles "{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{8F714418-F3C3-3BF0-B548-E4BDA7AD41DE}" = Microsoft Visual Basic 2008 Express Edition with SP1 - DEU "{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger "{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui "{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime "{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III "{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2 "{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8 "{9E9DC77E-045B-4A28-990A-30CC4E1E8D80}" = SLOW-PCfighter "{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove "{A166CC47-2B02-427D-9619-58A935C66794}" = Tilgungsplaner Professional 9 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI (Studio 10) "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A979B2D8-E3EE-4523-A26C-4AF0A6809280}" = Sniper Elite "{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5 "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch "{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK "{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com "{B0255743-165B-4BD5-8DA8-37DFB9930015}" = Norton Ghost "{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0 "{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI "{B3282FB8-874B-4054-8356-9EB391A826F9}" = OLYMPUS muvee theaterPack "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services "{B651B3EC-1827-4CF5-8398-397B789E3151}" = File Viewer Utility 1.2.1 "{B7F98125-4955-41E3-8A71-4CE11CE9C198}" = KODAK Gallery Upload-Software "{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1205500-2179-11D7-B0B9-0000E24D4B29}" = Digital Camera "{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX "{C2490885-D566-405F-889B-670C6CF0F7F2}" = Steganos Live Encryption Engine 17 "{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU "{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU "{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam "{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client "{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CC4BBCBA-89F6-47C3-9B0F-5CE5BB1C316C}" = WEB.DE Toolbar MSVC100 CRT x86 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF6E4D8E-F6F3-40DF-B6C9-BA379F4E9FA3}" = RemoteCapture 2.7.1 "{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer "{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software "{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord "{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR "{DD066C5F-A5C6-4A2B-8A08-7E3395B72C24}" = CIG "{DEF2E5A3-0317-4822-B930-8B721EB483E4}" = ArcSoft VideoImpression 1.6 "{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips "{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}" = Lock On: Modern Air Combat "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID (Studio 10) "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.079 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}" = mobile PhoneTools "{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver "{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase "{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared "{F40A958E-AABD-4D6F-A0FB-4D78DC02BEEF}" = Cimatron E 6.0 "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK "{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS "{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch) "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock "{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files "1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung "1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE Toolbar für Internet Explorer "7-Zip" = 7-Zip 9.20 "Adobe Acrobat 4.0" = Adobe Acrobat 4.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop Elements 1.0" = Adobe Photoshop Elements "Advanced Effect Maker Free Edition_is1" = Advanced Effect Maker Free Edition Version 2 (With VAC 2.0 B1) "ATI Display Driver" = ATI Display Driver "Avidemux 2.5" = Avidemux 2.5 "BattleStrike_ger" = Battle Strike "BearPaw 2400CS Plus v2.1" = BearPaw 2400CS Plus v2.1 "Biet-O-Matic v2.0.29" = Biet-O-Matic v2.0.29 "bs_thesiege_ger" = BattleStrike The Siege "BVSSOL_is1" = BVS Solitaire Sammlung version 4.0 "CamStudio" = CamStudio "CANONBJ_Deinstall_CNMCP61.DLL" = Canon PIXMA iP3000 "Cucusoft Ultimate DVD Converter_is1" = Cucusoft Ultimate DVD Converter 7.15 "DesktopIconAmazon" = Desktop Icon für Amazon "Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter 3.0 "easyFly" = easyFly "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint "Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox "Evrsoft First Page 2006_is1" = Evrsoft First Page 2006 "Excel" = Microsoft Excel 97 "FEMM_is1" = femm 4.2 09Nov2010 "FileZilla" = FileZilla (remove only) "FlightGear_is1" = FlightGear v1.0.0 "Foto-Mosaik_is1" = Foto-Mosaik 4.1.0 "Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.1 "Free FLV to AVI MP4 3GP WMV MP3 Converter_is1" = Free FLV to AVI MP4 3GP WMV MP3 Converter v2.2 "Free Video Converter_is1" = Free Video Converter V 3.0 "FreePDF_XP" = FreePDF XP (Remove only) "ftp-uploader" = ftp-uploader "GETrans" = GETrans 1.6 "Google Chrome" = Google Chrome "GPL Ghostscript 8.60" = GPL Ghostscript 8.60 "GPL Ghostscript Fonts" = GPL Ghostscript Fonts "Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 2.36 build 1181 "HDMI" = Intel(R) Graphics Media Accelerator Driver "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "Inno Setup 5_is1" = Inno Setup Version 5.4.2 "InstallShield_{03CDDD00-BD57-4326-9480-4C74449AF597}" = Canon Utilities PhotoStitch 3.1 "InstallShield_{095659A2-739F-4D9A-A916-66C7CAD16F9E}" = Canon EOS 10D WIA-Treiber "InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "InstallShield_{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Canon Camera Window for ZoomBrowser EX "InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2 "InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles "InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III "InstallShield_{B651B3EC-1827-4CF5-8398-397B789E3151}" = Canon Utilities File Viewer Utility 1.2 "InstallShield_{CF6E4D8E-F6F3-40DF-B6C9-BA379F4E9FA3}" = Canon Utilities RemoteCapture 2.7 "InstallShield_{DD066C5F-A5C6-4A2B-8A08-7E3395B72C24}" = Canon Internet Library for ZoomBrowser EX "InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "Lexmark 7100 Series" = Lexmark 7100 Series "LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation) "MediaNavigation.CDLabelPrint" = CD-LabelPrint "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 "Microsoft Visual Basic 2008 Express Edition with SP1 - DEU" = Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU "Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package "Movies" = Movies "Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero OEM "NetObjects Fusion Essentials" = NetObjects Fusion Essentials "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA Drivers" = NVIDIA Drivers "Nvu_is1" = Nvu 1.0 "Outlook" = Microsoft Outlook 97 "phase5" = phase5 "PhotoRecord" = Canon PhotoRecord "Picasa 3" = Picasa 3 "Redirection Port Monitor" = RedMon - Redirection Port Monitor "Revo Uninstaller" = Revo Uninstaller 1.94 "Santa Claus in Trouble" = Santa Claus in Trouble "SearchAnonymizer" = SearchAnonymizer "Sid Meier's Railroad Tycoon" = Sid Meier's Railroad Tycoon "SLOW-PCfighter" = SLOW-PCfighter "Sunplus CA533A" = Icatch(IV) Camera Driver "Switch" = Switch "Take ONE 4" = Take ONE 4 "The Royal Marines Commando_is1" = The Royal Marines Commando (1.0) "U-Boote: Schlacht im Mittelmeer" = U-Boote: Schlacht im Mittelmeer "Uninstall_is1" = Uninstall 1.0.0.1 "Update Engine" = Sony Ericsson Update Engine "VariCAD_20100828_DE" = VariCAD 2010-3.00 DE "VariCADViewer_20100828_DE" = VariCAD Viewer 2010-3.00 DE "Verbose" = Verbose Uninstall "VLC media player" = VLC media player 1.1.5 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Web Diashow_is1" = Web Diashow "Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.5 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Word8.0" = Microsoft Word 97 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 08.10.2012 09:06:46 | Computer Name = MOTIONSIGN | Source = Windows Search Service | ID = 3013 Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\HARTMANN\EIGENE DATEIEN\EIGENE BILDER\OLYMPUS MASTER 2\2012\10\06\ERSATZTEIL.JPG> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error - 09.10.2012 10:23:26 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 09.10.2012 20:31:16 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 09.10.2012 20:32:54 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 09.10.2012 22:27:55 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 10.10.2012 07:51:22 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 10.10.2012 07:51:34 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 10.10.2012 19:26:55 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 11.10.2012 16:56:22 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung OTL.exe, Version 3.2.69.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 11.10.2012 16:56:28 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung OTL.exe, Version 3.2.69.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. [ OSession Events ] Error - 15.10.2010 20:11:32 | Computer Name = MOTIONSIGN | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1087 seconds with 720 seconds of active time. This session ended with a crash. Error - 22.04.2011 13:51:10 | Computer Name = MOTIONSIGN | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2643 seconds with 2160 seconds of active time. This session ended with a crash. [ System Events ] Error - 13.10.2012 07:26:44 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet: %%126 Error - 13.10.2012 07:26:44 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet: %%126 Error - 13.10.2012 07:26:45 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet: %%126 Error - 13.10.2012 07:26:45 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet: %%126 Error - 13.10.2012 19:49:28 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Acronis Scheduler2 Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error - 13.10.2012 19:49:28 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Icatch(IV) Video Camera Device" wurde aufgrund folgenden Fehlers nicht gestartet: %%1058 Error - 13.10.2012 20:01:40 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Acronis Scheduler2 Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error - 13.10.2012 20:01:40 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Icatch(IV) Video Camera Device" wurde aufgrund folgenden Fehlers nicht gestartet: %%1058 Error - 14.10.2012 16:47:02 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Acronis Scheduler2 Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error - 14.10.2012 16:47:02 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Icatch(IV) Video Camera Device" wurde aufgrund folgenden Fehlers nicht gestartet: %%1058 < End of report > |
14.10.2012, 22:20 | #15 |
| Wieder CahtZum Edit, weil Doppelpost. |
Themen zu Wieder CahtZum |
absolut, ahnung, andere, anderen, angemeldet, beiträge, dinge, ebenfalls, finger, gemeldet, heute, hoffe, keine ahnung, monate, nichts, probleme, schön, softonic, tagen, vorgehen |