Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 24.10.2012, 18:08   #1
LadyIceTea
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



Hallo Leute,
ich hoffe ich bin hier richtig und mache nichts falsch..
Ich habe schon versucht mein Problem zu googlen aber nichts gefunden..
Seit Gestern oder Vorgestern viel mir auf, dass sich meine Taskleiste immer wieder von alleine ganz kurz einblendete. Ich habe das daraufhin beobachtet und festgestellt, dass das PC-Probleme-Lösen Feld für einen kurzen Augenblick aufblinkt und für einen Sekundenbruchteil ein kleinen rotes x anzeigt, als hätte der was gefunden. Aber wirklich nur ganz kurz und dann ist es direkt wieder weg. Daraufhin wollte ich dann grade einen Virenscan machen (Unitymedia Sicherheitspaket), doch dieses wurde nach einer Datei immer wieder von alleine angehalten. Auch ist meine Windows Firewall aus, obwohl ich mir da nicht sicher bin ob ich das war, wegen der Firewall von dem Unitymedia Sicherheitspaket oder ob sich die durch irgendetwas anderes ausgeschaltet hat.
Könnte das ein Virus sein?
Ich hoffe ihr könnt mir helfen!
LG

Alt 24.10.2012, 18:44   #2
markusg
/// Malware-holic
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 24.10.2012, 19:37   #3
LadyIceTea
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



Hier Log-File Nummer eins:OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 24.10.2012 20:14:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Wiebke\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 71,68% Memory free
6,99 Gb Paging File | 5,87 Gb Available in Paging File | 83,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 35,79 Gb Free Space | 36,65% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 94,38 Gb Free Space | 96,65% Space Free | Partition Type: NTFS
Drive E: | 270,45 Gb Total Space | 160,84 Gb Free Space | 59,47% Space Free | Partition Type: NTFS
 
Computer Name: WIEBKE-PC | User Name: Wiebke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-397657669-3383547663-499564317-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "D:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0473BBA3-2D53-464C-A48D-9167E27BA7F0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{04D2A332-4B50-4200-9153-29531833451E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{11473B2E-35E7-4AE1-84E4-2485DDFA2EE4}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{115AADEE-FEA5-42A2-B550-D690F8394ECF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1197E97E-9ACF-4B50-BA88-B46DCD882C47}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{131F21D2-D31E-4E17-96DB-6DCF7AF7F413}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1B1FD97D-51DD-4A31-84E6-2244F9F0E442}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{1EECE42C-6AAA-4260-80F0-A2421278DA82}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{20F4B0F4-1021-4F90-A8DB-E3F2A0B33AFB}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{22ED56A7-524E-46E2-90E1-212B0FBD73B1}" = lport=139 | protocol=6 | dir=in | app=system | 
"{280400F7-F670-4788-93B9-B2658D62B299}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{299A5FAB-2D87-4289-A4DD-14479D7400AB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{2AE7FFA7-8EB1-45A7-B5ED-F148ED728E6B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{30C12E61-EF78-42BD-A68C-1D4D306671CA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{3CD4B054-9BE3-4960-8350-975D9D6A03F0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{3E52C3A8-AB48-44AE-86D2-AC5EC0BA85CE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{3E690376-BB5D-454B-A574-4F181B5057A8}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{3EEA6CFB-6050-4FF7-9C7D-1AB3562EE236}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{3F35BCE1-4E06-4F62-AA21-EBB2CD337B99}" = rport=445 | protocol=6 | dir=out | app=system | 
"{411CBD19-B87F-4002-89E8-FDA31243FEC9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{48F47000-469B-492F-8A30-3262642E3DC5}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{498CC8BD-D909-4D7D-A127-52FAAA0860E2}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{5831CC0D-4B75-4EC5-BBE4-4A616E772E1B}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{5BFA26F4-5B26-46D7-8D63-032F326CE0C1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{71A47D0A-B006-4872-9B67-963E1DDE00BA}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{74984586-95B8-4930-92E5-53169EB7A4CF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7D4C2416-E855-482B-A1BD-AB374990C42B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{7FF51974-98C9-40E8-960D-44D7BD0012CB}" = rport=138 | protocol=17 | dir=out | app=system | 
"{860BA37A-167E-4CD9-A26A-FB75B9506A08}" = lport=138 | protocol=17 | dir=in | app=system | 
"{89382C8B-F2CF-4C1B-8190-59F17D4ACB17}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8B19E30F-DD05-478D-B2E0-F11DC8DD59A5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{8C8467D6-B5C8-4B71-B6ED-C0F067DD3435}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{925EDD14-1C89-40F3-9525-FA6478200938}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{98545A1E-9AB2-4166-8607-34F8A6F3F973}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{9BDA73E7-C4B2-4CBA-9B6D-F9AD6F77482C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A2BF8FE3-99D8-402B-9E07-FCE2BB80EC80}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{A7F9E237-1F10-43DB-83CF-AA4094D8D79B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{ADEEC61B-59AE-4458-8A78-03DBB0C056CE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AFBAB78F-AC16-4E99-99CA-62FD63E2AF07}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B3318025-927F-4451-9DCB-642EB143A4D0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{B5FD860C-932A-4D8A-B8C3-19B70B414DBE}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{BD107BF9-44D2-45C9-B51C-401652CDFB1B}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{BD78E7D2-7DD7-4E21-AF3D-EB4D84A4F67E}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C7BF957D-BA66-4CD6-9DA8-EC631EEFD659}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{C97FE53F-1B44-4335-8D65-11B39A9F0403}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{D3B23BDC-3D47-4D3A-AE71-3FD99B962C04}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D692C349-E6DF-4761-9844-97D828685400}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{D6A63F9D-9E13-4469-8E88-5BBB3EBEA868}" = rport=139 | protocol=6 | dir=out | app=system | 
"{DEE48B79-5725-45B3-BE94-EF004869851D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E4AA1F01-E5AE-4135-BF72-48215399CFEC}" = rport=137 | protocol=17 | dir=out | app=system | 
"{E5AF9C59-D6FD-4713-9C51-10D2889EA674}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{E9D77F55-66EF-4FE3-825E-97F15D93485A}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{EEFB1D96-A270-4682-A176-8E606DAAE696}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FBDA071B-2E45-410B-B6B3-CD0832653A30}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{FEC78ABD-2A55-4D12-A4BA-CFC468CD9628}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FEC9E7D9-CA2E-43AA-B838-8FA51835DC70}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000E88F9-E451-4B50-9ED8-96816ADE0B69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{04635147-56DF-4665-89BD-D2210D01019D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{0678F172-0E16-4BE6-812E-6E0B9E04A322}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0B06C59E-88F4-496B-99A2-39E6457B3BA7}" = protocol=6 | dir=out | app=c:\windows\ehome\mcrmgr.exe | 
"{0C7FAAD4-C4B8-4B10-BA8B-3E030497E604}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{111FAD51-BE3F-4996-B797-FB3F8FFEF0A7}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{168F8CCB-5ECF-4FA5-A141-43888861F769}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{21CDEDAA-FBB6-43E0-AE31-4A60C222117D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | 
"{23001F52-2600-4ACE-8A4A-39444F2CCCB5}" = protocol=6 | dir=in | app=e:\rsv2\binaries\r6vegas2_launcher.exe | 
"{254BF421-DBD6-4670-887B-FF1B62EAA8A2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{2726D931-FE7D-491B-9F82-33AB11665075}" = protocol=6 | dir=in | app=d:\icq\icq7.7\icq.exe | 
"{39D6FD34-086F-4086-AF5B-7C78ECE2800F}" = protocol=17 | dir=in | app=e:\rsv2\binaries\r6vegas2_launcher.exe | 
"{3F05844F-B36B-4185-922A-ECB2D551DA5E}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{441E90BD-606C-4B79-80CE-64F181A41517}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{4438E52B-1690-42D4-B19C-4724BE92A2F1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{453E54F1-F5BF-4DF9-B0F1-860BD505DF81}" = dir=in | app=d:\itunes\itunes.exe | 
"{4A5EFF54-C576-4AB6-8EA2-61866EAA60D0}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{4A90DEDE-3930-41DC-B7C9-AB001AA64B86}" = protocol=6 | dir=in | app=e:\csi\support\updatelauncher\gu.exe | 
"{4BF7E027-648A-4855-A080-83B1869A0A8B}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 
"{4E4FE48F-40DB-4188-B7AE-34EBF25D89E1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{4E6384C3-F3DC-4AF2-B889-A91EA2F1C04A}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe | 
"{553E6F6C-3893-478D-814F-D4115B8C0BA7}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{558411A4-7F91-4D93-91BE-CB4FBCEEE750}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{57BD6367-2DD9-43B9-8A1E-D1B609087C37}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{59D8657E-4482-468B-A2D2-737ED9AF04C4}" = protocol=6 | dir=out | app=system | 
"{5EF2ED82-70D2-42BB-B5B6-4C835825284C}" = protocol=6 | dir=in | app=e:\cod4\iw3mp.exe | 
"{69A31725-3BDF-44AC-9AF7-52F0BEAB4D6E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{74325A2B-2F12-4D6B-908C-FAF63DCB9C97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{748BE231-BE99-455C-9C5C-01816D60A5AD}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe | 
"{7790C8FC-E061-4DB8-B24C-E9D31AF6F245}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{77A8344A-CE2E-4CBB-8D78-8BD1AAC88B22}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{7AC4810E-88DB-4BF6-B100-9A843D134467}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{7ACBCE95-8539-452E-86B8-9A3DA96440A6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{7C6C8DF8-0D00-4E2F-B94C-25976806C9DE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{7D1BE11D-0CC6-4CA0-8BEC-9AA3DB790CBC}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe | 
"{7D3CC5A0-2BA0-4B8A-82B6-367A780A2512}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{7F076213-9D99-4285-957E-324EDC5531C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{80FD18B0-4D98-4CE8-8B94-AEE1B44B91AC}" = protocol=17 | dir=in | app=e:\bfbc2\bfbc2updater.exe | 
"{8B24BFF8-BC2F-426A-A4EB-A1452482238D}" = protocol=6 | dir=out | app=c:\windows\ehome\mcrmgr.exe | 
"{8EEC1EA4-EA0A-41C8-ACCE-AE8C35CE2B45}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{931644BE-6C79-4333-B87B-6F7419EBD461}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{951BA90C-CDD1-4E0F-807A-FAA7411BF94C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{9D5EDEA8-098D-47D9-A3F5-9E9195DF6E98}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9EA4CEA7-BF59-42C4-A0E2-F28022811691}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{A835EAC4-7333-4EE0-BF03-9AEB1BB88E0F}" = protocol=17 | dir=in | app=e:\bf3\battlefield 3\bf3.exe | 
"{AA9741E2-42EA-448C-A9D3-31EAF4020633}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{ACBA661D-5447-405C-A599-88409391FDFA}" = protocol=6 | dir=in | app=e:\bf3\battlefield 3\bf3.exe | 
"{ACFFD1AB-739D-4895-9984-61792D51DF43}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{B7C9EFDC-044C-40EA-8293-AADDCE79703D}" = protocol=6 | dir=in | app=d:\icq\icq7.7\icq.exe | 
"{B922D4F4-29DA-43A8-8547-11357AAD8A99}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{BB1B7422-3987-4064-B6E6-03192D5B9BD1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{BBF32468-B1BB-4D67-84A4-8F35B7534EB4}" = protocol=17 | dir=in | app=e:\csi\ncis.exe | 
"{C4682F25-93C0-4CA6-884E-8AB786157EF5}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{C5B9E2B0-F838-48B9-9C9C-98210C7AD808}" = protocol=6 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe | 
"{C6162A13-15B1-466A-A553-331EC6D4FD83}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{C62E1EF0-AB0A-46DE-8669-234207409D48}" = protocol=17 | dir=in | app=e:\cod4\iw3mp.exe | 
"{CC00489E-1727-400C-92CA-DD18C7108E96}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{D2CF2BC7-CFA3-4FD6-91B3-3CC2D8279B1F}" = protocol=17 | dir=in | app=d:\icq\icq7.7\icq.exe | 
"{D6076457-5EAE-4A62-981E-A752896D7D30}" = protocol=6 | dir=in | app=e:\bfbc2\bfbc2updater.exe | 
"{D85F43CD-F62E-460C-B269-1013806EB0C5}" = protocol=17 | dir=in | app=d:\efficient diary pro\efficientdiarypro.exe | 
"{D877359C-80C5-4371-ACE7-B95219D0F15C}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe | 
"{D87C246A-82B6-43CD-8407-291C02FCB67D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{D8A2BEB5-2581-4F58-94DE-922E8A424858}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{DA8C92D2-3C96-40DA-8F85-806B4F4B6546}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{DDE7B1F6-2883-43FC-B7CE-F0B53B6A4919}" = protocol=6 | dir=in | app=e:\rsv2\binaries\r6vegas2_game.exe | 
"{E03230E7-0DC7-4DB7-847D-7EDBE174D7AE}" = protocol=6 | dir=in | app=e:\csi\ncis.exe | 
"{E0645497-6026-4CF1-AD56-9D8DE7194794}" = protocol=17 | dir=in | app=d:\icq\icq7.7\icq.exe | 
"{E30C3428-7F66-4282-AEE5-39AF033F5D78}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{E3815239-0192-44E8-99B2-32C975493C51}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{E39F59D4-1C61-436A-B62B-502C9EB88871}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{E5646FFF-63D9-4FA8-A624-0A35CC3AAA15}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 
"{E5A2931F-68CA-42CB-9A8C-A6C78E87EABB}" = protocol=6 | dir=in | app=d:\efficient diary pro\efficientdiarypro.exe | 
"{E5B5E4EB-1EFF-4002-A409-871B5BA4011B}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 
"{EC72E85C-A7CB-4B79-BE13-165C6679B5F1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"{EE1257A5-353C-400F-B077-FA770C469D7A}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{EF0BC18C-49ED-4A11-A72E-D4861469C20D}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{EF16AA08-ACE7-41DF-9EB9-837FCD75B2CA}" = protocol=17 | dir=in | app=e:\csi\support\updatelauncher\gu.exe | 
"{EF9F2D1B-777E-4FC5-A629-76778CA644E4}" = protocol=17 | dir=in | app=e:\rsv2\binaries\r6vegas2_game.exe | 
"{F272E4A0-47B3-4633-BA34-AA72343E8CA4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F4331271-DFD5-427C-892E-C1F135C29EEF}" = protocol=6 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe | 
"{F76176EA-5FCD-4EA2-9218-2F5C28AD8661}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"TCP Query User{0DD3427C-8BD7-4625-9879-432A2D3AE2A5}E:\bfbc2\bfbc2game.exe" = protocol=6 | dir=in | app=e:\bfbc2\bfbc2game.exe | 
"TCP Query User{505B7991-66CB-4933-8B09-DC19C5CEB24D}E:\mohaa\mohaa.exe" = protocol=6 | dir=in | app=e:\mohaa\mohaa.exe | 
"TCP Query User{70A874DE-4E12-4F68-A132-E81E878F45C4}E:\graw2\ghost recon advanced warfighter 2\graw2.exe" = protocol=6 | dir=in | app=e:\graw2\ghost recon advanced warfighter 2\graw2.exe | 
"TCP Query User{A4FA2D34-EFBB-43E2-9B89-05F7B40BDD1F}E:\isabell werth - reitsport\autorun.exe" = protocol=6 | dir=in | app=e:\isabell werth - reitsport\autorun.exe | 
"TCP Query User{BD5C61E2-874B-44F9-B948-CA391809CF7B}E:\mohaa\moh_spearhead.exe" = protocol=6 | dir=in | app=e:\mohaa\moh_spearhead.exe | 
"TCP Query User{FA857BE8-6236-4FC2-B83F-A4993EF46243}E:\need for speed the run limited edition\need for speed the run.exe" = protocol=6 | dir=in | app=e:\need for speed the run limited edition\need for speed the run.exe | 
"UDP Query User{43FEB2C4-FFA7-4F03-B897-D20C4088666C}E:\bfbc2\bfbc2game.exe" = protocol=17 | dir=in | app=e:\bfbc2\bfbc2game.exe | 
"UDP Query User{517E0B77-7278-4B1F-9074-0633B90CD23F}E:\mohaa\moh_spearhead.exe" = protocol=17 | dir=in | app=e:\mohaa\moh_spearhead.exe | 
"UDP Query User{DDE2511B-A198-41CF-832F-0E042B1D1F88}E:\mohaa\mohaa.exe" = protocol=17 | dir=in | app=e:\mohaa\mohaa.exe | 
"UDP Query User{E0925A6C-7148-42AC-B8F0-F2F5DBF0B1CC}E:\graw2\ghost recon advanced warfighter 2\graw2.exe" = protocol=17 | dir=in | app=e:\graw2\ghost recon advanced warfighter 2\graw2.exe | 
"UDP Query User{EF038696-5ACE-461B-BE4E-B2A3C85C2281}E:\isabell werth - reitsport\autorun.exe" = protocol=17 | dir=in | app=e:\isabell werth - reitsport\autorun.exe | 
"UDP Query User{FBDBDD24-F2F6-47F3-8E7A-CEBB76C584D9}E:\need for speed the run limited edition\need for speed the run.exe" = protocol=17 | dir=in | app=e:\need for speed the run limited edition\need for speed the run.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{02627EE5-EACA-4742-A9CC-E687631773E4}" = Nero ShowTime
"{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = Die Sims™ 3 Traumsuite-Accessoires
"{0DDDE141-9696-4E33-AB82-EF398169D7E5}" = Ulead PhotoImpact XL
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = Die Sims™ 2 Villen- und Garten-Accessoires
"{1C00C7C5-E615-4139-B817-7F4003DE68C0}" = Nero PhotoSnap Help
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2CC37474-21EF-4F4D-A11A-1B0321D94B9B}" = Diner Dash
"{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = Die Sims™ 2 Super Deluxe
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{356BC59E-BAB0-4840-9A12-75AA63B4834C}" = Chocolatier
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3BCC5640-5360-11D4-A44A-0000E86D2305}" = Ulead Drop Spot 1.0
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{5546F4E9-B0F4-4F54-B949-2AB006C9284F}" = DJ_AIO_06_F2400_SW_Min
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = Die Sims™ 2 Teen Style-Accessoires
"{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}" = Nero Vision Help
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}" = Wildlife Park Gold
"{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires
"{67E4EE98-59F4-4220-89A6-A20AF5BEC689}" = Microsoft AutoRoute 2005
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = Die Sims 2: Family Fun - Accessoires
"{6DBB66CD-38C7-472C-BBB9-06BFDA182A29}" = F2400
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = Die Sims™ 2 IKEA® Home-Accessoires
"{6e7bd048-09d7-4450-816e-0f01d18c635f}" = Nero 9 Essentials
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{740B51D7-C903-4536-9530-B6304C937F51}" = Wildlife Park 2 Familien Edition
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = Die Sims™ 3 Stadt-Accessoires
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{819CA3BC-2FF8-4811-B42F-421F7BFD3559}" = HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94112B32-05C6-3538-AD85-87CDB014AEBF}" = ATI Catalyst Install Manager
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{977CD9E4-2CE7-46AC-BBEC-FC2B9696464B}" = Marine Park Empire
"{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}" = Die Sims - Hokus Pokus
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = Die Sims™ 2: Glamour-Accessoires
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A80AC620-12FA-11D5-B287-0050DA4BBA2C}" = Riding Star
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AD6BC5CC-2EF0-49C4-B33D-CDC8B2C4DC80}" = Nero Recode Help
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = Die Sims™ 2 Apartment-Leben
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFB175B5-6F03-4608-8737-82B6C393E209}" = Diner Dash 2
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E62D7633-365F-4866-9C85-7BF0B9A63793}" = Pony Ranch
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ancient Rome" = Ancient Rome
"Audiograbber" = Audiograbber 1.83 SE 
"Battlelog Web Plugins" = Battlelog Web Plugins
"Build-a-lot 4" = Build-a-lot 4
"Cake Mania 3" = Cake Mania 3
"Cake Mania: Lights, Camera, Action!" = Cake Mania: Lights, Camera, Action!
"Cake Mania: To the Max!" = Cake Mania: To the Max!
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Das gelobte Land" = Das gelobte Land
"Die Fisch-Oase H2O" = Die Fisch-Oase H2O
"Die Sage von Kolossus" = Die Sage von Kolossus
"Die Tier-Detektivin P.J. Pride" = Die Tier-Detektivin P.J. Pride (nur deinstallation)
"DivX Setup" = DivX-Setup
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
"FreePDF_XP" = FreePDF (Remove only)
"F-Secure Product 444" = Unitymedia Sicherheitspaket
"Google Chrome" = Google Chrome
"Governor of Poker 2" = Governor of Poker 2
"GPL Ghostscript 9.04" = GPL Ghostscript
"Hobby Farm" = Hobby Farm
"Home Sweet Home" = Home Sweet Home
"Home Sweet Home 2: Küchen und Bäder" = Home Sweet Home 2: Küchen und Bäder
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{977CD9E4-2CE7-46AC-BBEC-FC2B9696464B}" = Marine Park Empire
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"Isabell Werth - Reitsport_is1" = Isabell Werth - Reitsport
"Jojo’s Fashion Show" = Jojo’s Fashion Show
"Jojo’s Fashion Show 2" = Jojo’s Fashion Show 2
"Jojo’s Fashion Show: World Tour" = Jojo’s Fashion Show: World Tour
"Luxor 5th Passage" = Luxor 5th Passage
"Mein Gartenparadies: Frühlingserwachen" = Mein Gartenparadies: Frühlingserwachen
"Mein Landleben" = Mein Landleben
"Mein Landleben 2" = Mein Landleben 2
"Meine kleine Farm" = Meine kleine Farm
"Meine kleine Farm 2" = Meine kleine Farm 2
"Meine kleine Farm 3" = Meine kleine Farm 3
"Meine kleine Farm 3: American Pie" = Meine kleine Farm 3: American Pie
"Meine kleine Farm 3: Ice Age" = Meine kleine Farm 3: Ice Age
"Meine kleine Farm 3: Madagaskar" = Meine kleine Farm 3: Madagaskar
"Meine kleine Farm 3: Russisches Roulette" = Meine kleine Farm 3: Russisches Roulette
"Meine kleine Farm: Das antike Rom" = Meine kleine Farm: Das antike Rom
"Meine kleine Farm: Frische Fische" = Meine kleine Farm: Frische Fische
"Meine kleine Farm: Helden der Wikinger" = Meine kleine Farm: Helden der Wikinger
"Moorhuhn Piraten" = Moorhuhn Piraten
"MostFun.com Games - Chocolatier" = MostFun.com Games - Chocolatier (remove only)
"MostFun.com Games - Diner Dash" = MostFun.com Games - Diner Dash (remove only)
"MostFun.com Games - Diner Dash 2" = MostFun.com Games - Diner Dash 2 (remove only)
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Retter in der Not" = Retter in der Not
"Riding Star 3" = Riding Star 3
"Ritter Arthur" = Ritter Arthur
"Ritter Arthur II" = Ritter Arthur II
"Ritter Arthur III" = Ritter Arthur III
"Sarah’s Ranch" = Sarah’s Ranch
"Sarah’s Ranch 2" = Sarah’s Ranch 2
"Shop for HP Supplies" = Shop for HP Supplies
"Spooky Mall" = Spooky Mall
"Spuk in der Fisch-Oase" = Spuk in der Fisch-Oase
"Storybook4" = Storybook4
"Straße des Erfolgs" = Straße des Erfolgs
"SystemRequirementsLab" = System Requirements Lab
"The Island: Castaway" = The Island: Castaway
"The Island: Castaway 2" = The Island: Castaway 2
"The Longest Journey_is1" = The Longest Journey
"Unlikely Suspects" = Unlikely Suspects
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"Youda Farmer 2: Rette das Dorf" = Youda Farmer 2: Rette das Dorf
"Youda Farmer 3: Jahreszeiten" = Youda Farmer 3: Jahreszeiten
"Youda Jewel Shop" = Youda Jewel Shop
"Youda Safari" = Youda Safari
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-397657669-3383547663-499564317-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 24.10.2012 14:05:34 | Computer Name = Wiebke-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 68  2012-10-24  20:05:33+02:00  WIEBKE-PC  Wiebke-PC\Wiebke  F-Secure
 Anti-Virus   Crash detected.    \Device\HarddiskVolume1\Users\Wiebke\AppData\Local\Microsoft\Windows\Temporary
 Internet Files\Low\Content.IE5\5ODK100O\zN8KCgGK5Ov[1].js  
 
Error - 24.10.2012 14:05:40 | Computer Name = Wiebke-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 69  2012-10-24  20:05:39+02:00  WIEBKE-PC  Wiebke-PC\Wiebke  F-Secure
 Anti-Virus   Crash detected.    \Device\HarddiskVolume1\Users\Wiebke\AppData\Local\Microsoft\Windows\Temporary
 Internet Files\Low\Content.IE5\5ODK100O\zN8KCgGK5Ov[1].js \Device\HarddiskVolume1\Users\Wiebke\AppData\Local\Microsoft\Windows\Temporary
 Internet Files\Low\Content.IE5\D5W070VR\reward[6].htm  
 
Error - 24.10.2012 14:05:56 | Computer Name = Wiebke-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 70  2012-10-24  20:05:55+02:00  WIEBKE-PC  Wiebke-PC\Wiebke  F-Secure
 Anti-Virus   Crash detected.    \Device\HarddiskVolume1\Users\Wiebke\AppData\Local\Microsoft\Windows\Temporary
 Internet Files\Low\Content.IE5\5ODK100O\zN8KCgGK5Ov[1].js  
 
Error - 24.10.2012 14:06:09 | Computer Name = Wiebke-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 71  2012-10-24  20:06:08+02:00  WIEBKE-PC  Wiebke-PC\Wiebke  F-Secure
 Anti-Virus   Crash detected.    \Device\HarddiskVolume1\Users\Wiebke\AppData\Local\Microsoft\Windows\Temporary
 Internet Files\Low\Content.IE5\5ODK100O\zN8KCgGK5Ov[1].js  
 
Error - 24.10.2012 14:06:23 | Computer Name = Wiebke-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 72  2012-10-24  20:06:22+02:00  WIEBKE-PC  Wiebke-PC\Wiebke  F-Secure
 Anti-Virus   Crash detected.    \Device\HarddiskVolume1\Users\Wiebke\AppData\Local\Microsoft\Windows\Temporary
 Internet Files\Low\Content.IE5\5ODK100O\zN8KCgGK5Ov[1].js  
 
Error - 24.10.2012 14:06:55 | Computer Name = Wiebke-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 73  2012-10-24  20:06:54+02:00  WIEBKE-PC  Wiebke-PC\Wiebke  F-Secure
 Anti-Virus   Crash detected.    \Device\HarddiskVolume1\Users\Wiebke\AppData\Local\Microsoft\Windows\Temporary
 Internet Files\Low\Content.IE5\0UBLZ8N4\hero3_sleepingdonkey.0[1].swf  
 
Error - 24.10.2012 14:07:19 | Computer Name = Wiebke-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 74  2012-10-24  20:07:18+02:00  WIEBKE-PC  Wiebke-PC\Wiebke  F-Secure
 Anti-Virus   Crash detected.    \Device\HarddiskVolume1\Users\Wiebke\AppData\Local\Microsoft\Windows\Temporary
 Internet Files\Low\Content.IE5\F6G0ASAE\UnisexFace7[1].swf  
 
Error - 24.10.2012 14:07:29 | Computer Name = Wiebke-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 75  2012-10-24  20:07:28+02:00  WIEBKE-PC  Wiebke-PC\Wiebke  F-Secure
 Anti-Virus   Crash detected.    \Device\HarddiskVolume1\Users\Wiebke\AppData\Local\Microsoft\Windows\Temporary
 Internet Files\Low\Content.IE5\LYEREVJ7\mummy_npc_mask[1].swf  
 
Error - 24.10.2012 14:12:54 | Computer Name = Wiebke-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 76  2012-10-24  20:12:53+02:00  WIEBKE-PC  Wiebke-PC\Wiebke  F-Secure
 Anti-Virus   Crash detected.    \Device\HarddiskVolume1\Program Files\Common Files\microsoft
 shared\ink\tiptsf.dll \Device\HarddiskVolume1\Windows\System32\bcrypt.dll  
 
Error - 24.10.2012 14:14:22 | Computer Name = Wiebke-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 77  2012-10-24  20:14:21+02:00  WIEBKE-PC  Wiebke-PC\Wiebke  F-Secure
 Anti-Virus   Crash detected.    \Device\HarddiskVolume1\Program Files\Common Files\microsoft
 shared\ink\tiptsf.dll  
 
[ Media Center Events ]
Error - 08.11.2011 13:40:43 | Computer Name = Wiebke-PC | Source = MCUpdate | ID = 0
Description = 18:40:42 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die 
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)  
 
Error - 16.11.2011 08:58:38 | Computer Name = Wiebke-PC | Source = MCUpdate | ID = 0
Description = 13:58:38 - Fehler beim Herstellen der Internetverbindung.  13:58:38 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 13.01.2012 06:45:17 | Computer Name = Wiebke-PC | Source = MCUpdate | ID = 0
Description = 11:45:16 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die 
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
 konnte keine Vertrauensstellung hergestellt werden..)  
 
Error - 13.01.2012 06:46:18 | Computer Name = Wiebke-PC | Source = Microsoft-Windows-Media Center Extender | ID = 543
Description = 
 
Error - 13.01.2012 06:50:45 | Computer Name = Wiebke-PC | Source = Microsoft-Windows-Media Center Extender | ID = 543
Description = 
 
Error - 13.01.2012 06:53:04 | Computer Name = Wiebke-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description = 
 
Error - 13.01.2012 06:57:32 | Computer Name = Wiebke-PC | Source = Microsoft-Windows-Media Center Extender | ID = 538
Description = 
 
[ System Events ]
Error - 05.10.2012 05:11:31 | Computer Name = Wiebke-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 06.10.2012 07:46:10 | Computer Name = Wiebke-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 07.10.2012 09:13:40 | Computer Name = Wiebke-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 08.10.2012 12:34:58 | Computer Name = Wiebke-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 08.10.2012 12:35:27 | Computer Name = Wiebke-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 15.10.2012 03:59:50 | Computer Name = Wiebke-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 15.10.2012 03:59:52 | Computer Name = Wiebke-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 15.10.2012 04:13:24 | Computer Name = Wiebke-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 15.10.2012 05:55:10 | Computer Name = Wiebke-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 19.10.2012 02:30:13 | Computer Name = Wiebke-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
 (Definition 1.139.124.0)
 
 
< End of report >
         
--- --- ---


Hier Nummer zwei:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 24.10.2012 20:14:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Wiebke\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 71,68% Memory free
6,99 Gb Paging File | 5,87 Gb Available in Paging File | 83,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 35,79 Gb Free Space | 36,65% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 94,38 Gb Free Space | 96,65% Space Free | Partition Type: NTFS
Drive E: | 270,45 Gb Total Space | 160,84 Gb Free Space | 59,47% Space Free | Partition Type: NTFS
 
Computer Name: WIEBKE-PC | User Name: Wiebke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Wiebke\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\fssm32.exe (F-Secure Corporation)
PRC - C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\FSGK32.EXE (F-Secure Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Unitymedia\Sicherheitspaket\FWES\Program\fsdfwd.exe (F-Secure Corporation)
PRC - C:\Program Files\Unitymedia\Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
PRC - C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\fsav32.exe (F-Secure Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
PRC - C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
PRC - C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSHDLL32.EXE (F-Secure Corporation)
PRC - C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - \\?\c:\program files\unitymedia\sicherheitspaket\hips\fshook32.dll ()
MOD - C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\strres.eng ()
MOD - C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\gres.dll ()
MOD - C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\flyerres.eng ()
MOD - C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\fsavures.eng ()
MOD - C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\about.dll ()
MOD - C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\aboutres.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (FSDFWD) -- C:\Program Files\Unitymedia\Sicherheitspaket\FWES\Program\fsdfwd.exe (F-Secure Corporation)
SRV - (FSORSPClient) -- C:\Program Files\Unitymedia\Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (FSMA) -- C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (F-Secure Gatekeeper) -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys ()
DRV - (fsbts) -- C:\Windows\System32\drivers\fsbts.sys ()
DRV - (FSFW) -- C:\Windows\System32\drivers\fsdfw.sys (F-Secure Corporation)
DRV - (FSES) -- C:\Windows\System32\drivers\fses.sys (F-Secure Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (F-Secure HIPS) -- C:\Program Files\Unitymedia\Sicherheitspaket\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (F-Secure Filter) -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\Win2K\FSfilter.sys ()
DRV - (F-Secure Recognizer) -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\Win2K\FSrec.sys ()
DRV - (fsvista) -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys ()
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (AR5523) -- C:\Windows\System32\drivers\WG11TND5.sys (NETGEAR, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-397657669-3383547663-499564317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\S-1-5-21-397657669-3383547663-499564317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-397657669-3383547663-499564317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-397657669-3383547663-499564317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 B9 68 4A F2 97 CC 01  [binary data]
IE - HKU\S-1-5-21-397657669-3383547663-499564317-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-397657669-3383547663-499564317-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-397657669-3383547663-499564317-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-397657669-3383547663-499564317-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-397657669-3383547663-499564317-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
IE - HKU\S-1-5-21-397657669-3383547663-499564317-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.yahoo.de"
FF - prefs.js..extensions.enabledAddons: litmus-ff@f-secure.com:1.10
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\ITunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.11.12 14:54:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.21 12:14:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Unitymedia\Sicherheitspaket\NRS\litmus-ff@f-secure.com [2012.10.08 06:55:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: D:\Firefox\components [2012.10.01 12:05:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: D:\Firefox\plugins [2012.08.17 06:51:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.11.12 14:54:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: D:\Firefox\components [2012.10.01 12:05:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: D:\Firefox\plugins [2012.08.17 06:51:43 | 000,000,000 | ---D | M]
 
[2011.11.11 20:38:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wiebke\AppData\Roaming\mozilla\Extensions
[2012.10.24 18:58:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wiebke\AppData\Roaming\mozilla\Firefox\Profiles\p8btthm6.default\extensions
[2011.11.12 17:19:08 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Wiebke\AppData\Roaming\mozilla\Firefox\Profiles\p8btthm6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.10.08 06:55:35 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:creator="(c) 2007 by F-Secure" em:description="Browsing Protection Toolbar" em:homepageURL="hxxp://www.f-secure.com/" em:iconURL="chrome://litmus-ff/skin/logo.png" em:id="litmus-ff@f-secure.com" em:name="Browsing Protection" em:updateURL="https://10.70.0.25/fireup/update.rdf" em:version="1.10">) -- C:\PROGRAM FILES\UNITYMEDIA\SICHERHEITSPAKET\NRS\LITMUS-FF@F-SECURE.COM
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = D:\Firefox\plugins\NPOFF12.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files\Battlelog Web Plugins\1.102.0\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java(TM) Platform SE 7 U3 (Enabled) = C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.30.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\ITunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Wiebke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\Wiebke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Wiebke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Wiebke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Unitymedia\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Unitymedia\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKU\S-1-5-21-397657669-3383547663-499564317-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKU\S-1-5-21-397657669-3383547663-499564317-1000..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-397657669-3383547663-499564317-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Wiebke\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\ICQ\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\ICQ\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69349EA0-CE5F-4848-A7BC-BE0A3F8664E3}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C8DF310-0935-4B49-BEFD-B5106EEF9C91}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.11.12 13:40:06 | 000,000,000 | ---D | M] - D:\AutoRoute -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.24 19:51:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Wiebke\Desktop\OTL.exe
[2012.10.16 11:58:42 | 000,000,000 | ---D | C] -- C:\Users\Wiebke\Desktop\Movingheads
[2012.10.03 10:58:49 | 000,000,000 | ---D | C] -- C:\Users\Wiebke\AppData\Roaming\CannyGames
[2012.09.30 13:09:32 | 000,000,000 | ---D | C] -- C:\Users\Wiebke\AppData\Roaming\rondomedia
[2012.09.30 13:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\rondomedia
[2012.09.25 17:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.09.25 17:24:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.09.25 17:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.24 19:51:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wiebke\Desktop\OTL.exe
[2012.10.24 19:31:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.24 18:41:11 | 000,012,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.24 18:41:11 | 000,012,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.24 18:38:09 | 000,650,756 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.24 18:38:09 | 000,614,120 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.24 18:38:09 | 000,129,432 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.24 18:38:09 | 000,106,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.24 18:33:55 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.24 18:33:52 | 000,000,584 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2012.10.24 18:33:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.24 18:33:45 | 2815,377,408 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.10 18:42:53 | 000,455,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.09.25 17:25:15 | 000,001,449 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
 
========== Files Created - No Company Name ==========
 
[2012.09.25 17:25:15 | 000,001,449 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.07.20 15:45:55 | 000,010,495 | ---- | C] () -- C:\Users\Wiebke\Wiebke_elster_2048.pfx
[2012.07.16 09:01:25 | 000,003,109 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2012.04.26 16:24:55 | 000,044,240 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2012.02.18 21:24:57 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll
[2012.02.18 21:24:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll
[2012.01.13 12:44:17 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.01.02 13:45:51 | 000,000,140 | ---- | C] () -- C:\Users\Wiebke\AppData\Roaming\default.rss
[2011.12.20 10:47:27 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp
[2011.11.17 21:02:14 | 002,337,865 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2011.11.13 12:06:16 | 000,000,267 | ---- | C] () -- C:\Windows\game.ini
[2011.11.12 17:17:47 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011.11.12 17:17:47 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2011.11.12 14:49:09 | 000,185,125 | ---- | C] () -- C:\Windows\hpoins44.dat
[2011.11.12 14:08:46 | 000,001,949 | ---- | C] () -- C:\Windows\eReg.dat
[2011.11.09 12:53:35 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011.10.31 19:18:41 | 000,140,072 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.10.31 19:18:41 | 000,022,328 | ---- | C] () -- C:\Users\Wiebke\AppData\Roaming\PnkBstrK.sys
[2011.10.31 19:18:10 | 000,280,904 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.10.31 19:18:09 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.10.31 18:20:14 | 000,651,264 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2011.10.31 18:20:14 | 000,192,512 | R--- | C] () -- C:\Windows\System32\AegisI5.exe
[2011.10.31 18:20:14 | 000,149,392 | ---- | C] () -- C:\Windows\System32\drivers\ar5523.bin
[2011.10.31 18:20:14 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2011.10.15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.11.27 13:53:21 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Absolutist
[2011.11.26 17:22:08 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Alawar Entertainment
[2011.11.20 21:15:24 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\aliasworlds
[2011.12.21 00:35:15 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Artifex Mundi
[2011.12.21 13:14:25 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Awem
[2012.08.25 10:53:54 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Boolat Games
[2012.10.03 10:58:49 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\CannyGames
[2012.03.05 17:20:54 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\cerasus.media
[2011.11.10 18:58:46 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Chirurgie Simulation
[2011.11.15 19:56:12 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Colibri Games
[2012.01.03 12:36:22 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\DAEMON Tools Lite
[2012.04.06 19:29:56 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Deep Shadows
[2012.01.24 17:30:23 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\DVDVideoSoft
[2011.11.12 17:19:06 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.01.02 14:17:15 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Efficient Diary
[2012.01.03 23:02:39 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Efficient Diary Pro
[2012.07.16 12:33:10 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\elsterformular
[2012.04.06 14:04:28 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\FlyWheelGames
[2012.01.19 15:42:14 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\FreeAudioPack
[2011.11.12 17:17:46 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\FreePDF
[2011.11.15 19:10:08 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Friday's games
[2012.04.28 12:38:52 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Frogwares
[2012.02.11 13:08:35 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Gamelab
[2011.11.15 21:19:16 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Go Go Gourmet
[2011.11.15 15:52:48 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Home Sweet Home
[2012.08.17 22:09:15 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\ICQ
[2011.11.15 21:45:52 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Ladia Group
[2012.04.06 18:16:15 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\LaJangada
[2012.09.24 20:01:24 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Meridian93
[2012.02.16 23:59:31 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\MumboJumbo
[2012.04.06 19:05:38 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\My Games
[2012.04.27 19:59:57 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\MysteryStudio
[2012.04.07 18:40:15 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Nevosoft Games
[2011.11.09 14:43:05 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Origin
[2011.11.25 22:25:14 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\PathToSuccess_DE
[2012.03.02 11:37:17 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\PlayFirst
[2011.11.27 14:01:50 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\playmink
[2012.09.15 11:01:49 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Playrix Entertainment
[2012.04.06 19:03:49 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\PoBros
[2012.09.30 13:09:32 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\rondomedia
[2012.04.12 21:18:26 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Sahmon Games
[2011.11.02 18:04:18 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\TuneUp Software
[2011.11.22 15:54:47 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Wildlife Park 2
[2011.11.22 17:28:18 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\Wildlife Park 2 - Abenteuer auf der Ranch
[2012.08.25 10:59:05 | 000,000,000 | ---D | M] -- C:\Users\Wiebke\AppData\Roaming\YoudaGames
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.07.05 21:15:34 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.11.20 15:40:51 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.10.20 16:15:24 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.10.31 17:51:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2011.11.12 17:07:39 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.10.31 17:50:10 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 04:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.09.25 17:24:44 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.09.30 13:09:32 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.10.31 18:31:27 | 000,000,000 | R--D | M] -- C:\Programme
[2011.10.31 18:10:30 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.10.24 20:15:37 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.01.13 16:33:39 | 000,000,000 | R--D | M] -- C:\Users
[2012.09.25 18:22:06 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 06:53:46 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011.11.12 16:01:58 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.11.12 16:01:59 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.26 17:51:27 | 000,000,584 | ---- | C] () -- C:\Windows\Tasks\Scheduled scanning task.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.11.17 16:30:17 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.11.17 16:30:17 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll
 
< %USERPROFILE%\*.* >
[2012.10.24 20:15:38 | 002,883,584 | -HS- | M] () -- C:\Users\Wiebke\ntuser.dat
[2012.10.24 20:15:38 | 000,262,144 | -HS- | M] () -- C:\Users\Wiebke\ntuser.dat.LOG1
[2011.10.31 18:10:36 | 000,000,000 | -HS- | M] () -- C:\Users\Wiebke\ntuser.dat.LOG2
[2011.11.03 20:26:42 | 000,065,536 | -HS- | M] () -- C:\Users\Wiebke\ntuser.dat{27ad90fc-063c-11e1-ad70-002522aa443f}.TM.blf
[2011.11.03 20:26:42 | 000,524,288 | -HS- | M] () -- C:\Users\Wiebke\ntuser.dat{27ad90fc-063c-11e1-ad70-002522aa443f}.TMContainer00000000000000000001.regtrans-ms
[2011.11.03 20:26:42 | 000,524,288 | -HS- | M] () -- C:\Users\Wiebke\ntuser.dat{27ad90fc-063c-11e1-ad70-002522aa443f}.TMContainer00000000000000000002.regtrans-ms
[2011.11.02 20:37:36 | 000,065,536 | -HS- | M] () -- C:\Users\Wiebke\ntuser.dat{3be08885-0581-11e1-8599-002522aa443f}.TM.blf
[2011.11.02 20:37:36 | 000,524,288 | -HS- | M] () -- C:\Users\Wiebke\ntuser.dat{3be08885-0581-11e1-8599-002522aa443f}.TMContainer00000000000000000001.regtrans-ms
[2011.11.02 20:37:37 | 000,524,288 | -HS- | M] () -- C:\Users\Wiebke\ntuser.dat{3be08885-0581-11e1-8599-002522aa443f}.TMContainer00000000000000000002.regtrans-ms
[2011.10.31 18:20:39 | 000,065,536 | -HS- | M] () -- C:\Users\Wiebke\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2011.10.31 18:20:39 | 000,524,288 | -HS- | M] () -- C:\Users\Wiebke\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2011.10.31 18:20:39 | 000,524,288 | -HS- | M] () -- C:\Users\Wiebke\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2011.10.31 18:10:37 | 000,000,020 | -HS- | M] () -- C:\Users\Wiebke\ntuser.ini
[2012.07.20 15:46:07 | 000,010,495 | ---- | M] () -- C:\Users\Wiebke\Wiebke_elster_2048.pfx
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:C798CE3C
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:1EAFB522

< End of report >
         
--- --- ---
__________________

Alt 24.10.2012, 20:41   #4
markusg
/// Malware-holic
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



hiho
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 25.10.2012, 20:29   #5
LadyIceTea
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



Combofix Logfile:
Code:
ATTFilter
ComboFix 12-10-25.01 - Wiebke 25.10.2012  21:13:20.1.4 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3580.2564 [GMT 2:00]
ausgeführt von:: c:\users\Wiebke\Desktop\ComboFix.exe
AV: Unitymedia Sicherheitspaket 9.01 *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Unitymedia Sicherheitspaket 9.01 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Unitymedia Sicherheitspaket 9.01 *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_nvsvc
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-09-25 bis 2012-10-25  ))))))))))))))))))))))))))))))
.
.
2012-10-25 19:17 . 2012-10-25 19:17	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-10-25 19:17 . 2012-10-25 19:17	--------	d-----w-	c:\users\Mcx1-WIEBKE-PC\AppData\Local\temp
2012-10-25 19:17 . 2012-10-25 19:17	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-10-23 15:13 . 2012-10-12 05:56	6918632	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7806BE1-33E0-4971-9CDA-57AE8DC7B186}\mpengine.dll
2012-10-20 14:15 . 2012-09-24 21:16	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-10-10 16:39 . 2012-08-02 16:57	490496	----a-w-	c:\windows\system32\d3d10level9.dll
2012-10-10 16:38 . 2012-05-01 04:44	164352	----a-w-	c:\windows\system32\profsvc.dll
2012-10-10 15:46 . 2012-08-30 17:12	3914096	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-10-10 15:46 . 2012-08-30 17:12	3968880	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-10-10 15:46 . 2012-06-02 04:36	1159680	----a-w-	c:\windows\system32\crypt32.dll
2012-10-10 15:46 . 2012-06-02 04:36	140288	----a-w-	c:\windows\system32\cryptsvc.dll
2012-10-10 15:46 . 2012-06-02 04:36	103936	----a-w-	c:\windows\system32\cryptnet.dll
2012-10-10 15:46 . 2012-08-10 23:56	542208	----a-w-	c:\windows\system32\kerberos.dll
2012-10-10 15:45 . 2012-09-14 18:28	2048	----a-w-	c:\windows\system32\tzres.dll
2012-10-10 15:45 . 2012-08-24 16:57	172544	----a-w-	c:\windows\system32\wintrust.dll
2012-10-03 08:58 . 2012-10-03 08:58	--------	d-----w-	c:\users\Wiebke\AppData\Roaming\CannyGames
2012-09-30 11:09 . 2012-09-30 11:09	--------	d-----w-	c:\users\Wiebke\AppData\Roaming\rondomedia
2012-09-30 11:09 . 2012-09-30 11:09	--------	d-----w-	c:\programdata\rondomedia
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 07:55 . 2012-06-16 06:59	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-10 07:55 . 2012-06-16 06:59	696760	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-08-31 15:50 . 2012-02-16 19:09	821736	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-08-31 15:50 . 2011-11-03 16:05	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-08-24 06:59 . 2012-09-22 16:06	1800704	----a-w-	c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-22 16:06	1129472	----a-w-	c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-22 16:06	1427968	----a-w-	c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 16:06	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 16:06	420864	----a-w-	c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-22 16:06	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-08-22 17:16 . 2012-09-12 16:08	1292144	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-12 16:08	240496	----a-w-	c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-12 16:08	187760	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 11:01 . 2012-09-25 15:25	26840	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 11:01 . 2011-11-12 15:21	106928	----a-w-	c:\windows\system32\GEARAspi.dll
2012-08-15 13:07 . 2012-04-26 14:24	44240	----a-w-	c:\windows\system32\drivers\fsbts.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\daemon tools lite\DTLite.exe" [2011-08-02 4910912]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-17 8546848]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"F-Secure Manager"="c:\program files\Unitymedia\Sicherheitspaket\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files\Unitymedia\Sicherheitspaket\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="d:\itunes\iTunesHelper.exe" [2012-09-09 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 netr28u;RT2870-USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr28u.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files\Unitymedia\Sicherheitspaket\Anti-Virus\Win2K\FSfilter.sys [x]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Unitymedia\Sicherheitspaket\Anti-Virus\Win2K\FSrec.sys [x]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Unitymedia\Sicherheitspaket\HIPS\drivers\fshs.sys [x]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [x]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys [x]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Unitymedia\Sicherheitspaket\ORSP Client\fsorsp.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-12 14:01]
.
2012-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-12 14:01]
.
2012-10-25 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~2\UNITYM~1\SICHER~1\ANTI-V~1\fsav.exe [2012-04-26 15:56]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\Wiebke\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - d:\icq\ICQ7.7\ICQ.exe
LSP: c:\program files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{69349EA0-CE5F-4848-A7BC-BE0A3F8664E3}: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8C8DF310-0935-4B49-BEFD-B5106EEF9C91}: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\
FF - prefs.js: browser.startup.homepage - Yahoo! Deutschland
FF - ExtSQL: !HIDDEN! 2011-11-12 13:54; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Blade Runner - c:\windows\unin0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-397657669-3383547663-499564317-1000\Software\SecuROM\License information*]
"datasecu"=hex:c4,bf,d6,6d,0b,92,7c,4f,0b,2b,79,46,fd,bb,c7,9c,06,e6,92,a5,41,
   3d,ad,e8,96,8e,bd,62,56,10,83,97,6b,ef,06,17,6d,4d,b4,7e,7c,5a,3b,84,7f,e1,\
"rkeysecu"=hex:3e,33,47,e1,81,89,23,f3,9b,8b,76,35,66,b3,9e,1c
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(592)
c:\program files\unitymedia\sicherheitspaket\hips\fshook32.dll
.
- - - - - - - > 'lsass.exe'(612)
c:\program files\unitymedia\sicherheitspaket\hips\fshook32.dll
.
- - - - - - - > 'Explorer.exe'(1884)
c:\program files\unitymedia\sicherheitspaket\hips\fshook32.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32st.exe
c:\program files\Unitymedia\Sicherheitspaket\Common\FSMA32.EXE
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Unitymedia\Sicherheitspaket\Common\FSHDLL32.EXE
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\taskhost.exe
c:\program files\Unitymedia\Sicherheitspaket\FWES\Program\fsdfwd.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\program files\Unitymedia\Sicherheitspaket\Anti-Virus\FSGK32.EXE
c:\program files\Unitymedia\Sicherheitspaket\Anti-Virus\fssm32.exe
c:\program files\Unitymedia\Sicherheitspaket\Anti-Virus\fsav32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-10-25  21:24:50 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-10-25 19:24
.
Vor Suchlauf: 8 Verzeichnis(se), 38.078.779.392 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 37.678.874.624 Bytes frei
.
- - End Of File - - 3EEE9BB36000A0AEA78D0AC645FDD990
         
--- --- ---


Alt 26.10.2012, 15:27   #6
markusg
/// Malware-holic
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
--> Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!

Alt 27.10.2012, 08:54   #7
LadyIceTea
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



ich hoffe das ist das richtige..

09:52:34.0345 2532 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
09:52:35.0328 2532 ============================================================
09:52:35.0328 2532 Current date / time: 2012/10/27 09:52:35.0328
09:52:35.0328 2532 SystemInfo:
09:52:35.0328 2532
09:52:35.0328 2532 OS Version: 6.1.7601 ServicePack: 1.0
09:52:35.0328 2532 Product type: Workstation
09:52:35.0328 2532 ComputerName: WIEBKE-PC
09:52:35.0328 2532 UserName: Wiebke
09:52:35.0328 2532 Windows directory: C:\Windows
09:52:35.0328 2532 System windows directory: C:\Windows
09:52:35.0328 2532 Processor architecture: Intel x86
09:52:35.0328 2532 Number of processors: 4
09:52:35.0328 2532 Page size: 0x1000
09:52:35.0328 2532 Boot type: Normal boot
09:52:35.0328 2532 ============================================================
09:52:35.0499 2532 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:52:35.0499 2532 ============================================================
09:52:35.0499 2532 \Device\Harddisk0\DR0:
09:52:35.0499 2532 MBR partitions:
09:52:35.0499 2532 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
09:52:35.0499 2532 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0xC34F2CC
09:52:35.0499 2532 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1869E598, BlocksNum 0x21CE66A9
09:52:35.0499 2532 ============================================================
09:52:35.0515 2532 C: <-> \Device\Harddisk0\DR0\Partition1
09:52:35.0546 2532 D: <-> \Device\Harddisk0\DR0\Partition2
09:52:35.0577 2532 E: <-> \Device\Harddisk0\DR0\Partition3
09:52:35.0577 2532 ============================================================
09:52:35.0577 2532 Initialize success
09:52:35.0577 2532 ============================================================
09:52:40.0226 4988 ============================================================
09:52:40.0226 4988 Scan started
09:52:40.0226 4988 Mode: Manual; SigCheck; TDLFS;
09:52:40.0226 4988 ============================================================
09:52:40.0881 4988 ================ Scan system memory ========================
09:52:40.0881 4988 System memory - ok
09:52:40.0881 4988 ================ Scan services =============================
09:52:41.0006 4988 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:52:41.0318 4988 1394ohci - ok
09:52:41.0349 4988 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:52:42.0363 4988 ACPI - ok
09:52:42.0395 4988 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:52:42.0395 4988 AcpiPmi - ok
09:52:42.0519 4988 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:52:42.0535 4988 AdobeARMservice - ok
09:52:42.0582 4988 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:52:42.0597 4988 adp94xx - ok
09:52:42.0613 4988 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:52:42.0613 4988 adpahci - ok
09:52:42.0629 4988 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:52:42.0644 4988 adpu320 - ok
09:52:42.0675 4988 [ 2C5C22990156A1063E19AD162191DC1D ] AegisP C:\Windows\system32\DRIVERS\AegisP.sys
09:52:42.0691 4988 AegisP ( UnsignedFile.Multi.Generic ) - warning
09:52:42.0691 4988 AegisP - detected UnsignedFile.Multi.Generic (1)
09:52:42.0707 4988 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:52:42.0707 4988 AeLookupSvc - ok
09:52:42.0753 4988 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
09:52:42.0769 4988 AFD - ok
09:52:42.0800 4988 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
09:52:42.0800 4988 agp440 - ok
09:52:42.0831 4988 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
09:52:42.0847 4988 aic78xx - ok
09:52:42.0878 4988 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
09:52:42.0878 4988 ALG - ok
09:52:42.0925 4988 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
09:52:42.0925 4988 aliide - ok
09:52:42.0941 4988 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:52:42.0941 4988 amdagp - ok
09:52:42.0956 4988 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
09:52:42.0956 4988 amdide - ok
09:52:42.0987 4988 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:52:42.0987 4988 AmdK8 - ok
09:52:43.0019 4988 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:52:43.0034 4988 AmdPPM - ok
09:52:43.0050 4988 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:52:43.0065 4988 amdsata - ok
09:52:43.0081 4988 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:52:43.0081 4988 amdsbs - ok
09:52:43.0097 4988 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:52:43.0112 4988 amdxata - ok
09:52:43.0143 4988 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
09:52:43.0159 4988 AppID - ok
09:52:43.0190 4988 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:52:43.0206 4988 AppIDSvc - ok
09:52:43.0237 4988 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
09:52:43.0253 4988 Appinfo - ok
09:52:43.0315 4988 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:52:43.0315 4988 Apple Mobile Device - ok
09:52:43.0377 4988 [ 92637B97F57C1669D521A54482C4579C ] AR5523 C:\Windows\system32\DRIVERS\WG11TND5.sys
09:52:43.0377 4988 AR5523 - ok
09:52:43.0393 4988 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:52:43.0409 4988 arc - ok
09:52:43.0424 4988 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:52:43.0424 4988 arcsas - ok
09:52:43.0455 4988 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:52:43.0471 4988 AsyncMac - ok
09:52:43.0518 4988 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
09:52:43.0518 4988 atapi - ok
09:52:43.0549 4988 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
09:52:43.0565 4988 AtiPcie - ok
09:52:43.0596 4988 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:52:43.0611 4988 AudioEndpointBuilder - ok
09:52:43.0627 4988 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:52:43.0658 4988 Audiosrv - ok
09:52:43.0799 4988 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:52:43.0799 4988 AxInstSV - ok
09:52:43.0845 4988 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
09:52:43.0845 4988 b06bdrv - ok
09:52:43.0877 4988 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:52:43.0892 4988 b57nd60x - ok
09:52:43.0908 4988 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
09:52:43.0923 4988 BDESVC - ok
09:52:43.0955 4988 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
09:52:43.0970 4988 Beep - ok
09:52:44.0001 4988 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
09:52:44.0033 4988 BFE - ok
09:52:44.0064 4988 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
09:52:44.0079 4988 BITS - ok
09:52:44.0095 4988 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:52:44.0111 4988 blbdrive - ok
09:52:44.0142 4988 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:52:44.0157 4988 Bonjour Service - ok
09:52:44.0189 4988 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:52:44.0189 4988 bowser - ok
09:52:44.0204 4988 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:52:44.0220 4988 BrFiltLo - ok
09:52:44.0220 4988 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:52:44.0235 4988 BrFiltUp - ok
09:52:44.0267 4988 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:52:44.0282 4988 BridgeMP - ok
09:52:44.0313 4988 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
09:52:44.0313 4988 Browser - ok
09:52:44.0329 4988 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:52:44.0329 4988 Brserid - ok
09:52:44.0345 4988 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:52:44.0345 4988 BrSerWdm - ok
09:52:44.0360 4988 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:52:44.0360 4988 BrUsbMdm - ok
09:52:44.0360 4988 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:52:44.0376 4988 BrUsbSer - ok
09:52:44.0376 4988 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:52:44.0391 4988 BTHMODEM - ok
09:52:44.0407 4988 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
09:52:44.0438 4988 bthserv - ok
09:52:44.0501 4988 catchme - ok
09:52:44.0532 4988 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:52:44.0547 4988 cdfs - ok
09:52:44.0579 4988 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:52:44.0579 4988 cdrom - ok
09:52:44.0610 4988 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
09:52:44.0641 4988 CertPropSvc - ok
09:52:44.0657 4988 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:52:44.0672 4988 circlass - ok
09:52:44.0703 4988 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
09:52:44.0859 4988 CLFS - ok
09:52:44.0922 4988 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:52:45.0000 4988 clr_optimization_v2.0.50727_32 - ok
09:52:45.0015 4988 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:52:45.0062 4988 CmBatt - ok
09:52:45.0093 4988 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:52:45.0140 4988 cmdide - ok
09:52:45.0171 4988 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
09:52:45.0218 4988 CNG - ok
09:52:45.0234 4988 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:52:45.0265 4988 Compbatt - ok
09:52:45.0296 4988 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:52:45.0312 4988 CompositeBus - ok
09:52:45.0327 4988 COMSysApp - ok
09:52:45.0343 4988 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:52:45.0359 4988 crcdisk - ok
09:52:45.0421 4988 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:52:45.0437 4988 CryptSvc - ok
09:52:45.0468 4988 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
09:52:45.0515 4988 DcomLaunch - ok
09:52:45.0546 4988 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
09:52:45.0577 4988 defragsvc - ok
09:52:45.0608 4988 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:52:45.0655 4988 DfsC - ok
09:52:45.0702 4988 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:52:45.0749 4988 Dhcp - ok
09:52:45.0764 4988 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
09:52:45.0811 4988 discache - ok
09:52:45.0842 4988 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:52:45.0873 4988 Disk - ok
09:52:45.0889 4988 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:52:45.0920 4988 Dnscache - ok
09:52:45.0951 4988 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
09:52:45.0983 4988 dot3svc - ok
09:52:46.0029 4988 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
09:52:46.0123 4988 Dot4 - ok
09:52:46.0154 4988 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:52:46.0185 4988 Dot4Print - ok
09:52:46.0201 4988 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
09:52:46.0263 4988 dot4usb - ok
09:52:46.0295 4988 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
09:52:46.0326 4988 DPS - ok
09:52:46.0357 4988 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:52:46.0388 4988 drmkaud - ok
09:52:46.0435 4988 [ C0C7CECCB6C85994C2BC92D58E52D3F2 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:52:46.0497 4988 dtsoftbus01 - ok
09:52:46.0529 4988 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:52:46.0607 4988 DXGKrnl - ok
09:52:46.0669 4988 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
09:52:46.0763 4988 EapHost - ok
09:52:46.0872 4988 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
09:52:46.0950 4988 ebdrv - ok
09:52:46.0981 4988 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
09:52:46.0997 4988 EFS - ok
09:52:47.0059 4988 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:52:47.0137 4988 ehRecvr - ok
09:52:47.0153 4988 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
09:52:47.0184 4988 ehSched - ok
09:52:47.0215 4988 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:52:47.0262 4988 elxstor - ok
09:52:47.0262 4988 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:52:47.0293 4988 ErrDev - ok
09:52:47.0340 4988 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
09:52:47.0387 4988 EventSystem - ok
09:52:47.0402 4988 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
09:52:47.0449 4988 exfat - ok
09:52:47.0527 4988 [ D4980588ED87F8BB16BE43DDD0FBD5FE ] F-Secure Filter C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\Win2K\FSfilter.sys
09:52:47.0574 4988 F-Secure Filter - ok
09:52:47.0621 4988 [ DC2FFA1CE9841C12DBC038B24FF17FF0 ] F-Secure Gatekeeper C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys
09:52:47.0683 4988 F-Secure Gatekeeper - ok
09:52:47.0745 4988 [ A9BE66E05254B20DF82E0F7CDDECA7DD ] F-Secure Gatekeeper Handler Starter C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32st.exe
09:52:47.0808 4988 F-Secure Gatekeeper Handler Starter - ok
09:52:47.0855 4988 [ F5ACA65237C7511D5803CDC5E7003D75 ] F-Secure HIPS C:\Program Files\Unitymedia\Sicherheitspaket\HIPS\drivers\fshs.sys
09:52:47.0901 4988 F-Secure HIPS - ok
09:52:47.0917 4988 [ 6CE1195511533C9359F91A9E63792F5E ] F-Secure Recognizer C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\Win2K\FSrec.sys
09:52:47.0933 4988 F-Secure Recognizer - ok
09:52:47.0964 4988 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:52:48.0011 4988 fastfat - ok
09:52:48.0042 4988 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
09:52:48.0089 4988 Fax - ok
09:52:48.0120 4988 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:52:48.0135 4988 fdc - ok
09:52:48.0167 4988 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
09:52:48.0276 4988 fdPHost - ok
09:52:48.0291 4988 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
09:52:48.0323 4988 FDResPub - ok
09:52:48.0354 4988 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:52:48.0369 4988 FileInfo - ok
09:52:48.0385 4988 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:52:48.0463 4988 Filetrace - ok
09:52:48.0463 4988 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:52:48.0479 4988 flpydisk - ok
09:52:48.0494 4988 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:52:48.0541 4988 FltMgr - ok
09:52:48.0572 4988 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
09:52:48.0666 4988 FontCache - ok
09:52:48.0728 4988 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:52:48.0791 4988 FontCache3.0.0.0 - ok
09:52:48.0853 4988 [ 18DA737DD5122A475DA4948ED4643675 ] fsbts C:\Windows\system32\Drivers\fsbts.sys
09:52:48.0915 4988 fsbts - ok
09:52:48.0931 4988 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:52:48.0962 4988 FsDepends - ok
09:52:49.0040 4988 [ 8E0BF7478CC3BAED48282ADBC97ADAFB ] FSDFWD C:\Program Files\Unitymedia\Sicherheitspaket\FWES\Program\fsdfwd.exe
09:52:49.0118 4988 FSDFWD - ok
09:52:49.0149 4988 [ 2BFFAE1318CE3D9847A8D61B3726E54E ] FSES C:\Windows\system32\drivers\fses.sys
09:52:49.0165 4988 FSES - ok
09:52:49.0181 4988 [ 73E6E711455491DA6EBBAF9603E96323 ] FSFW C:\Windows\system32\drivers\fsdfw.sys
09:52:49.0212 4988 FSFW - ok
09:52:49.0259 4988 [ 392E85687A902239C01BADDF212B1A36 ] FSMA C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSMA32.EXE
09:52:49.0337 4988 FSMA - ok
09:52:49.0368 4988 [ 42AEF6A385354ACA65FC210CE7CE4D7C ] FSORSPClient C:\Program Files\Unitymedia\Sicherheitspaket\ORSP Client\fsorsp.exe
09:52:49.0430 4988 FSORSPClient - ok
09:52:49.0446 4988 [ F4A1769BD7A3F073C492663E6A7DECD1 ] fsvista C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys
09:52:49.0461 4988 fsvista - ok
09:52:49.0493 4988 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:52:49.0508 4988 Fs_Rec - ok
09:52:49.0555 4988 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:52:49.0633 4988 fvevol - ok
09:52:49.0664 4988 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:52:49.0695 4988 gagp30kx - ok
09:52:49.0742 4988 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:52:49.0789 4988 GEARAspiWDM - ok
09:52:49.0820 4988 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
09:52:49.0898 4988 gpsvc - ok
09:52:49.0992 4988 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:52:50.0070 4988 gupdate - ok
09:52:50.0101 4988 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:52:50.0132 4988 gupdatem - ok
09:52:50.0132 4988 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:52:50.0163 4988 hcw85cir - ok
09:52:50.0210 4988 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:52:50.0288 4988 HdAudAddService - ok
09:52:50.0319 4988 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:52:50.0351 4988 HDAudBus - ok
09:52:50.0366 4988 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:52:50.0397 4988 HidBatt - ok
09:52:50.0397 4988 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:52:50.0429 4988 HidBth - ok
09:52:50.0444 4988 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:52:50.0460 4988 HidIr - ok
09:52:50.0491 4988 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
09:52:50.0522 4988 hidserv - ok
09:52:50.0538 4988 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:52:50.0569 4988 HidUsb - ok
09:52:50.0585 4988 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:52:50.0616 4988 hkmsvc - ok
09:52:50.0647 4988 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:52:50.0990 4988 HomeGroupListener - ok
09:52:51.0021 4988 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:52:51.0053 4988 HomeGroupProvider - ok
09:52:51.0193 4988 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
09:52:51.0287 4988 hpqcxs08 - ok
09:52:51.0318 4988 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
09:52:51.0349 4988 hpqddsvc - ok
09:52:51.0380 4988 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:52:51.0411 4988 HpSAMD - ok
09:52:51.0458 4988 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:52:51.0567 4988 HTTP - ok
09:52:51.0599 4988 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:52:51.0614 4988 hwpolicy - ok
09:52:51.0661 4988 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:52:51.0692 4988 i8042prt - ok
09:52:51.0708 4988 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:52:51.0739 4988 iaStorV - ok
09:52:51.0833 4988 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
09:52:51.0911 4988 IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:52:51.0911 4988 IDriverT - detected UnsignedFile.Multi.Generic (1)
09:52:51.0957 4988 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:52:52.0004 4988 idsvc - ok
09:52:52.0035 4988 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:52:52.0051 4988 iirsp - ok
09:52:52.0113 4988 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
09:52:52.0191 4988 IKEEXT - ok
09:52:52.0301 4988 [ 2A4EB3167A071A67D3F56E94663544EC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:52:52.0425 4988 IntcAzAudAddService - ok
09:52:52.0457 4988 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
09:52:52.0472 4988 intelide - ok
09:52:52.0503 4988 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:52:52.0519 4988 intelppm - ok
09:52:52.0550 4988 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:52:52.0613 4988 IPBusEnum - ok
09:52:52.0644 4988 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:52:52.0675 4988 IpFilterDriver - ok
09:52:52.0737 4988 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:52:52.0831 4988 iphlpsvc - ok
09:52:52.0862 4988 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:52:52.0909 4988 IPMIDRV - ok
09:52:52.0909 4988 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:52:52.0956 4988 IPNAT - ok
09:52:53.0018 4988 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:52:53.0096 4988 iPod Service - ok
09:52:53.0143 4988 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:52:53.0190 4988 IRENUM - ok
09:52:53.0205 4988 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:52:53.0237 4988 isapnp - ok
09:52:53.0252 4988 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:52:53.0283 4988 iScsiPrt - ok
09:52:53.0315 4988 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:52:53.0346 4988 kbdclass - ok
09:52:53.0393 4988 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:52:53.0455 4988 kbdhid - ok
09:52:53.0486 4988 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
09:52:53.0517 4988 KeyIso - ok
09:52:53.0549 4988 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:52:53.0564 4988 KSecDD - ok
09:52:53.0595 4988 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:52:53.0611 4988 KSecPkg - ok
09:52:53.0658 4988 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
09:52:53.0689 4988 KtmRm - ok
09:52:53.0736 4988 [ 1A91EAAD2D73758140B3B7B6AD736573 ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
09:52:53.0783 4988 L1C - ok
09:52:53.0814 4988 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
09:52:53.0892 4988 LanmanServer - ok
09:52:53.0907 4988 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:52:53.0939 4988 LanmanWorkstation - ok
09:52:53.0985 4988 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:52:54.0048 4988 lltdio - ok
09:52:54.0063 4988 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:52:54.0110 4988 lltdsvc - ok
09:52:54.0126 4988 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
09:52:54.0157 4988 lmhosts - ok
09:52:54.0188 4988 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:52:54.0219 4988 LSI_FC - ok
09:52:54.0235 4988 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:52:54.0251 4988 LSI_SAS - ok
09:52:54.0266 4988 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:52:54.0297 4988 LSI_SAS2 - ok
09:52:54.0313 4988 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:52:54.0329 4988 LSI_SCSI - ok
09:52:54.0344 4988 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
09:52:54.0391 4988 luafv - ok
09:52:54.0422 4988 [ 144011D14BD35F4E36136AE057B1AADD ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
09:52:54.0485 4988 LUsbFilt - ok
09:52:54.0516 4988 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:52:54.0563 4988 Mcx2Svc - ok
09:52:54.0578 4988 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:52:54.0609 4988 megasas - ok
09:52:54.0625 4988 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:52:54.0656 4988 MegaSR - ok
09:52:54.0734 4988 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:52:54.0812 4988 Microsoft Office Groove Audit Service - ok
09:52:54.0828 4988 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
09:52:54.0859 4988 MMCSS - ok
09:52:54.0875 4988 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
09:52:54.0921 4988 Modem - ok
09:52:54.0953 4988 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:52:54.0968 4988 monitor - ok
09:52:55.0015 4988 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:52:55.0046 4988 mouclass - ok
09:52:55.0077 4988 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:52:55.0093 4988 mouhid - ok
09:52:55.0124 4988 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:52:55.0155 4988 mountmgr - ok
09:52:55.0171 4988 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
09:52:55.0202 4988 mpio - ok
09:52:55.0218 4988 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:52:55.0249 4988 mpsdrv - ok
09:52:55.0265 4988 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:52:55.0311 4988 MpsSvc - ok
09:52:55.0327 4988 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:52:55.0358 4988 MRxDAV - ok
09:52:55.0389 4988 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:52:55.0421 4988 mrxsmb - ok
09:52:55.0436 4988 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:52:55.0467 4988 mrxsmb10 - ok
09:52:55.0499 4988 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:52:55.0545 4988 mrxsmb20 - ok
09:52:55.0592 4988 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
09:52:55.0639 4988 msahci - ok
09:52:55.0655 4988 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:52:55.0686 4988 msdsm - ok
09:52:55.0701 4988 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
09:52:55.0733 4988 MSDTC - ok
09:52:55.0748 4988 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:52:55.0795 4988 Msfs - ok
09:52:55.0795 4988 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:52:55.0826 4988 mshidkmdf - ok
09:52:55.0857 4988 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:52:55.0920 4988 msisadrv - ok
09:52:55.0951 4988 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:52:56.0013 4988 MSiSCSI - ok
09:52:56.0013 4988 msiserver - ok
09:52:56.0045 4988 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:52:56.0076 4988 MSKSSRV - ok
09:52:56.0107 4988 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:52:56.0138 4988 MSPCLOCK - ok
09:52:56.0138 4988 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:52:56.0169 4988 MSPQM - ok
09:52:56.0185 4988 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:52:56.0201 4988 MsRPC - ok
09:52:56.0216 4988 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:52:56.0232 4988 mssmbios - ok
09:52:56.0247 4988 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:52:56.0279 4988 MSTEE - ok
09:52:56.0279 4988 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:52:56.0294 4988 MTConfig - ok
09:52:56.0310 4988 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
09:52:56.0341 4988 Mup - ok
09:52:56.0372 4988 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
09:52:56.0466 4988 napagent - ok
09:52:56.0497 4988 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:52:56.0575 4988 NativeWifiP - ok
09:52:56.0622 4988 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:52:56.0715 4988 NDIS - ok
09:52:56.0747 4988 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:52:56.0778 4988 NdisCap - ok
09:52:56.0825 4988 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:52:57.0012 4988 NdisTapi - ok
09:52:57.0090 4988 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:52:57.0152 4988 Ndisuio - ok
09:52:57.0183 4988 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:52:57.0215 4988 NdisWan - ok
09:52:57.0230 4988 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:52:57.0261 4988 NDProxy - ok
09:52:57.0355 4988 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
09:52:57.0449 4988 Nero BackItUp Scheduler 4.0 - ok
09:52:57.0527 4988 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:52:57.0558 4988 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:52:57.0558 4988 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:52:57.0589 4988 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:52:57.0620 4988 NetBIOS - ok
09:52:57.0651 4988 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:52:57.0698 4988 NetBT - ok
09:52:57.0714 4988 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
09:52:57.0729 4988 Netlogon - ok
09:52:57.0761 4988 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
09:52:57.0807 4988 Netman - ok
09:52:57.0823 4988 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
09:52:57.0870 4988 netprofm - ok
09:52:57.0917 4988 [ 27EE4B406E2F26F6117A9A420BD4CB65 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
09:52:57.0995 4988 netr28u - ok
09:52:58.0026 4988 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:52:58.0041 4988 NetTcpPortSharing - ok
09:52:58.0088 4988 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:52:58.0135 4988 nfrd960 - ok
09:52:58.0166 4988 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:52:58.0229 4988 NlaSvc - ok
09:52:58.0244 4988 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:52:58.0275 4988 Npfs - ok
09:52:58.0291 4988 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
09:52:58.0322 4988 nsi - ok
09:52:58.0322 4988 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:52:58.0353 4988 nsiproxy - ok
09:52:58.0431 4988 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:52:58.0509 4988 Ntfs - ok
09:52:58.0541 4988 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
09:52:58.0556 4988 Null - ok
09:52:58.0603 4988 [ 93C0F383B39B1F5FE7203E3270D4CF52 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
09:52:58.0681 4988 NVHDA - ok
09:52:58.0868 4988 [ F452E6AD3EDA2852F44BE492E283C40F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:52:59.0133 4988 nvlddmkm - ok
09:52:59.0180 4988 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:52:59.0211 4988 nvraid - ok
09:52:59.0227 4988 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:52:59.0258 4988 nvstor - ok
09:52:59.0367 4988 [ 003CB0A155568B4A53A301F07C734233 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
09:52:59.0539 4988 nvUpdatusService - ok
09:52:59.0555 4988 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:52:59.0586 4988 nv_agp - ok
09:52:59.0664 4988 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:52:59.0757 4988 odserv - ok
09:52:59.0789 4988 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:52:59.0851 4988 ohci1394 - ok
09:52:59.0867 4988 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:52:59.0945 4988 ose - ok
09:52:59.0976 4988 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:53:00.0007 4988 p2pimsvc - ok
09:53:00.0054 4988 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
09:53:00.0085 4988 p2psvc - ok
09:53:00.0116 4988 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:53:00.0132 4988 Parport - ok
09:53:00.0147 4988 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:53:00.0179 4988 partmgr - ok
09:53:00.0194 4988 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
09:53:00.0210 4988 Parvdm - ok
09:53:00.0225 4988 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:53:00.0257 4988 PcaSvc - ok
09:53:00.0288 4988 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
09:53:00.0319 4988 pci - ok
09:53:00.0319 4988 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
09:53:00.0350 4988 pciide - ok
09:53:00.0350 4988 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:53:00.0381 4988 pcmcia - ok
09:53:00.0397 4988 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
09:53:00.0413 4988 pcw - ok
09:53:00.0428 4988 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:53:00.0475 4988 PEAUTH - ok
09:53:00.0537 4988 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
09:53:00.0584 4988 pla - ok
09:53:00.0631 4988 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:53:00.0662 4988 PlugPlay - ok
09:53:00.0709 4988 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:53:00.0756 4988 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:53:00.0756 4988 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:53:00.0818 4988 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
09:53:00.0912 4988 PnkBstrA - ok
09:53:00.0943 4988 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:53:00.0959 4988 PNRPAutoReg - ok
09:53:00.0990 4988 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:53:01.0005 4988 PNRPsvc - ok
09:53:01.0037 4988 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:53:01.0083 4988 PolicyAgent - ok
09:53:01.0115 4988 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
09:53:01.0146 4988 Power - ok
09:53:01.0193 4988 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:53:01.0224 4988 PptpMiniport - ok
09:53:01.0255 4988 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:53:01.0271 4988 Processor - ok
09:53:01.0302 4988 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
09:53:01.0317 4988 ProfSvc - ok
09:53:01.0349 4988 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:53:01.0364 4988 ProtectedStorage - ok
09:53:01.0395 4988 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:53:01.0427 4988 Psched - ok
09:53:01.0473 4988 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:53:01.0520 4988 ql2300 - ok
09:53:01.0551 4988 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:53:01.0583 4988 ql40xx - ok
09:53:01.0614 4988 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
09:53:01.0629 4988 QWAVE - ok
09:53:01.0661 4988 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:53:01.0676 4988 QWAVEdrv - ok
09:53:01.0707 4988 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:53:01.0739 4988 RasAcd - ok
09:53:01.0785 4988 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:53:01.0863 4988 RasAgileVpn - ok
09:53:01.0879 4988 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
09:53:01.0910 4988 RasAuto - ok
09:53:01.0941 4988 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:53:01.0973 4988 Rasl2tp - ok
09:53:02.0004 4988 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
09:53:02.0051 4988 RasMan - ok
09:53:02.0066 4988 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:53:02.0113 4988 RasPppoe - ok
09:53:02.0160 4988 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:53:02.0207 4988 RasSstp - ok
09:53:02.0316 4988 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:53:02.0409 4988 rdbss - ok
09:53:02.0441 4988 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:53:02.0456 4988 rdpbus - ok
09:53:02.0487 4988 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:53:02.0519 4988 RDPCDD - ok
09:53:02.0550 4988 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:53:02.0565 4988 RDPENCDD - ok
09:53:02.0581 4988 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:53:02.0612 4988 RDPREFMP - ok
09:53:02.0659 4988 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:53:02.0675 4988 RDPWD - ok
09:53:02.0721 4988 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:53:02.0784 4988 rdyboost - ok
09:53:02.0815 4988 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
09:53:02.0862 4988 RemoteAccess - ok
09:53:02.0877 4988 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:53:02.0909 4988 RemoteRegistry - ok
09:53:02.0924 4988 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:53:02.0955 4988 RpcEptMapper - ok
09:53:02.0987 4988 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
09:53:03.0002 4988 RpcLocator - ok
09:53:03.0033 4988 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
09:53:03.0080 4988 RpcSs - ok
09:53:03.0111 4988 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:53:03.0189 4988 rspndr - ok
09:53:03.0205 4988 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
09:53:03.0221 4988 SamSs - ok
09:53:03.0267 4988 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:53:03.0299 4988 sbp2port - ok
09:53:03.0314 4988 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:53:03.0345 4988 SCardSvr - ok
09:53:03.0361 4988 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:53:03.0392 4988 scfilter - ok
09:53:03.0423 4988 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
09:53:03.0470 4988 Schedule - ok
09:53:03.0501 4988 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:53:03.0579 4988 SCPolicySvc - ok
09:53:03.0611 4988 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:53:03.0626 4988 SDRSVC - ok
09:53:03.0689 4988 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:53:03.0751 4988 secdrv - ok
09:53:03.0767 4988 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
09:53:03.0798 4988 seclogon - ok
09:53:03.0829 4988 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
09:53:03.0860 4988 SENS - ok
09:53:03.0860 4988 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:53:03.0891 4988 SensrSvc - ok
09:53:03.0923 4988 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:53:03.0938 4988 Serenum - ok
09:53:03.0985 4988 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:53:04.0016 4988 Serial - ok
09:53:04.0032 4988 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:53:04.0063 4988 sermouse - ok
09:53:04.0094 4988 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
09:53:04.0125 4988 SessionEnv - ok
09:53:04.0157 4988 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:53:04.0172 4988 sffdisk - ok
09:53:04.0203 4988 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:53:04.0219 4988 sffp_mmc - ok
09:53:04.0235 4988 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:53:04.0250 4988 sffp_sd - ok
09:53:04.0297 4988 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:53:04.0344 4988 sfloppy - ok
09:53:04.0375 4988 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:53:04.0422 4988 SharedAccess - ok
09:53:04.0437 4988 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:53:04.0484 4988 ShellHWDetection - ok
09:53:04.0500 4988 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:53:04.0531 4988 sisagp - ok
09:53:04.0562 4988 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:53:04.0578 4988 SiSRaid2 - ok
09:53:04.0593 4988 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:53:04.0609 4988 SiSRaid4 - ok
09:53:04.0640 4988 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:53:04.0671 4988 Smb - ok
09:53:04.0718 4988 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:53:04.0781 4988 SNMPTRAP - ok
09:53:04.0781 4988 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
09:53:04.0812 4988 spldr - ok
09:53:04.0859 4988 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
09:53:04.0890 4988 Spooler - ok
09:53:04.0983 4988 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
09:53:05.0155 4988 sppsvc - ok
09:53:05.0186 4988 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:53:05.0217 4988 sppuinotify - ok
09:53:05.0264 4988 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:53:05.0342 4988 srv - ok
09:53:05.0358 4988 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:53:05.0405 4988 srv2 - ok
09:53:05.0436 4988 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:53:05.0467 4988 srvnet - ok
09:53:05.0483 4988 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:53:05.0529 4988 SSDPSRV - ok
09:53:05.0545 4988 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:53:05.0576 4988 SstpSvc - ok
09:53:05.0607 4988 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:53:05.0623 4988 stexstor - ok
09:53:05.0670 4988 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
09:53:05.0717 4988 StiSvc - ok
09:53:05.0748 4988 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
09:53:05.0810 4988 swenum - ok
09:53:05.0826 4988 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
09:53:05.0873 4988 swprv - ok
09:53:05.0919 4988 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
09:53:05.0997 4988 SysMain - ok
09:53:06.0029 4988 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:53:06.0060 4988 TabletInputService - ok
09:53:06.0091 4988 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
09:53:06.0122 4988 TapiSrv - ok
09:53:06.0153 4988 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
09:53:06.0185 4988 TBS - ok
09:53:06.0231 4988 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:53:06.0294 4988 Tcpip - ok
09:53:06.0325 4988 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:53:06.0372 4988 TCPIP6 - ok
09:53:06.0403 4988 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:53:06.0497 4988 tcpipreg - ok
09:53:06.0528 4988 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:53:06.0559 4988 TDPIPE - ok
09:53:06.0590 4988 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:53:06.0606 4988 TDTCP - ok
09:53:06.0653 4988 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:53:06.0684 4988 tdx - ok
09:53:06.0699 4988 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:53:06.0715 4988 TermDD - ok
09:53:06.0762 4988 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
09:53:06.0809 4988 TermService - ok
09:53:06.0824 4988 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
09:53:06.0840 4988 Themes - ok
09:53:06.0855 4988 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
09:53:06.0887 4988 THREADORDER - ok
09:53:06.0902 4988 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
09:53:06.0933 4988 TrkWks - ok
09:53:06.0980 4988 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:53:07.0011 4988 TrustedInstaller - ok
09:53:07.0027 4988 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:53:07.0058 4988 tssecsrv - ok
09:53:07.0105 4988 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:53:07.0183 4988 TsUsbFlt - ok
09:53:07.0214 4988 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:53:07.0245 4988 tunnel - ok
09:53:07.0277 4988 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:53:07.0386 4988 uagp35 - ok
09:53:07.0401 4988 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:53:07.0479 4988 udfs - ok
09:53:07.0495 4988 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:53:07.0526 4988 UI0Detect - ok
09:53:07.0557 4988 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:53:07.0620 4988 uliagpkx - ok
09:53:07.0651 4988 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:53:07.0682 4988 umbus - ok
09:53:07.0713 4988 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:53:07.0729 4988 UmPass - ok
09:53:07.0776 4988 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
09:53:07.0823 4988 upnphost - ok
09:53:07.0854 4988 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
09:53:07.0885 4988 USBAAPL - ok
09:53:07.0885 4988 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:53:07.0916 4988 usbccgp - ok
09:53:07.0947 4988 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:53:07.0963 4988 usbcir - ok
09:53:07.0994 4988 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:53:08.0010 4988 usbehci - ok
09:53:08.0057 4988 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:53:08.0119 4988 usbhub - ok
09:53:08.0135 4988 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
09:53:08.0150 4988 usbohci - ok
09:53:08.0197 4988 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:53:08.0244 4988 usbprint - ok
09:53:08.0275 4988 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:53:08.0291 4988 usbscan - ok
09:53:08.0306 4988 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:53:08.0337 4988 USBSTOR - ok
09:53:08.0353 4988 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:53:08.0369 4988 usbuhci - ok
09:53:08.0400 4988 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
09:53:08.0462 4988 UxSms - ok
09:53:08.0462 4988 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
09:53:08.0493 4988 VaultSvc - ok
09:53:08.0525 4988 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:53:08.0603 4988 vdrvroot - ok
09:53:08.0634 4988 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
09:53:08.0696 4988 vds - ok
09:53:08.0727 4988 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:53:08.0743 4988 vga - ok
09:53:08.0759 4988 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:53:08.0790 4988 VgaSave - ok
09:53:08.0821 4988 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:53:08.0852 4988 vhdmp - ok
09:53:08.0868 4988 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:53:08.0883 4988 viaagp - ok
09:53:08.0899 4988 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
09:53:08.0930 4988 ViaC7 - ok
09:53:08.0961 4988 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
09:53:09.0024 4988 viaide - ok
09:53:09.0039 4988 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:53:09.0071 4988 volmgr - ok
09:53:09.0102 4988 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:53:09.0149 4988 volmgrx - ok
09:53:09.0164 4988 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:53:09.0195 4988 volsnap - ok
09:53:09.0227 4988 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:53:09.0258 4988 vsmraid - ok
09:53:09.0289 4988 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
09:53:09.0351 4988 VSS - ok
09:53:09.0367 4988 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:53:09.0398 4988 vwifibus - ok
09:53:09.0429 4988 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:53:09.0461 4988 vwififlt - ok
09:53:09.0492 4988 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
09:53:09.0585 4988 W32Time - ok
09:53:09.0601 4988 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:53:09.0617 4988 WacomPen - ok
09:53:09.0679 4988 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:53:09.0773 4988 WANARP - ok
09:53:09.0773 4988 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:53:09.0804 4988 Wanarpv6 - ok
09:53:09.0835 4988 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
09:53:09.0882 4988 wbengine - ok
09:53:09.0913 4988 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:53:09.0944 4988 WbioSrvc - ok
09:53:09.0975 4988 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:53:10.0053 4988 wcncsvc - ok
09:53:10.0069 4988 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:53:10.0116 4988 WcsPlugInService - ok
09:53:10.0116 4988 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:53:10.0147 4988 Wd - ok
09:53:10.0163 4988 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:53:10.0209 4988 Wdf01000 - ok
09:53:10.0225 4988 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:53:10.0241 4988 WdiServiceHost - ok
09:53:10.0241 4988 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:53:10.0272 4988 WdiSystemHost - ok
09:53:10.0303 4988 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
09:53:10.0334 4988 WebClient - ok
09:53:10.0350 4988 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:53:10.0397 4988 Wecsvc - ok
09:53:10.0412 4988 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:53:10.0443 4988 wercplsupport - ok
09:53:10.0475 4988 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
09:53:10.0506 4988 WerSvc - ok
09:53:10.0537 4988 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:53:10.0568 4988 WfpLwf - ok
09:53:10.0599 4988 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:53:10.0615 4988 WIMMount - ok
09:53:10.0677 4988 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:53:10.0755 4988 WinDefend - ok
09:53:10.0771 4988 WinHttpAutoProxySvc - ok
09:53:10.0802 4988 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:53:10.0896 4988 Winmgmt - ok
09:53:10.0927 4988 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
09:53:10.0974 4988 WinRM - ok
09:53:11.0021 4988 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:53:11.0052 4988 WinUsb - ok
09:53:11.0083 4988 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:53:11.0130 4988 Wlansvc - ok
09:53:11.0177 4988 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:53:11.0208 4988 WmiAcpi - ok
09:53:11.0239 4988 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:53:11.0270 4988 wmiApSrv - ok
09:53:11.0301 4988 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:53:11.0379 4988 WMPNetworkSvc - ok
09:53:11.0395 4988 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:53:11.0426 4988 WPCSvc - ok
09:53:11.0457 4988 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:53:11.0473 4988 WPDBusEnum - ok
09:53:11.0504 4988 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:53:11.0535 4988 ws2ifsl - ok
09:53:11.0551 4988 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
09:53:11.0582 4988 wscsvc - ok
09:53:11.0582 4988 WSearch - ok
09:53:11.0629 4988 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
09:53:11.0707 4988 wuauserv - ok
09:53:11.0754 4988 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:53:11.0816 4988 WudfPf - ok
09:53:11.0863 4988 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:53:11.0941 4988 WUDFRd - ok
09:53:11.0972 4988 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:53:12.0050 4988 wudfsvc - ok
09:53:12.0066 4988 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
09:53:12.0081 4988 WwanSvc - ok
09:53:12.0113 4988 ================ Scan global ===============================
09:53:12.0128 4988 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
09:53:12.0159 4988 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
09:53:12.0191 4988 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
09:53:12.0222 4988 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
09:53:12.0253 4988 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
09:53:12.0269 4988 [Global] - ok
09:53:12.0269 4988 ================ Scan MBR ==================================
09:53:12.0269 4988 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:53:12.0830 4988 \Device\Harddisk0\DR0 - ok
09:53:12.0830 4988 ================ Scan VBR ==================================
09:53:12.0830 4988 [ 7074C6F82C98D1FD506206A5F88B85FF ] \Device\Harddisk0\DR0\Partition1
09:53:12.0846 4988 \Device\Harddisk0\DR0\Partition1 - ok
09:53:12.0877 4988 [ 102B3F5535ADD4689E401CA71A62D746 ] \Device\Harddisk0\DR0\Partition2
09:53:12.0877 4988 \Device\Harddisk0\DR0\Partition2 - ok
09:53:12.0893 4988 [ 8E6C1F19509E3B9EBA596778DD844C8C ] \Device\Harddisk0\DR0\Partition3
09:53:12.0893 4988 \Device\Harddisk0\DR0\Partition3 - ok
09:53:12.0893 4988 ============================================================
09:53:12.0893 4988 Scan finished
09:53:12.0893 4988 ============================================================
09:53:12.0908 5084 Detected object count: 4
09:53:12.0908 5084 Actual detected object count: 4
09:53:20.0802 5084 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
09:53:20.0802 5084 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:53:20.0817 5084 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:53:20.0817 5084 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:53:20.0817 5084 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:53:20.0817 5084 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:53:20.0817 5084 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:53:20.0817 5084 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 29.10.2012, 18:56   #8
markusg
/// Malware-holic
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



gibts im moment noch probleme?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 29.10.2012, 19:51   #9
LadyIceTea
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



Ja immer noch die gleichen wie zuvor.
Also, dass das kleine Fenster immer ganz kurz aufpoppt und ich denke mit dem Virenscan hat sich auch nicht geändert.

Alt 29.10.2012, 21:00   #10
markusg
/// Malware-holic
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



hi
öffne mal computer, rechtsklick c:
eigenschaften, tools, datenträgerüberprüfung, beide haken setzen.
starten, evtl. pc neustarten falls gefordert, und durchlaufen lassen, evtl. vorhandene fehler posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 30.10.2012, 07:33   #11
LadyIceTea
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



Hey..hab das mal gemacht. Aber Fehlermeldungen waren glaub ich keine

Alt 31.10.2012, 17:06   #12
markusg
/// Malware-holic
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



hi
lad mal hitman pro
http://www.trojaner-board.de/99424-c...o-scannen.html
doppelklicken, license, testlicense
dann auf scan.
am ende nichts löschen, auf results klicken, und auf xml exportieren wählen und hier anhängen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.10.2012, 18:12   #13
LadyIceTea
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



Code:
ATTFilter
HitmanPro 3.6.2.173
www.hitmanpro.com

   Computer name . . . . : WIEBKE-PC
   Windows . . . . . . . : 6.1.1.7601.X86/4
   User name . . . . . . : Wiebke-PC\Wiebke
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)

   Scan date . . . . . . : 2012-10-31 18:06:07
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 4m 39s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 72

   Objects scanned . . . : 1.330.364
   Files scanned . . . . : 47.822
   Remnants scanned  . . : 445.191 files / 837.351 keys

Suspicious files ____________________________________________________________

   C:\Users\Wiebke\AppData\Local\PunkBuster\BC2\pb\dll\wc002277.dll
      Size . . . . . . . : 960.138 bytes
      Age  . . . . . . . : 357.1 days (2011-11-09 16:22:55)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 70053EEA7AC3C1427D779B3F258A13CF74B02980DCDDEFBC24B341CFFA1E4AA2
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Wiebke\AppData\Local\PunkBuster\BC2\pb\pbcl.dll
      Size . . . . . . . : 960.138 bytes
      Age  . . . . . . . : 357.1 days (2011-11-09 16:22:55)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 70053EEA7AC3C1427D779B3F258A13CF74B02980DCDDEFBC24B341CFFA1E4AA2
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Wiebke\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
      Size . . . . . . . : 951.497 bytes
      Age  . . . . . . . : 366.0 days (2011-10-31 18:38:50)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 43358BBCEC1EBE7927CA3B0A3DCA0597D5E8584F0FCBE987B8126A0C12D73A2B
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Wiebke\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
      Size . . . . . . . : 140.072 bytes
      Age  . . . . . . . : 366.0 days (2011-10-31 18:39:20)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : CC3F4E453FC246B64C09E81BB73741CECC897C805C13815336647E986A60301E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Windows\system32\drivers\PnkBstrK.sys
      Size . . . . . . . : 140.072 bytes
      Age  . . . . . . . : 366.0 days (2011-10-31 18:18:41)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : CC3F4E453FC246B64C09E81BB73741CECC897C805C13815336647E986A60301E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 26.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.


Potential Unwanted Programs _________________________________________________

   HKU\S-1-5-21-397657669-3383547663-499564317-1000\Software\Softonic\ (Softonic)

Cookies _____________________________________________________________________

   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\0Y3135MR.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\1LSF33OO.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\2PIRHIEC.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\8T2X35Z6.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\9NUE34OR.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\CHYBJUJG.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\DI4GR0D2.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\EIMYL40B.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\FBEDVI5W.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\GB1T2RBH.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\IP7MBUIG.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\IPOXXH6M.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\N08VMZ52.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\O3X1CY8W.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\RD5CYTMF.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\RMQVUNAM.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\X0AW97IF.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\XD01VSPJ.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\Z62V1Z5D.txt
   C:\Users\Wiebke\AppData\Roaming\Microsoft\Windows\Cookies\ZTK8922B.txt
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:2o7.net
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:ad.12mnkys.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:ad.360yield.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:ad.ad-srv.net
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:ad.adc-serv.net
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:ad.adnet.de
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:ad.zanox.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:adbrite.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:adinterax.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:adtech.de
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:advertising.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:apmebf.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:atdmt.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:casalemedia.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:cewecolor.112.2o7.net
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:doubleclick.net
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:eas.apm.emediate.eu
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:eas4.emediate.eu
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:fastclick.net
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:fr.sitestat.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:guj.122.2o7.net
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:invitemedia.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:kontera.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:libri.112.2o7.net
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:mediaplex.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:overture.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:parship.122.2o7.net
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:questionmarket.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:revsci.net
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:rts.pgmediaserve.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:ru4.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:serving-sys.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:smartadserver.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:track.adform.net
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:track.effiliation.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:tradedoubler.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:ww251.smartadserver.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:www.etracker.de
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:www.googleadservices.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:www4.smartadserver.com
   C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\cookies.sqlite:yieldmanager.net
         

Alt 01.11.2012, 00:38   #14
markusg
/// Malware-holic
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



hi
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste
    mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 01.11.2012, 12:26   #15
LadyIceTea
 
Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Standard

Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!



# AdwCleaner v2.006 - Datei am 01/11/2012 um 12:25:04 erstellt
# Aktualisiert am 30/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Wiebke - WIEBKE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Wiebke\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\ProgramData\Trymedia
Ordner Gefunden : C:\Users\Wiebke\AppData\LocalLow\boost_interprocess

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software
Schlüssel Gefunden : HKCU\Software\Softonic

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v13.0.1 (de)

Profilname : default
Datei : C:\Users\Wiebke\AppData\Roaming\Mozilla\Firefox\Profiles\p8btthm6.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Wiebke\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1194 octets] - [01/11/2012 12:25:04]

########## EOF - C:\AdwCleaner[R1].txt - [1254 octets] ##########

Antwort

Themen zu Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!
anderes, bli, blinkt, datei, direkt, festgestellt, firewall, google, kleine, kleinen, kurze, leute, nichts, problem, richtig, scan, sekunden, taskleiste, virenscan, virus, win, win7, windows, windows firewall, wirklich




Ähnliche Themen: Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!


  1. Win7: LAN ok, Netzwerktreiber ok, aber "Netzwerk" -> "Adaptereinstellungen ändern" ist leer
    Log-Analyse und Auswertung - 22.01.2015 (15)
  2. win7 -malwerebytesscan erkennt probleme: "yahoo safe finder"
    Log-Analyse und Auswertung - 15.09.2014 (15)
  3. Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (77)
  4. Win7 nach AntiVir Funden "TR/Crypt.zpack.Gen7" und "Adspy.Gen2" stark verlangsamt
    Log-Analyse und Auswertung - 13.04.2014 (28)
  5. "tcbhn mußte unterbrochen werden", dieses Feld wird ständig eingeblendet und ich kann nichts damit anfangen.
    Plagegeister aller Art und deren Bekämpfung - 18.02.2013 (1)
  6. [Avira Free Antivirus] iVm. "PC Probleme lösen" Fehlermeldung
    Antiviren-, Firewall- und andere Schutzprogramme - 20.08.2012 (2)
  7. größere Downloads brechen ab / Online Banking wird mit "Sicherheitsmaske" überdeckt
    Log-Analyse und Auswertung - 12.04.2012 (18)
  8. Schwarzer Bildschirm bei win7 start mit Feld "Bezahlen und runterladen"
    Log-Analyse und Auswertung - 12.01.2012 (11)
  9. Habe auch Probleme mit "Failed to save all the components for the file System32\\00... " Win7
    Mülltonne - 09.12.2011 (4)
  10. Habe auch Probleme mit "Failed to save all the components for the file System32\\00... " Win7
    Plagegeister aller Art und deren Bekämpfung - 04.12.2011 (35)
  11. VirenScans brechen ab - Neustart?
    Log-Analyse und Auswertung - 08.09.2011 (21)
  12. Browser lösen das "www" aus allen angeklickten Internetadressen falsch auf
    Plagegeister aller Art und deren Bekämpfung - 21.03.2011 (14)
  13. hohe load durch prozess "system" und "explorer.exe" verbindet alleine nach russland
    Plagegeister aller Art und deren Bekämpfung - 08.12.2010 (10)
  14. "Hacker" brechen in Mailkonten von Prominenten ein
    Nachrichten - 01.12.2010 (0)
  15. "Hacker" brechen in Mailkontos von Prominenten ein
    Nachrichten - 01.12.2010 (0)
  16. Avira AntiVir was ist ein "verstecktes Objekt" & wie kann ich das Problem lösen ?
    Plagegeister aller Art und deren Bekämpfung - 09.10.2010 (17)
  17. Internet ist langsam, Downloads brechen ab und Google stuft alles als "Gefahr" ein
    Plagegeister aller Art und deren Bekämpfung - 31.01.2009 (2)

Zum Thema Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! - Hallo Leute, ich hoffe ich bin hier richtig und mache nichts falsch.. Ich habe schon versucht mein Problem zu googlen aber nichts gefunden.. Seit Gestern oder Vorgestern viel mir auf, - Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab!...
Archiv
Du betrachtest: Win7 "PC-Probleme-Lösen" Feld blinkt im Sekundentackt auf und Virenscans brechen von alleine ab! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.