Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Ich habe mir den Polizei Virus eingefangen.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 05.12.2012, 12:25   #1
hs77
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



Ich habe mir den Polizei Virus eingefangen.
Habe den Pc mit Kaspersky Win Unlooker feigeschallten.
Und habe den PC mit Anti Malware untersucht.

Hier der Log.
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.12.05.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
E W :: EW [Administrator]

05.12.2012 07:28:03
mbam-log-2012-12-05 (08-41-43).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 269205
Laufzeit: 15 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lsass.exe (Trojan.Delf) -> Keine Aktion durchgeführt.

(Ende)

Ist mein Pc jetzt Vieren frei.

Danke im voraus
mfg hs77

Alt 05.12.2012, 12:45   #2
markusg
/// Malware-holic
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 06.12.2012, 09:54   #3
hs77
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



Hallo danke für deine Hilfe!

Hier der ULT.txt Log:OTL Logfile:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 06.12.2012 06:55:03 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\E W\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 75,50% Memory free
2,60 Gb Paging File | 2,08 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Programme
Drive C: | 111,79 Gb Total Space | 52,21 Gb Free Space | 46,71% Space Free | Partition Type: NTFS
 
Computer Name: EW | User Name: E W | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.12.06 06:50:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\E W\Desktop\OTL.exe
PRC - [2012.10.08 19:21:22 | 000,766,400 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2011.10.03 07:31:56 | 003,756,032 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_5\bin\fb_inet_server.exe
PRC - [2010.10.01 22:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) -- C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe
PRC - [2010.09.27 16:42:18 | 004,180,576 | ---- | M] (SafeNet Inc.) -- C:\WINNT\system32\hasplms.exe
PRC - [2010.08.25 02:21:57 | 000,251,256 | ---- | M] (BUFFALO INC.) -- C:\Programme\BUFFALO\NASNAVI\nassvc.exe
PRC - [2010.03.29 19:26:00 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2009.12.21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Programme\Gemeinsame Dateien\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
PRC - [2009.09.08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Programme\Canon\CAL\CALMAIN.exe
PRC - [2009.03.24 14:00:00 | 000,241,664 | ---- | M] () -- C:\Programme\ZTE Join Air\AssistantServices.exe
PRC - [2008.04.14 06:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe
PRC - [2008.03.13 16:03:34 | 000,225,280 | ---- | M] (Schneider Automation) -- C:\WINNT\system32\ModbusDrv.exe
PRC - [2006.08.08 10:04:00 | 000,204,865 | ---- | M] (SIEMENS AG) -- C:\Programme\Gemeinsame Dateien\Siemens\S7IEPG\s7oiehsx.exe
PRC - [2006.03.13 17:00:48 | 000,069,685 | ---- | M] (SIEMENS AG) -- C:\Programme\Siemens\Step7\S7BIN\s7asysvx.exe
PRC - [2005.12.14 13:35:26 | 000,622,654 | ---- | M] (SIEMENS AG) -- C:\Programme\Gemeinsame Dateien\Siemens\SWS\almsrv\almsrvx.exe
PRC - [2005.09.13 16:22:52 | 000,049,152 | ---- | M] (Schneider Automation SAS) -- C:\WINNT\system32\NA_Service.exe
PRC - [2004.11.26 13:42:10 | 000,812,032 | ---- | M] (Ahead Software AG) -- C:\Programme\Ahead\InCD\InCDsrv.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2002.01.30 18:20:08 | 000,022,016 | ---- | M] (Inprise Corporation) -- C:\Programme\borland\interbase\Bin\ibguard.exe
PRC - [2002.01.30 18:19:40 | 001,704,448 | ---- | M] (Inprise Corporation) -- C:\Programme\borland\interbase\Bin\ibserver.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.31 02:08:04 | 000,016,872 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2010.10.01 22:05:46 | 008,972,888 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky PURE\QtGui4.dll
MOD - [2010.10.01 22:05:42 | 002,456,152 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky PURE\QtCore4.dll
MOD - [2010.10.01 22:05:42 | 000,117,336 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky PURE\text_extractor.dll
MOD - [2010.10.01 22:05:28 | 002,111,064 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky PURE\avzkrnl.dll
MOD - [2010.10.01 21:07:46 | 000,733,184 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky PURE\localization_manager.dll
MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.10.30 20:32:30 | 000,410,496 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky PURE\dblite.dll
MOD - [2009.03.24 14:00:00 | 000,241,664 | ---- | M] () -- C:\Programme\ZTE Join Air\AssistantServices.exe
MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2007.04.02 17:19:22 | 000,355,112 | ---- | M] () -- C:\WINNT\system32\msjetoledb40.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.11.29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 07:41:46 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINNT\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.08 19:21:22 | 000,766,400 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2011.10.03 07:31:56 | 003,756,032 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_5\bin\fb_inet_server.exe -- (FirebirdServerDefaultInstance)
SRV - [2010.10.01 22:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe -- (AVP)
SRV - [2010.09.27 16:42:18 | 004,180,576 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\WINNT\system32\hasplms.exe -- (hasplms)
SRV - [2010.08.25 02:21:57 | 000,251,256 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Programme\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService)
SRV - [2010.01.09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 20:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.12.21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2009.09.08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Programme\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2009.03.24 14:00:00 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Programme\ZTE Join Air\AssistantServices.exe -- (UI Assistant Service)
SRV - [2008.11.04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.03.25 15:57:37 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006.08.08 10:04:00 | 000,204,865 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Siemens\S7IEPG\s7oiehsx.exe -- (s7oiehsx)
SRV - [2006.03.13 17:00:48 | 000,069,685 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Programme\Siemens\Step7\S7BIN\s7asysvx.exe -- (s7asysvx)
SRV - [2005.12.14 13:35:26 | 000,622,654 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Siemens\SWS\almsrv\almsrvx.exe -- (almservice)
SRV - [2005.09.13 16:22:52 | 000,049,152 | ---- | M] (Schneider Automation SAS) [Auto | Running] -- C:\WINNT\system32\NA_Service.exe -- (NA_Service)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.11.26 13:42:10 | 000,812,032 | ---- | M] (Ahead Software AG) [Auto | Running] -- C:\Programme\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2002.01.30 18:20:08 | 000,022,016 | ---- | M] (Inprise Corporation) [Auto | Running] -- C:\Programme\borland\interbase\Bin\ibguard.exe -- (InterBaseGuardian)
SRV - [2002.01.30 18:19:40 | 001,704,448 | ---- | M] (Inprise Corporation) [On_Demand | Running] -- C:\Programme\borland\interbase\Bin\ibserver.exe -- (InterBaseServer)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\vvftUVC.sys -- (vvftUVC)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VMUVC.sys -- (VMUVC)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (iatmunin)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\Afc.sys -- (Afc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\AF15BDA.sys -- (AF15BDA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINNT\System32\Drivers\<NtDriverName>.sys -- (<NtDriverName>)
DRV - [2012.06.22 12:01:30 | 000,019,984 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINNT\system32\drivers\EsgScanner.sys -- (EsgScanner)
DRV - [2012.03.21 15:50:27 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINNT\system32\drivers\klif.sys -- (KLIF)
DRV - [2011.09.05 17:50:39 | 000,259,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\XHASP.sys -- (XHASP)
DRV - [2011.05.30 11:13:18 | 000,052,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\gmc-i_cdc_x86.sys -- (gmc-i_cdc_x86)
DRV - [2010.09.27 16:42:24 | 000,356,864 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2010.09.27 16:42:16 | 000,238,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\akshasp.sys -- (akshasp)
DRV - [2010.09.27 16:42:14 | 000,588,800 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2010.09.27 16:42:14 | 000,016,384 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\aksusb.sys -- (aksusb)
DRV - [2010.09.27 16:42:12 | 000,046,336 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\akshhl.sys -- (akshhl)
DRV - [2009.12.14 12:44:24 | 000,088,632 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\CSCrySec.sys -- (CSCrySec)
DRV - [2009.12.14 12:44:24 | 000,039,352 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\WINNT\system32\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV - [2009.10.22 10:41:34 | 000,040,552 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2009.10.14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\klbg.sys -- (KLBG)
DRV - [2009.10.02 19:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.09.14 14:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\klim5.sys -- (klim5)
DRV - [2009.09.01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINNT\system32\drivers\kl1.sys -- (kl1)
DRV - [2009.07.06 12:54:09 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2009.05.16 17:38:12 | 000,050,560 | ---- | M] (Chingachguk & Denger2k (Elite & SP edition)) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\multikey.sys -- (multikey)
DRV - [2009.01.05 10:01:02 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.01.05 10:01:02 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.01.05 10:01:02 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008.07.03 19:59:54 | 000,193,696 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2008.04.15 04:14:02 | 000,990,632 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.04.15 04:13:58 | 000,534,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008.04.13 22:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.03.27 10:18:12 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.03.13 14:51:52 | 000,057,536 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2008.03.13 14:50:02 | 000,072,000 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2008.03.10 11:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008.02.04 10:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.09.20 04:59:14 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.03.01 12:12:16 | 000,075,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\slabser.sys -- (slabser)
DRV - [2007.03.01 12:12:16 | 000,058,368 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\slabbus.sys -- (slabbus)
DRV - [2006.08.03 10:45:54 | 000,494,135 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\s7otranx.sys -- (s7otranx)
DRV - [2006.08.03 10:45:30 | 000,173,623 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\s7osmcax.sys -- (s7osmcax)
DRV - [2006.07.11 13:54:02 | 000,180,285 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\SNTIE.SYS -- (SNTIE)
DRV - [2006.07.11 13:16:42 | 000,028,331 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\dpmtrcdd.sys -- (Dpmtrcdd)
DRV - [2006.04.19 18:15:08 | 000,097,792 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\ACEDRV05.sys -- (ACEDRV05)
DRV - [2006.04.19 10:47:59 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2006.01.26 13:29:54 | 000,070,912 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\s7snsrtx.sys -- (s7snsrtx)
DRV - [2006.01.12 10:37:38 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\actser.sys -- (actser)
DRV - [2006.01.12 10:37:38 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\vsb.sys -- (vsbus)
DRV - [2006.01.12 10:37:36 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\vserial.sys -- (vserial)
DRV - [2005.06.02 19:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.03.30 09:12:38 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINNT\System32\drivers\TVicPort.sys -- (TVicPort)
DRV - [2004.11.26 13:36:26 | 000,007,808 | ---- | M] (Ahead Software AG) [Recognizer | System | Unknown] -- C:\WINNT\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2004.11.26 13:36:24 | 000,098,176 | ---- | M] (Ahead Software AG) [File_System | Disabled | Running] -- C:\WINNT\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2004.11.26 13:36:06 | 000,028,928 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINNT\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2004.11.26 13:36:02 | 000,027,648 | ---- | M] (Ahead Software AG) [Kernel | System | Stopped] -- C:\WINNT\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2004.09.29 01:22:22 | 000,800,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.05.05 13:40:38 | 000,019,584 | ---- | M] (Pinnacle Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\emAudio.sys -- (emAudio)
DRV - [2004.04.06 14:08:06 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2004.04.06 14:07:58 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2004.04.06 14:07:54 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2003.11.10 16:22:12 | 000,026,944 | ---- | M] () [Kernel | Auto | Running] -- C:\Programme\Gemeinsame Dateien\Siemens\SWS\plugins\scp\scpdrv.sys -- (scpdrv)
DRV - [2003.07.16 14:27:40 | 000,043,264 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2003.07.02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2002.10.18 00:34:14 | 000,030,512 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\s7oefs_x.sys -- (s7oefs_x)
DRV - [2001.08.17 14:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 10:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\irsir.sys -- (irsir)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.26010003&st=12&barid={03020337-18FB-4E8D-9887-8C346B8D98A0}
IE - HKLM\..\SearchScopes,DefaultScope = {E20A9C8D-67F9-4F15-B1AE-4FA088EF27E3}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKCU\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFre0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {E20A9C8D-67F9-4F15-B1AE-4FA088EF27E3}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{B06738FB-46D4-4E39-A620-02FF7F65495A}: "URL" = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
IE - HKCU\..\SearchScopes\{E20A9C8D-67F9-4F15-B1AE-4FA088EF27E3}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7AURU_deAT501
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.at"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINNT\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Programme\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.12.04 03:46:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Programme\Kaspersky Lab\Kaspersky PURE\THBExt [2012.03.21 15:52:23 | 000,000,000 | ---D | M]
 
[2012.09.15 01:48:48 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Mozilla\Extensions
[2012.10.26 21:52:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Mozilla\Firefox\Profiles\r9eii74u.default\extensions
[2012.12.04 03:46:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.27 02:45:59 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: SweetIM Search (Enabled)
CHR - default_search_provider: search_url = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={03020337-18FB-4E8D-9887-8C346B8D98A0}
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: NPCIG.dll (Enabled) = C:\Programme\Canon\MyCamera Download Plugin\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Programme\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINNT\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Drive = C:\Dokumente und Einstellungen\E W\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\E W\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\E W\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\E W\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2010.10.28 09:08:52 | 000,000,881 | ---- | M]) - C:\WINNT\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 192.168.0.133	exchange3000.linztextil.local, exchange3000
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Freeware.de Toolbar) - {7E111A5C-3D11-4F56-9463-5310C3C69025} - C:\Programme\Freeware.de\prxtbFre0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avp] C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - Startup: C:\Dokumente und Einstellungen\E W\Startmenü\Programme\Autostart\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Web-Suche - C:\Programme\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Reg Error: Key error. - {CCA281CA-C863-46ef-9331-5C8D4460577F} - Reg Error: Key error. File not found
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5} hxxp://www.partserver.de/partserver/viewer/cnsweb3d/cnsweb3d.cab (PARTcommunity 3D Web Viewer)
O16 - DPF: {1F831FA3-42FC-11D4-95A6-0080AD30DCE1} file://C:\Programme\AutoCAD LT 2002 Deu\InstFred.ocx (InstaFred)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {AE563724-B4F5-11D4-A415-00108302FDFD} file://C:\Programme\AutoCAD LT 2002 Deu\InstBanr.ocx (NOXLATE-BANR)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Programme\AutoCAD LT 2002 Deu\AcPreview.ocx (AcPreview-Steuerung)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA0A2658-642C-45F7-84D9-CF3A2E3857C6}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\stibo {FFAD3420-6D61-44F6-BA25-293F17152D79} - C:\Programme\Gemeinsame Dateien\Stibo\RS_ProtocolHandler.dll (Stibo Catalog)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\kloehk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINNT\system32\userinit.exe) - C:\WINNT\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\WINNT\system32\klogon.dll) - C:\WINNT\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINNT\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINNT\Web\Wallpaper\Grüne Idylle.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.02.25 13:17:20 | 000,000,018 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b266d9f4-37cd-11df-9fd8-a535c5d25393}\Shell\AutoRun\command - "" = F:\SamsungSoftware\APPInst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINNT\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINNT\system32\Rundll32.exe c:\WINNT\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {A96854F1-8559-A2F3-306C-A2CBADDF6B1D} - Browseranpassungen
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - 
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINNT\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINNT\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINNT\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{99820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: Microsoft Base Smart Card Crypto Provider Package - 
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^BTTray.lnk - Reg Error: Key error. - File not found
MsConfig - StartUpReg: AVP - hkey= - key= - Reg Error: Key error. File not found
MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - Reg Error: Key error. File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - Reg Error: Key error. File not found
MsConfig - StartUpReg: SpyHunter Security Suite - hkey= - key= - Reg Error: Key error. File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.06 06:50:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\E W\Desktop\OTL.exe
[2012.12.06 05:06:43 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\E W\Recent
[2012.12.05 07:26:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Malwarebytes
[2012.12.05 07:25:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.12.05 07:25:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.12.05 07:25:24 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2012.12.05 07:25:24 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.12.04 03:46:40 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service
[2012.12.03 12:34:33 | 000,448,816 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\E W\Desktop\rannohdecryptor.exe
[2012.12.03 07:43:40 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.12.01 09:15:31 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012.12.01 09:15:30 | 000,000,000 | ---D | C] -- C:\Programme\Enigma Software Group
[2012.12.01 09:15:05 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
[2012.12.01 08:42:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
[2012.12.01 08:34:51 | 000,000,000 | -HSD | C] -- C:\WINNT\CSC
[2012.11.29 19:57:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\ImgBurn
[2012.11.29 19:56:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ImgBurn
[2012.11.29 19:52:58 | 000,000,000 | ---D | C] -- C:\Programme\ImgBurn
[2012.11.29 19:17:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\E W\Eigene Dateien\Neuer Ordner (2)
[2012.11.07 16:04:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\E W\Eigene Dateien\MEBEDO
[2012.11.07 10:45:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\TeamViewer
[2010.08.27 19:01:45 | 001,185,128 | ---- | C] (Piriform Ltd) -- C:\Programme\ccsetup235_slim.exe
[343 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]
[33 C:\WINNT\System32\dllcache\*.tmp files -> C:\WINNT\System32\dllcache\*.tmp -> ]
[1 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\WINNT\System32\drivers\mshcmd.sys.
[2012.12.06 06:50:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\E W\Desktop\OTL.exe
[2012.12.06 06:45:12 | 000,001,618 | ---- | M] () -- C:\WINNT\System32\wpa.dbl
[2012.12.06 06:45:07 | 000,001,080 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.06 06:41:01 | 000,000,880 | ---- | M] () -- C:\WINNT\tasks\Adobe Flash Player Updater.job
[2012.12.06 06:22:02 | 000,001,084 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.06 06:01:22 | 000,002,048 | --S- | M] () -- C:\WINNT\bootstat.dat
[2012.12.06 06:01:20 | 2146,226,176 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.05 15:48:18 | 000,002,463 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\Desktop\Microsoft OneNote 2010.lnk
[2012.12.05 14:15:01 | 000,002,589 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\Desktop\Microsoft Outlook 2010.lnk
[2012.12.05 10:42:19 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\Startmenü\Programme\Autostart\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
[2012.12.05 07:25:55 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.04 15:57:30 | 000,002,485 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\Desktop\Microsoft Word 2010.lnk
[2012.12.04 08:12:44 | 000,000,127 | ---- | M] () -- C:\WINNT\zyyusb.ini
[2012.12.03 12:34:35 | 000,448,816 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\E W\Desktop\rannohdecryptor.exe
[2012.12.03 10:33:10 | 000,000,813 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\Desktop\Internet Explorer (ohne Add-Ons).lnk
[2012.12.03 09:57:08 | 000,000,207 | -HS- | M] () -- C:\boot.ini
[2012.12.03 09:38:32 | 000,000,004 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\skype.ini
[2012.12.01 10:27:19 | 000,001,324 | ---- | M] () -- C:\WINNT\System32\d3d9caps.dat
[2012.12.01 08:42:43 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2012.12.01 03:36:13 | 000,000,116 | ---- | M] () -- C:\WINNT\NeroDigital.ini
[2012.11.29 19:56:38 | 000,001,492 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ImgBurn.lnk
[2012.11.29 16:15:00 | 000,002,487 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\Desktop\Microsoft Excel 2010.lnk
[2012.11.19 20:59:13 | 000,066,715 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\Eigene Dateien\g33 umrichter.pdf
[2012.11.07 16:40:02 | 000,044,752 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\Eigene Dateien\schaltschrankexperten.pdf
[2012.11.07 14:42:43 | 000,002,988 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\.recently-used.xbel
[343 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]
[33 C:\WINNT\System32\dllcache\*.tmp files -> C:\WINNT\System32\dllcache\*.tmp -> ]
[1 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
File not found -- C:\WINNT\System32\drivers\mshcmd.sys.
[2012.12.05 07:25:55 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.04 03:46:44 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.12.03 10:33:10 | 000,000,813 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Desktop\Internet Explorer (ohne Add-Ons).lnk
[2012.12.01 10:30:23 | 2146,226,176 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.01 08:42:43 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2012.12.01 04:45:20 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\skype.ini
[2012.11.29 19:52:59 | 000,001,492 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ImgBurn.lnk
[2012.11.19 20:58:36 | 000,066,715 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Eigene Dateien\g33 umrichter.pdf
[2012.11.07 16:39:53 | 000,044,752 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Eigene Dateien\schaltschrankexperten.pdf
[2012.11.07 14:42:43 | 000,002,988 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\.recently-used.xbel
[2012.10.17 03:01:11 | 083,023,306 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\xoferif.pad
[2012.09.21 11:07:16 | 000,052,544 | ---- | C] () -- C:\WINNT\System32\drivers\gmc-i_cdc_x86.sys
[2012.07.19 06:21:24 | 000,028,672 | ---- | C] () -- C:\WINNT\System32\FHid.dll
[2012.07.19 06:21:23 | 000,020,480 | ---- | C] () -- C:\WINNT\System32\fvcm3_tl.dll
[2012.07.19 06:21:22 | 000,450,560 | ---- | C] () -- C:\WINNT\System32\PEGRC32B.dll
[2012.06.22 12:01:30 | 000,019,984 | ---- | C] () -- C:\WINNT\System32\ESGScanner.sys
[2012.06.22 12:01:30 | 000,019,984 | ---- | C] () -- C:\WINNT\System32\drivers\EsgScanner.sys
[2012.04.17 10:02:49 | 000,000,000 | ---- | C] () -- C:\WINNT\mtstack.INI
[2012.03.21 15:54:01 | 000,116,189 | ---- | C] () -- C:\WINNT\System32\drivers\klin.dat
[2012.03.21 15:54:00 | 000,098,168 | ---- | C] () -- C:\WINNT\System32\drivers\klick.dat
[2012.03.14 08:23:13 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\.gtk-bookmarks
[2012.02.28 10:04:15 | 000,000,307 | ---- | C] () -- C:\WINNT\System32\MODBUS01.ini
[2012.02.22 21:34:34 | 000,080,896 | ---- | C] () -- C:\WINNT\cadkasdeinst01.exe
[2012.02.15 07:06:07 | 000,013,888 | ---- | C] () -- C:\WINNT\WDTGR.DLL
[2012.02.15 07:06:07 | 000,008,096 | ---- | C] () -- C:\WINNT\WCDTGR.DLL
[2012.02.15 07:06:07 | 000,006,656 | ---- | C] () -- C:\WINNT\WNETWAY.DLL
[2012.02.15 07:06:07 | 000,004,064 | ---- | C] () -- C:\WINNT\WNETWT16.DLL
[2011.12.14 19:41:30 | 000,003,054 | ---- | C] () -- C:\WINNT\Ascd_tmp.ini
[2011.12.13 14:48:09 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db
[2011.11.16 18:32:29 | 000,233,472 | ---- | C] () -- C:\WINNT\System32\cmirmdrv.exe
[2011.11.16 18:32:29 | 000,028,672 | ---- | C] () -- C:\WINNT\System32\cmirmdrv.dll
[2011.11.16 18:32:27 | 000,116,930 | ---- | C] () -- C:\WINNT\Cmuda.ini
[2011.11.16 18:29:44 | 000,005,824 | ---- | C] () -- C:\WINNT\System32\drivers\ASUSHWIO.SYS
[2011.11.07 22:39:02 | 001,988,376 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.09.07 20:14:37 | 000,007,680 | R--- | C] () -- C:\WINNT\System32\CCNMMNT.DLL
[2011.09.07 20:14:01 | 000,036,864 | ---- | C] () -- C:\WINNT\System32\u2lexch.dll
[2011.09.07 20:14:01 | 000,027,136 | ---- | C] () -- C:\WINNT\System32\u2lsamp1.dll
[2011.09.07 20:14:01 | 000,012,288 | ---- | C] () -- C:\WINNT\System32\u2lfinra.dll
[2011.09.07 20:14:00 | 000,040,960 | ---- | C] () -- C:\WINNT\System32\u2lbar.dll
[2011.09.07 20:14:00 | 000,038,400 | ---- | C] () -- C:\WINNT\System32\u2ldts.dll
[2011.09.07 20:13:59 | 000,044,544 | ---- | C] () -- C:\WINNT\System32\u25dts.dll
[2011.09.07 20:13:58 | 000,306,176 | ---- | C] () -- C:\WINNT\System32\p2smcube.dll
[2011.09.07 20:13:58 | 000,239,616 | ---- | C] () -- C:\WINNT\System32\p2solap.dll
[2011.09.07 20:13:57 | 000,300,544 | ---- | C] () -- C:\WINNT\System32\p2molap.dll
[2011.09.07 20:13:53 | 000,017,920 | ---- | C] () -- C:\WINNT\System32\implode.dll
[2011.09.05 15:04:21 | 000,000,000 | ---- | C] () -- C:\WINNT\PROGDIS4.INI
[2011.09.05 14:45:11 | 000,018,884 | ---- | C] () -- C:\WINNT\System32\drivers\F3B3933F.bin
[2011.09.05 14:43:40 | 000,259,584 | ---- | C] () -- C:\WINNT\System32\drivers\XHASP.sys
[2011.06.27 19:38:18 | 000,000,127 | ---- | C] () -- C:\WINNT\zyyusb.ini
[2010.11.09 12:54:15 | 000,000,027 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Lokale Einstellungen\Anwendungsdaten\settings.ini
[2010.10.20 10:32:25 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2010.10.08 17:22:22 | 000,042,286 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Lotus Organizer 5.x.ADR
[2010.10.08 17:22:20 | 000,009,952 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Lotus Organizer 5.x.TSK
[2010.10.08 17:22:19 | 000,011,726 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Lotus Organizer 5.x.CAL
[2010.08.28 20:25:19 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\wklnhst.dat
[2008.12.22 12:54:42 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\myAVR_WorkpadPLUS_Demo.cfg
[2008.12.22 12:54:41 | 000,000,978 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\myAVR_WorkpadPLUS_Demo.cfg
[2006.12.12 06:58:29 | 000,153,088 | ---- | C] () -- C:\Programme\UNWISE.EXE
[2005.02.25 18:25:05 | 000,074,240 | ---- | C] () -- C:\Dokumente und Einstellungen\E W\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009.06.17 15:08:42 | 000,000,227 | RHS- | M] () -- C:\WINNT\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 06:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINNT\system32\wbem\fastprox.dll -- [2009.07.06 12:46:22 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINNT\system32\wbem\wbemess.dll -- [2008.04.14 06:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.09.07 14:32:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2011.09.08 14:02:07 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012.09.07 15:51:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\clonehdd
[2012.09.07 18:01:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\deletepart
[2011.09.05 14:08:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPLAN
[2012.09.07 14:53:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\explauncher
[2010.03.23 15:56:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Festo
[2012.12.04 08:13:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firebird
[2005.03.09 12:57:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\gotomaxx
[2012.09.07 14:53:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\launcher
[2011.06.27 13:41:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MEBEDO
[2012.09.07 18:02:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mergeparts
[2006.02.20 13:13:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2009.10.20 14:00:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Newsoft
[2011.10.03 09:54:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PhotoStitch
[2012.02.28 11:27:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Schneider Electric
[2012.03.08 01:18:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2005.04.21 07:35:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Autodesk
[2012.10.12 09:22:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\cadenas
[2011.10.03 09:53:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Canon
[2005.03.01 21:33:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\disk2go
[2010.03.23 15:55:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Festo
[2010.03.23 16:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\FestoCAD
[2012.03.07 22:30:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\GoPro
[2005.03.09 12:57:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\gotomaxx
[2012.11.07 14:42:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\gtk-2.0
[2008.01.29 19:44:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\HEROLD Business Data
[2012.11.29 19:57:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\ImgBurn
[2005.03.01 20:58:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\KeySafe
[2011.12.14 23:35:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\MAGIX
[2010.06.04 16:33:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\MCS Electronics
[2012.05.27 10:30:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\NASNaviator2
[2012.05.02 08:16:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\PriceGong
[2010.02.19 07:15:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Siemens
[2011.06.27 13:45:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Softland
[2007.11.19 18:53:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Stibo
[2012.05.24 05:48:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Systweak
[2012.11.07 10:45:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\TeamViewer
[2011.04.04 13:31:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Windows Desktop Search
[2011.04.04 13:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\Windows Search
[2006.08.29 15:09:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\E W\Anwendungsdaten\XCPCSync.OEM
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2011.04.05 05:19:56 | 000,000,000 | ---D | M] -- C:\9173d2b22c9f5ece2bda
[2009.11.16 17:38:26 | 000,000,000 | ---D | M] -- C:\ATI
[2011.08.16 15:50:24 | 000,000,000 | -HSD | M] -- C:\AX NF ZZ
[2009.06.17 15:13:55 | 000,000,000 | ---D | M] -- C:\Beha
[2009.11.17 14:19:27 | 000,000,000 | ---D | M] -- C:\CA
[2010.02.18 07:33:58 | 000,000,000 | ---D | M] -- C:\Camozzi
[2006.03.03 14:27:22 | 000,000,000 | ---D | M] -- C:\computec
[2012.06.09 13:51:10 | 000,000,000 | ---D | M] -- C:\COMTEST
[2008.08.07 15:10:03 | 000,000,000 | ---D | M] -- C:\COMTEST_HOME_V650
[2012.12.01 09:15:37 | 000,000,000 | ---D | M] -- C:\Config.Msi
[2011.09.05 16:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings
[2012.04.26 22:45:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2011.09.06 16:34:18 | 000,000,000 | ---D | M] -- C:\EPLAN4
[2008.12.17 15:10:29 | 000,000,000 | ---D | M] -- C:\Europa
[2005.10.20 13:10:26 | 000,000,000 | ---D | M] -- C:\ExpressOffice
[2008.01.10 22:06:55 | 000,000,000 | ---D | M] -- C:\EZSocket
[2006.09.06 15:59:06 | 000,000,000 | ---D | M] -- C:\FESTO
[2012.06.20 19:17:33 | 000,000,000 | ---D | M] -- C:\FESTODB
[2012.07.19 06:17:42 | 000,000,000 | ---D | M] -- C:\Fluke
[2008.01.11 11:53:00 | 000,000,000 | ---D | M] -- C:\invsupe1
[2012.12.03 10:46:45 | 000,000,000 | ---D | M] -- C:\Kaspersky Rescue Disk 10.0
[2005.03.08 06:50:19 | 000,000,000 | ---D | M] -- C:\KebData
[2006.11.27 10:06:44 | 000,000,000 | ---D | M] -- C:\LINDE_ETK
[2011.06.27 13:50:30 | 000,000,000 | ---D | M] -- C:\Mebedo
[2005.02.25 14:05:45 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2008.12.17 18:30:29 | 000,000,000 | ---D | M] -- C:\PI
[2011.11.16 18:36:33 | 000,000,000 | ---D | M] -- C:\PROGRAM FILES
[2012.12.05 07:25:24 | 000,000,000 | R--D | M] -- C:\Programme
[2012.12.01 08:47:54 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2005.02.25 13:17:28 | 000,000,000 | ---D | M] -- C:\S7_200MD
[2012.12.01 09:15:55 | 000,000,000 | ---D | M] -- C:\sh4ldr
[2009.03.24 19:34:26 | 000,000,000 | ---D | M] -- C:\SiLabs
[2010.12.03 15:42:11 | 000,000,000 | ---D | M] -- C:\SWSetup
[2012.10.19 22:42:12 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.01.27 16:21:23 | 000,000,000 | ---D | M] -- C:\Temp
[2012.09.13 06:34:13 | 000,000,000 | ---D | M] -- C:\tmp
[2012.12.04 12:00:39 | 000,000,000 | ---D | M] -- C:\VNC
[2007.10.15 06:21:58 | 000,000,000 | ---D | M] -- C:\WF98
[2012.12.06 06:01:33 | 000,000,000 | ---D | M] -- C:\WINNT
[2008.06.02 06:49:28 | 000,000,000 | ---D | M] -- C:\WPAT
[2005.03.24 11:30:30 | 000,000,000 | ---D | M] -- C:\YEPOE
[2005.11.24 16:05:51 | 000,000,000 | ---D | M] -- C:\ZIP
 
< %PROGRAMFILES%\*.exe >
[2010.08.27 19:01:56 | 001,185,128 | ---- | M] (Piriform Ltd) -- C:\Programme\ccsetup235_slim.exe
[2002.07.26 17:02:06 | 000,153,088 | ---- | M] () -- C:\Programme\UNWISE.EXE
Invalid Environment Variable: LOCALAPPDATA
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2005.02.18 10:59:16 | 000,000,065 | RH-- | C] () -- C:\WINNT\Tasks\desktop.ini
[2005.02.18 11:04:41 | 000,000,006 | -H-- | C] () -- C:\WINNT\Tasks\SA.DAT
[2006.01.09 08:54:24 | 000,000,286 | ---- | C] () -- C:\WINNT\Tasks\Lotus Organizer.job
[2012.09.12 00:06:22 | 000,001,080 | ---- | C] () -- C:\WINNT\Tasks\GoogleUpdateTaskMachineCore.job
[2012.09.12 00:06:23 | 000,001,084 | ---- | C] () -- C:\WINNT\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.15 00:59:22 | 000,000,880 | ---- | C] () -- C:\WINNT\Tasks\Adobe Flash Player Updater.job
 
< MD5 for: AGP440.SYS  >
[2009.07.06 12:54:09 | 017,818,190 | ---- | M] () .cab file -- C:\WINNT\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.13 21:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINNT\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.06 12:54:09 | 017,818,190 | ---- | M] () .cab file -- C:\WINNT\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 21:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINNT\system32\drivers\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 06:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINNT\system32\dllcache\eventlog.dll
[2008.04.14 06:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINNT\system32\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.04.14 06:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINNT\explorer.exe
[2008.04.14 06:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINNT\system32\dllcache\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2008.06.09 12:30:13 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\WINNT\NLDRV\001\iastor.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.06 12:47:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B4D6D344EACDA356D4AAAC7757955F0C -- C:\WINNT\system32\dllcache\netlogon.dll
[2009.07.06 12:47:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B4D6D344EACDA356D4AAAC7757955F0C -- C:\WINNT\system32\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 06:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINNT\system32\dllcache\scecli.dll
[2008.04.14 06:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINNT\system32\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.04.14 06:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINNT\system32\dllcache\user32.dll
[2008.04.14 06:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINNT\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 06:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINNT\system32\dllcache\userinit.exe
[2008.04.14 06:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINNT\system32\userinit.exe
 
< MD5 for: VIAMRAID.SYS  >
[2004.05.18 15:55:26 | 000,074,112 | ---- | M] (VIA Technologies inc,.ltd) MD5=F199939205DCCC7836AE5AB8B5DD5E83 -- C:\WINNT\system32\drivers\viamraid.sys
 
< MD5 for: WINLOGON.EXE  >
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 06:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINNT\system32\dllcache\winlogon.exe
[2008.04.14 06:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINNT\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2003.04.02 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINNT\system32\dllcache\ws2ifsl.sys
[2003.04.02 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINNT\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2009.10.15 08:15:44 | 000,524,288 | ---- | M] () -- C:\WINNT\System32\config\default.sav
[2009.10.15 06:07:11 | 000,262,144 | ---- | M] () -- C:\WINNT\System32\config\security.sav
[2009.10.15 08:15:44 | 025,690,112 | ---- | M] () -- C:\WINNT\System32\config\software.sav
[2009.10.15 08:15:45 | 004,980,736 | ---- | M] () -- C:\WINNT\System32\config\system.sav
 
< %systemroot%\system32\*.dll /lockedfiles >
[343 C:\WINNT\system32\*.tmp files -> C:\WINNT\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2012.03.14 08:23:13 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\.gtk-bookmarks
[2012.11.07 14:42:43 | 000,002,988 | ---- | M] () -- C:\Dokumente und Einstellungen\E W\.recently-used.xbel
[2012.12.06 05:07:05 | 012,582,912 | -H-- | M] () -- C:\Dokumente und Einstellungen\E W\NTUSER.DAT
[2012.12.06 07:45:29 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\E W\ntuser.dat.LOG
[2012.12.06 05:07:05 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\E W\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 142 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:054203E4

< End of report >
         
--- --- ---



mfg HS77
__________________

Alt 06.12.2012, 09:56   #4
hs77
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



Und hier der Extras.txt Log:OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 06.12.2012 06:55:03 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\E W\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 75,50% Memory free
2,60 Gb Paging File | 2,08 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Programme
Drive C: | 111,79 Gb Total Space | 52,21 Gb Free Space | 46,71% Space Free | Partition Type: NTFS
 
Computer Name: EW | User Name: E W | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
.jse [@ = JSEFile] -- C:\WINNT\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINNT\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINNT\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINNT\System32\CScript.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%ProgramFiles%\messenger\msmsgs.exe" = %ProgramFiles%\messenger\msmsgs.exe:*:enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\Siemens\SQLANY\dbsrv7.exe" = C:\Programme\Gemeinsame Dateien\Siemens\SQLANY\dbsrv7.exe:*:Enabled:Adaptive Server Anywhere Network Server -- (Sybase, Inc.)
"C:\Programme\Siemens\Step7\S7BIN\S7tgtopx.exe" = C:\Programme\Siemens\Step7\S7BIN\S7tgtopx.exe:*:Enabled:SIEMENS STEP7 SIMATIC Manager -- (SIEMENS AG)
"C:\Programme\Siemens\Step7\S7INF\S7usiapx.exe" = C:\Programme\Siemens\Step7\S7INF\S7usiapx.exe:*:Enabled:SIEMENS STEP7 S7InfoBox -- (SIEMENS AG)
"C:\Programme\Microsoft Office\Office14\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\WINNT\system32\msiexec.exe" = C:\WINNT\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager
"C:\Dokumente und Einstellungen\E W\Lokale Einstellungen\Temporary Internet Files\Content.IE5\TX2JAS7H\FlashPlayerSDM[1].exe" = C:\Dokumente und Einstellungen\E W\Lokale Einstellungen\Temporary Internet Files\Content.IE5\TX2JAS7H\FlashPlayerSDM[1].exe:*:Enabled:InHouseSDM Setup
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
""Bilder-CD Fachkunde Elektrotechnik"_is1" = Bilder-CD für Fachkunde Elektrotechnik, 25. Auflage - Einzelliz
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06F4D9F7-05E3-4AB0-BD82-1A49E241CEEA}" = CA 01 - der interaktive Katalog von Industry Automation and Drive Technologies
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C4A8437-F060-4BEA-B819-F2AC7FA73E8A}" = Festo - Produktkatalog
"{10B15004-CD2A-49BD-ACB7-DFA124F39273}" = SA Drivers Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series" = Canon iP4600 series Printer Driver
"{16E20A3E-2B8B-4B1B-8E7B-5738B940D442}" = Brother P-touch Editor Etikettenvorlagen - Vertrieb #4 [DEU]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"{1C0CDD0D-9EF8-4A77-A6D6-B656696DAC7E}" = VPlus User Interface
"{1D2811CD-9B9C-447D-A6FB-0CDBEB36B4AC}" = Brother P-touch Editor Etikettenvorlagen - Kalender #1 [DEU]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61DE24-8817-4448-8699-85476867ADBF}" = Brother P-touch Editor Etikettenvorlagen - Halloween [DEU]
"{204A9B50-FDF7-467B-9369-4C1E157F99D2}" = ATV12
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Reg Error: Key error.
"{248C9DB1-8517-4079-AD33-D249C80D184A}_is1" = GMC-I Driver Control 1.13.00
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{2CE2E69E-4D92-4586-8953-4BA929325C16}" = ATV32
"{2FCD1C52-C4CB-4E90-A92B-F826F85CEF78}" = ATS48
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3709EF38-C2EF-4298-AB38-37F4B14D147E}" = FlukeViewFormsVcRedist
"{38F9BADC-91BB-48E2-8CD3-4C71FE623FF8}" = Brother P-touch Editor Etikettenvorlagen - Persönlich #3 [DEU]
"{3A9E9C5D-F013-4CB7-9CA9-EB481501DBB4}" = Brother P-touch Update Software
"{3B699F44-DB65-41F3-8A56-A930EC4EFD18}" = es control 2.2 professional DEMO
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41D24F03-8CFC-11DA-918F-00E018812E83}" = PCSoft
"{42DAAC10-A93B-4321-B84D-AFDAD16256EF}" = Lexium32C
"{4439DB92-A89B-4C8C-B1D4-82F67952DCA5}" = Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista_2 (c:\SiLabs\MCU_2)
"{47F94730-ABD2-47F6-920E-EA8CDB6DD0C6}_is1" = BASCOM-AVR
"{490A0AB2-4AD1-4593-A718-929D36BCD53C}" = SA MODBUS Driver
"{499642A5-2A72-421B-9211-C0B5AAAB47A3}" = Brother P-touch Editor Etikettenvorlagen - Valentinstag [DEU]
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{4B400FF7-6500-460E-BC8A-D2B9DF8584F2}" = Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista
"{4C5002C1-8EDC-450F-9DFD-53E326417D6F}" = Brother P-touch Editor Etikettenvorlagen - Anlage #1 [DEU]
"{5783F2D7-0109-0407-0000-0060B0CE6BBA}" = AutoCAD LT 2002 - Deutsch
"{59DF4C0C-8FC1-4874-8888-6BD8A601B32A}" = maxx PDFMAILER Professional
"{5B12573C-9C90-4790-BFEE-2BC43C2EB997}" = SmartSync
"{5E0F5138-E1FC-4E58-B4B2-D3E774699620}" = ATV71
"{5F5D992B-7026-4602-A9B2-9123748C75B3}_is1" = Electric Testing Center 01.34.00
"{626B1DBF-33FA-4AA7-ABBC-2293DB0275CC}" = es control 2.5 professional
"{63702CB3-38D5-11D4-9A93-00C04F281EE2}" = FlukeView Forms
"{647EF25A-BCE9-4918-935C-E9029D61E4DF}" = ATS22
"{64DE5804-7937-466A-89E9-EB6DC501C910}" = vrt-disk 2006
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{690686D0-3769-47E4-A03F-58B886508AFC}" = SoMove Lite
"{6D7CD859-E40E-4020-B210-872762EA5821}" = Automation License Manager V2.2 + HF2 Professional  
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75733889-B355-4EE6-B9A1-401F09542832}" = Brother P-touch Editor Etikettenvorlagen - Feiertag #1 [DEU]
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}" = Crystal Reports for .NET Framework 2.0 (x86)
"{7D386596-0E80-4808-8AAE-C1DDA8212F7F}" = Adobe Setup
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{8264F6A2-F054-4E4B-BFEC-E4AD0622DDAB}" = ATI AVIVO Codecs
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{851DE1BF-3E57-4035-BD2E-C1FF5644A728}" = LexiumDTMLibrary
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8704D51E-25B7-4F23-81E7-AA4F54790220}" = Microsoft AutoRoute v11.0
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CCE5E3D-7574-4451-84F6-3C902855C6E8}" = Brother P-touch Editor Etikettenvorlagen - Vertrieb #3 [DEU]
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F362FF6-E094-4C65-A5BE-F34F44380CFA}" = PowerSuite Launch Atv61Atv71PLUS
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0000-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer 2007
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{536FB502-775F-4494-BACE-C02CC90B7A5B}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{5C497F0B-2061-4CC9-A61C-6B45B867354D}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{7F207DCA-3399-40CB-A968-6E5991B1421A}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{CD769337-C8AC-46DB-A7DC-643E50089263}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{E1C33B03-3FE9-45BF-91E4-0266F38618C6}" = Reg Error: Key error.
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}" = Reg Error: Key error.
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_SharePointDesigner_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_PRJPRO_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_SharePointDesigner_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_VISPRO_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_SharePointDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_SharePointDesigner_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_PRJPRO_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_SharePointDesigner_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_VISPRO_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2964DDE1-4925-4DF1-AF2C-0A36B3442228}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A1CBF7D-4704-40BC-B31C-AA761884A3E4}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5729F1AE-5895-468F-9165-BAD161C9E982}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{65EA4836-B5A3-4C1D-8883-0C35E471003A}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BDC21583-5601-4B2B-88F3-7919F6DE8FB1}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}" = Reg Error: Key error.
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}" = Reg Error: Key error.
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}" = Reg Error: Key error.
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}" = Reg Error: Key error.
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Reg Error: Key error.
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{5C497F0B-2061-4CC9-A61C-6B45B867354D}" = Reg Error: Key error.
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}" = Reg Error: Key error.
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{7F207DCA-3399-40CB-A968-6E5991B1421A}" = Reg Error: Key error.
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{9E73617F-2F38-4864-BD61-BB2DDFE43323}" = Reg Error: Key error.
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}" = Reg Error: Key error.
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}" = Reg Error: Key error.
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{CD769337-C8AC-46DB-A7DC-643E50089263}" = Reg Error: Key error.
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}" = Reg Error: Key error.
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}" = Reg Error: Key error.
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}" = Reg Error: Key error.
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0E1861EF-D8EF-44F7-B3D0-363056366198}" = Reg Error: Key error.
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Reg Error: Key error.
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Reg Error: Key error.
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{5C497F0B-2061-4CC9-A61C-6B45B867354D}" = Reg Error: Key error.
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}" = Reg Error: Key error.
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{7F207DCA-3399-40CB-A968-6E5991B1421A}" = Reg Error: Key error.
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}" = Reg Error: Key error.
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}" = Reg Error: Key error.
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CD769337-C8AC-46DB-A7DC-643E50089263}" = Reg Error: Key error.
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}" = Reg Error: Key error.
"{90120000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2007
"{90120000-0054-0407-0000-0000000FF1CE}_VISPRO_{60CC0F2D-BFA0-4851-903D-809D876DD87B}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_PRJPRO_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_SharePointDesigner_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_VISPRO_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2007
"{90120000-00B4-0407-0000-0000000FF1CE}_PRJPRO_{16809599-3C53-4A9A-A7E2-74A6D0D2C007}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 14
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{EDED840F-DD92-47ED-A2E4-63F6AC745B92}" = Reg Error: Key error.
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{28857979-5507-4C10-A922-FF709A19D38C}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{294BAA9E-9209-497F-A71F-7E52EFB194D4}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{309EEC22-83CE-4109-B019-BA9392FAA322}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{556146F7-74AE-4E0A-B64F-5B8B93469F61}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B5516874-E926-4BFD-B412-D0E70112F244}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{C0FF04BF-A05E-408B-81CA-B7FACDA508A3}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D6CE7280-6EE3-419A-8F47-DB111C040B1B}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EDF9874C-9E37-4110-9FC3-094247E114DF}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EEB4DDD0-08EA-4787-BDAB-D38D67A35CD5}" = Reg Error: Key error.
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}" = Reg Error: Key error.
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{938D9C57-3CF0-4DA8-B04E-EF99501859B5}" = Mobile Phone Manager
"{95223E93-9B20-4EDE-BF82-40790E6DAD21}" = TeSysU
"{982B8A3B-8DDC-4FEC-8691-78B0F885A804}" = QualiStar View V2.2
"{9ACF534D-2290-4333-AB0D-3AB02A6BBB41}" = Brother P-touch Editor Etikettenvorlagen - Weihnachten [DEU]
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A56C2DDD-FC23-4D61-99BE-66E0B2544AF7}" = Brother P-touch Editor Version 4.0
"{A6B7B910-69BE-4873-8CA8-B5C37BAFE9F4}" = Mobile Modem Assistant
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Join Air
"{AA43FD9F-52DD-4E63-8EEB-70369DE584BC}" = Lexium32M
"{ABA8D649-9066-423C-9211-0F1F8D14E789}" = SIMATIC  STEP 7 V5.4 + SP1 Professional  
"{ABC13EC9-07F5-4186-9A0A-9D70D6CAE9DF}" = ATV61
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{AC94622D-D899-44DF-9857-7DD31958C541}" = Crystal Reports für .NET Framework 2.0 Language Pack (x86) - DEU
"{B38D54F6-C8C3-4420-8708-ADEAEB4F4CF9}" = Samsung USB Driver
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3E1A8A0-2E5A-4871-9BF9-814F10190FE0}" = Schneider Electric Modbus Communication DTM Library
"{B742F265-9B0E-4C0C-AF20-879FBA23AEDF}" = VFD Setup Software(SW2)
"{B8A534D7-2EAE-4885-B769-F30A96E66484}" = Lexium32A
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA91B283-6E94-446C-AFC3-FFF1E9AF366D}" = Farnell InOne CD Catalogue v
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C126D15F-9634-46D2-B0E7-719E8AE20ACD}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C360EAA9-97D2-4B5E-B1D6-3BB675139A7E}" = SITRAINonCD
"{C84CE943-A5F9-4663-8300-F00B1EB526AA}" = AltistartDtmLibrary
"{CABAA5E1-66E4-11DE-B88A-005056C00008}" = Avanquest Partition Commander 11
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC22ADD-3A54-11D6-92A8-00A0245B3AC6}" = SIMATIC SCL Compiler
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D584EF8D-D902-4C2B-982B-084C9B129CEB}" = TeSysT
"{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVRStudio4
"{DBE7B81F-06C9-4C05-A6EF-54572F440E63}" = ATV31
"{DDABC667-56B3-4122-82B0-2F5782EA2F9A}" = SpyHunter
"{DF0C6E14-66D2-43B9-952C-BED09D658D2B}" = DataView
"{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"{E0E9C868-D080-4082-B0F6-97A6484BA40A}" = Brother P-touch Editor Etikettenvorlagen - Arztpraxis #2 [DEU]
"{E421CB9B-3FB9-40AA-991D-F4F81EAE61F3}" = TeSysDTMLibrary
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EB026BC8-E00C-499D-BD87-89A0566BEB0E}" = AVRStudio4
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EFF12CC7-BF6A-41D7-8546-CCB41D0C6C94}" = AltivarDtmLibrary
"{F6C0D92C-7EBC-4CEE-A0DD-BCE6ADB50E22}" = PARTcommunity 3D Web Viewer
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9D1EF75-AD96-4D2E-8143-7CC6C953152D}" = DataView
"A106663FD3361BDFACB045D83EBA03858EB1E411" = Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06)
"Adobe Flash Player ActiveX" = Reg Error: Key error.
"Adobe Flash Player Plugin" = Reg Error: Key error.
"Adobe_25db75244653b42cb93dc27939d1c0e" = Adobe Dreamweaver CS3
"AIDA32_is1" = AIDA32 v3.93
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"AnswerWorks" = AnswerWorks Runtime
"Arts & Letters EXPRESS 7 Office" = Arts & Letters EXPRESS 7 Office
"ATI Display Driver" = ATI Display Driver
"Brother P-touch Quick Editor" = P-touch Quick Editor
"CADdy++ Elektrotechnik" = CADdy++ Elektrotechnik
"CAL" = Canon Camera Access Library
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow Launcher
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon iP4600 series Benutzerregistrierung" = Canon iP4600 series Benutzerregistrierung
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"C-Media Audio" = C-Media 3D Audio
"C-Media Audio Driver" = Reg Error: Key error.
"COMBIVIS5" = COMBIVIS 5
"doPDF 7 printer_is1" = doPDF 7.0 printer
"EAGLE 4.15" = EAGLE 4.15
"ELEKTROmanagerProfessional_is1" = ELEKTROmanagerProfessional 7F08, 01.08.2010
"ELEKTROmanagerProfessional8_is1" = MEBEDO ELEKTROmanagerProfessional8 8F03
"ENTERPRISE" = Microsoft Office Enterprise 2007
"F2F24872454C7CAEAABD8BB063F70FBEFF01989D" = Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06)
"FBDBServer_2_5_is1" = Firebird 2.5.1.26351 (Win32)
"Festo Configurator Version 52.20" = Festo Configurator Version 52.20
"Freeware.de Toolbar" = Freeware.de Toolbar
"FTDICOMM" = FTDI USB Serial Converter Drivers
"GRAPH 7" = SIMATIC S7-GRAPH V5.3 + SP2 Professional
"Hardlock Device Driver" = Hardlock Device Driver
"HDClone.Free.4.1.3.1031-{41484358-C47B-4188-8AE1-F921A3E95DC6}" = HDClone 4.1 Free Edition
"HEROLD Telefonbuch CD home + route" = HEROLD Telefonbuch CD home + route
"hp deskjet 970c series" = hp deskjet 970c series (nur entfernen)
"hp deskjet 970c series_Driver" = hp deskjet 970c series
"iDim2.0" = iDim 2.0
"ImgBurn" = ImgBurn
"InstallShield_{06F4D9F7-05E3-4AB0-BD82-1A49E241CEEA}" = CA 01 - der interaktive Katalog von Industry Automation and Drive Technologies 10-2009 Deutsch
"InstallShield_{938D9C57-3CF0-4DA8-B04E-EF99501859B5}" = Mobile Phone Manager
"InstallShield_{A56C2DDD-FC23-4D61-99BE-66E0B2544AF7}" = Brother P-touch Editor Version 4.0
"InstallShield_{BA91B283-6E94-446C-AFC3-FFF1E9AF366D}" = Farnell InOne CD Catalogue v2.00
"InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Reg Error: Key error.
"InterBase 6.0" = InterBase 6.0
"iPlanSchema5.0" = iPlanSchema 5.0
"KEBManuals" = KEB Manuals
"KOMPASS Digital Map Tirol_is1" = KOMPASS Digital Map Tirol
"LHTTSGED" = L&H TTS3000 Deutsch
"LOGO!Soft Comfort V3.1" = LOGO!Soft Comfort V3.1
"LOGO!Soft Comfort V5.0" = LOGO!Soft Comfort V5.0
"LOGO!Soft Comfort V6.1" = LOGO!Soft Comfort V6.1
"LOGO!Soft Comfort V7.0 " = LOGO!Soft Comfort V7.0 
"LOGOSoft Comfort V4.0" = LOGOSoft Comfort V4.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Memory Manager" = Memory Manager
"MicroCapture" = MicroCapture 2.5
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Reg Error: Key error.
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Reg Error: Key error.
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Reg Error: Key error.
"MicroWin" = MicroWin
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MProg 3.0a" = MProg 3.0a
"MuMSymbolsACUnsinstall" = MuM Symbolbibliotheken für AutoCAD
"MuMSymbolsPicUnsinstall" = MuM Symbolbibliotheken für MS Office
"MyCamera" = Canon Utilities MyCamera
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"Parts-Publisher (DE) 2108" = TRUETZSCHLER Ersatzteil-Katalog (DE)
"Parts-Publisher (EN) 2108" = TRUETZSCHLER Spare Parts Manual (EN)
"PDF-XChange 3_is1" = PDF-XChange 3
"PhotoStitch" = Canon Utilities PhotoStitch
"PLCSim" = SIMATIC S7-PLCSIM V5.3 + SP1 Professional
"PRJPRO" = Microsoft Office Project Professional 2007
"QuickTime" = QuickTime
"SAT 100 Basic" = SAT 100 Basic
"SCL" = SIMATIC S7-SCL V5.3 + SP1 Professional
"SharePointDesigner" = Microsoft Office SharePoint Designer 2007
"SIMATIC STEP 7-Micro/WIN 32 Toolbox V1.0.0.31" = SIMATIC STEP 7-Micro/WIN 32 Toolbox V1.0.0.31
"SIMATIC STEP 7-Micro/WIN 32 V3.1.1.6" = SIMATIC STEP 7-Micro/WIN 32 V3.1.1.6
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"SmartSuite V99.0" = Lotus SmartSuite Version 9.5
"ST6UNST #1" = VFD Setup Software
"TAPPS DE_is1" = TAPPS 1.29 DE
"TrySim" = TrySim
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"UN060501" = BUFFALO NAS Navigator2
"VISPRO" = Microsoft Office Visio Professional 2007
"VLC media player" = VLC media player 2.0.0
"Volo View Express" = Volo View Express
"WinFACT 98" = WinFACT 98
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"WinSATmanager4" = WinSATmanager4
"Winsol" = Winsol
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Works2004Setup" = Setup-Start von Microsoft Works 2004
"WorldCAT®-3D-Designer" = WorldCAT®-3D-Designer
"WUV30" = Windows Update Agent 3.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GeoGebra 4" = GeoGebra 4
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 03.12.2012 14:45:52 | Computer Name = EW | Source = Windows Search Service | ID = 3024
Description = Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf
 die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung
 erneut.  Kontext:  Anwendung, SystemIndex Katalog 
 
Error - 03.12.2012 14:46:57 | Computer Name = EW | Source = Windows Search Service | ID = 3024
Description = Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf
 die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung
 erneut.  Kontext:  Anwendung, SystemIndex Katalog 
 
Error - 03.12.2012 17:39:31 | Computer Name = EW | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\E W\RECENT\DESKTOP.INI> in
 der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
Error - 03.12.2012 20:38:17 | Computer Name = EW | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\E W\RECENT\DESKTOP.INI> in
 der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
Error - 03.12.2012 20:38:17 | Computer Name = EW | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\E W\RECENT\DESKTOP.INI> in
 der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
Error - 03.12.2012 22:07:29 | Computer Name = EW | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\E W\RECENT\DESKTOP.INI> in
 der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
Error - 04.12.2012 00:25:03 | Computer Name = EW | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\E W\RECENT\DESKTOP.INI> in
 der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
Error - 04.12.2012 03:01:57 | Computer Name = EW | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung ELEKTROmanager.exe, Version 8.0.0.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 05.12.2012 00:39:04 | Computer Name = EW | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\E W\RECENT\DESKTOP.INI> in
 der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
Error - 05.12.2012 23:25:09 | Computer Name = EW | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\E W\RECENT\DESKTOP.INI> in
 der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
[ OSession Events ]
Error - 11.10.2010 05:48:05 | Computer Name = EW | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 11.10.2010 05:57:39 | Computer Name = EW | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 14.10.2010 07:10:53 | Computer Name = EW | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 21
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 10.11.2010 11:45:25 | Computer Name = EW | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 17
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 22.11.2012 12:47:03 | Computer Name = EW | Source = Ftdisk | ID = 327711
Description = Der Fehlertoleranztreiber konnte die Datenträgerstrukturen nicht vom
 Datenträger 2 lesen.
 
Error - 22.11.2012 12:47:22 | Computer Name = EW | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HID Input Service" wurde mit folgendem Fehler beendet:
   %%2
 
Error - 22.11.2012 13:28:26 | Computer Name = EW | Source = Ftdisk | ID = 327711
Description = Der Fehlertoleranztreiber konnte die Datenträgerstrukturen nicht vom
 Datenträger 2 lesen.
 
Error - 22.11.2012 13:30:57 | Computer Name = EW | Source = Ftdisk | ID = 327711
Description = Der Fehlertoleranztreiber konnte die Datenträgerstrukturen nicht vom
 Datenträger 2 lesen.
 
Error - 22.11.2012 13:31:59 | Computer Name = EW | Source = Ftdisk | ID = 327711
Description = Der Fehlertoleranztreiber konnte die Datenträgerstrukturen nicht vom
 Datenträger 2 lesen.
 
Error - 22.11.2012 13:33:35 | Computer Name = EW | Source = Ftdisk | ID = 327711
Description = Der Fehlertoleranztreiber konnte die Datenträgerstrukturen nicht vom
 Datenträger 1 lesen.
 
Error - 22.11.2012 15:47:53 | Computer Name = EW | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HID Input Service" wurde mit folgendem Fehler beendet:
   %%2
 
Error - 22.11.2012 15:57:38 | Computer Name = EW | Source = System Error | ID = 1003
Description = Fehlercode 000000ca, 1. Parameter 00000001, 2. Parameter 88f9de30,
 3. Parameter 89012ab8, 4. Parameter 00000000.
 
Error - 23.11.2012 01:29:38 | Computer Name = EW | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HID Input Service" wurde mit folgendem Fehler beendet:
   %%2
 
Error - 24.11.2012 09:23:25 | Computer Name = EW | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HID Input Service" wurde mit folgendem Fehler beendet:
   %%2
 
 
< End of report >
         
--- --- ---

mfg HS77

Alt 06.12.2012, 16:33   #5
markusg
/// Malware-holic
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.12.2012, 07:33   #6
hs77
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



Hallo

Wie kann ich den Report posten, ich kann den Report nicht kopieren.

mfg hs77

Alt 13.12.2012, 15:44   #7
markusg
/// Malware-holic
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



c: öffnen, tdsskiller-datum-version.txt öffnen und dann gehts
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.12.2012, 15:19   #8
hs77
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



Hir der Log vom TDSS Killer

15:13:36.0458 2708 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:13:36.0692 2708 ============================================================
15:13:36.0692 2708 Current date / time: 2012/12/14 15:13:36.0692
15:13:36.0692 2708 SystemInfo:
15:13:36.0692 2708
15:13:36.0692 2708 OS Version: 5.1.2600 ServicePack: 3.0
15:13:36.0692 2708 Product type: Workstation
15:13:36.0692 2708 ComputerName: EW
15:13:36.0692 2708 UserName: E W
15:13:36.0692 2708 Windows directory: C:\WINNT
15:13:36.0692 2708 System windows directory: C:\WINNT
15:13:36.0692 2708 Processor architecture: Intel x86
15:13:36.0692 2708 Number of processors: 2
15:13:36.0692 2708 Page size: 0x1000
15:13:36.0692 2708 Boot type: Normal boot
15:13:36.0692 2708 ============================================================
15:13:39.0458 2708 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:13:39.0458 2708 ============================================================
15:13:39.0458 2708 \Device\Harddisk0\DR0:
15:13:39.0458 2708 MBR partitions:
15:13:39.0458 2708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
15:13:39.0458 2708 ============================================================
15:13:39.0489 2708 C: <-> \Device\Harddisk0\DR0\Partition1
15:13:39.0489 2708 ============================================================
15:13:39.0489 2708 Initialize success
15:13:39.0505 2708 ============================================================
15:13:45.0317 2108 ============================================================
15:13:45.0317 2108 Scan started
15:13:45.0317 2108 Mode: Manual; SigCheck; TDLFS;
15:13:45.0317 2108 ============================================================
15:13:46.0145 2108 ================ Scan system memory ========================
15:13:48.0239 2108 System memory - ok
15:13:48.0239 2108 ================ Scan services =============================
15:13:48.0395 2108 <NtDriverName> - ok
15:13:48.0411 2108 Abiosdsk - ok
15:13:48.0427 2108 abp480n5 - ok
15:13:48.0489 2108 [ 0A1E97197609F92D2425B67DA0BB0A7F ] ACEDRV05 C:\WINNT\system32\drivers\ACEDRV05.sys
15:13:49.0645 2108 ACEDRV05 ( UnsignedFile.Multi.Generic ) - warning
15:13:49.0645 2108 ACEDRV05 - detected UnsignedFile.Multi.Generic (1)
15:13:49.0724 2108 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINNT\system32\DRIVERS\ACPI.sys
15:13:51.0958 2108 ACPI - ok
15:13:51.0989 2108 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINNT\system32\drivers\ACPIEC.sys
15:13:52.0208 2108 ACPIEC - ok
15:13:52.0255 2108 [ 6463D1DB354B13E6CED4D67F6E4910F4 ] actser C:\WINNT\system32\drivers\actser.sys
15:13:52.0302 2108 actser ( UnsignedFile.Multi.Generic ) - warning
15:13:52.0302 2108 actser - detected UnsignedFile.Multi.Generic (1)
15:13:52.0427 2108 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINNT\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:13:52.0474 2108 AdobeFlashPlayerUpdateSvc - ok
15:13:52.0474 2108 adpu160m - ok
15:13:52.0552 2108 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINNT\system32\drivers\aec.sys
15:13:52.0755 2108 aec - ok
15:13:52.0755 2108 AF15BDA - ok
15:13:52.0770 2108 Afc - ok
15:13:52.0817 2108 [ 8D499B1276012EB907E7A9E0F4D8FDA4 ] AFD C:\WINNT\System32\drivers\afd.sys
15:13:53.0099 2108 AFD - ok
15:13:53.0114 2108 Aha154x - ok
15:13:53.0114 2108 aic78u2 - ok
15:13:53.0145 2108 aic78xx - ok
15:13:53.0208 2108 [ 11F424D02AEA63A3A53445087072FDD0 ] aksfridge C:\WINNT\system32\DRIVERS\aksfridge.sys
15:13:53.0552 2108 aksfridge - ok
15:13:53.0614 2108 [ 64FC197D24A2B240598F29CE0A6660C0 ] akshasp C:\WINNT\system32\DRIVERS\akshasp.sys
15:13:53.0692 2108 akshasp - ok
15:13:53.0739 2108 [ 147B61B81BE1FFC38939EA47E5CFB51F ] akshhl C:\WINNT\system32\DRIVERS\akshhl.sys
15:13:53.0817 2108 akshhl - ok
15:13:53.0880 2108 [ CCE6C56F18D214DE8D66F3F2A774CD5B ] aksusb C:\WINNT\system32\DRIVERS\aksusb.sys
15:13:53.0989 2108 aksusb - ok
15:13:54.0052 2108 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINNT\system32\alrsvc.dll
15:13:54.0333 2108 Alerter - ok
15:13:54.0380 2108 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINNT\System32\alg.exe
15:13:54.0583 2108 ALG - ok
15:13:54.0583 2108 AliIde - ok
15:13:54.0817 2108 [ B8B8DC841EEE875F65E0354A07453B47 ] almservice C:\Programme\Gemeinsame Dateien\Siemens\sws\almsrv\almsrvx.exe
15:13:55.0005 2108 almservice ( UnsignedFile.Multi.Generic ) - warning
15:13:55.0005 2108 almservice - detected UnsignedFile.Multi.Generic (1)
15:13:55.0005 2108 amsint - ok
15:13:55.0083 2108 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINNT\System32\appmgmts.dll
15:13:55.0333 2108 AppMgmt - ok
15:13:55.0349 2108 asc - ok
15:13:55.0364 2108 asc3350p - ok
15:13:55.0380 2108 asc3550 - ok
15:13:55.0489 2108 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:13:55.0817 2108 aspnet_state - ok
15:13:55.0880 2108 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINNT\system32\DRIVERS\asyncmac.sys
15:13:56.0130 2108 AsyncMac - ok
15:13:56.0177 2108 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINNT\system32\DRIVERS\atapi.sys
15:13:56.0645 2108 atapi - ok
15:13:56.0661 2108 Atdisk - ok
15:13:56.0724 2108 [ D01BD16ACAB7D7744F8C397EAEBB8798 ] Ati HotKey Poller C:\WINNT\system32\Ati2evxx.exe
15:13:56.0927 2108 Ati HotKey Poller - ok
15:13:57.0036 2108 [ AAE41C74DB4DD34E8E97CB3A7A92C0B6 ] ati2mtag C:\WINNT\system32\DRIVERS\ati2mtag.sys
15:13:57.0255 2108 ati2mtag - ok
15:13:57.0317 2108 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINNT\system32\DRIVERS\atmarpc.sys
15:13:57.0536 2108 Atmarpc - ok
15:13:57.0583 2108 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINNT\System32\audiosrv.dll
15:13:57.0786 2108 AudioSrv - ok
15:13:57.0849 2108 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINNT\system32\DRIVERS\audstub.sys
15:13:58.0052 2108 audstub - ok
15:13:58.0145 2108 [ A2B790F9A751F24F17967F9A5574186D ] AVP C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe
15:13:58.0489 2108 AVP - ok
15:13:58.0552 2108 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINNT\system32\drivers\Beep.sys
15:13:58.0724 2108 Beep - ok
15:13:58.0786 2108 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINNT\system32\qmgr.dll
15:13:59.0005 2108 BITS - ok
15:13:59.0067 2108 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
15:13:59.0145 2108 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
15:13:59.0145 2108 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
15:13:59.0208 2108 [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser C:\WINNT\System32\browser.dll
15:13:59.0520 2108 Browser - ok
15:13:59.0599 2108 [ FABA1418646A2B433C0BDED6FF92D2FA ] btaudio C:\WINNT\system32\drivers\btaudio.sys
15:13:59.0724 2108 btaudio - ok
15:13:59.0770 2108 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINNT\system32\DRIVERS\btport.sys
15:13:59.0817 2108 BTDriver - ok
15:13:59.0911 2108 [ AEF038061BC1CAFB4865D43A85BEB1A1 ] BTKRNL C:\WINNT\system32\DRIVERS\btkrnl.sys
15:14:00.0114 2108 BTKRNL - ok
15:14:00.0224 2108 [ F20629FF9ED48EFA98FDC5D99919E8C0 ] btwdins C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
15:14:00.0270 2108 btwdins - ok
15:14:00.0317 2108 [ 80F61DE965C116051614AC2F04222FF7 ] BTWDNDIS C:\WINNT\system32\DRIVERS\btwdndis.sys
15:14:00.0349 2108 BTWDNDIS - ok
15:14:00.0395 2108 [ 949ECA9C56F657C06D3166D51F3226C7 ] btwhid C:\WINNT\system32\DRIVERS\btwhid.sys
15:14:00.0474 2108 btwhid - ok
15:14:00.0520 2108 [ 179A37C86FD2B9CC28EB93D093D394C7 ] BTWUSB C:\WINNT\system32\Drivers\btwusb.sys
15:14:00.0552 2108 BTWUSB - ok
15:14:00.0614 2108 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINNT\system32\drivers\cbidf2k.sys
15:14:00.0817 2108 cbidf2k - ok
15:14:00.0911 2108 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Programme\Canon\CAL\CALMAIN.exe
15:14:00.0974 2108 CCALib8 ( UnsignedFile.Multi.Generic ) - warning
15:14:00.0974 2108 CCALib8 - detected UnsignedFile.Multi.Generic (1)
15:14:01.0036 2108 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINNT\system32\DRIVERS\CCDECODE.sys
15:14:01.0286 2108 CCDECODE - ok
15:14:01.0286 2108 cd20xrnt - ok
15:14:01.0364 2108 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINNT\system32\drivers\Cdaudio.sys
15:14:01.0552 2108 Cdaudio - ok
15:14:01.0614 2108 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINNT\system32\drivers\Cdfs.sys
15:14:01.0817 2108 Cdfs - ok
15:14:01.0849 2108 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINNT\system32\DRIVERS\cdrom.sys
15:14:01.0942 2108 Cdrom - ok
15:14:01.0958 2108 Changer - ok
15:14:01.0989 2108 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINNT\system32\cisvc.exe
15:14:02.0192 2108 CiSvc - ok
15:14:02.0255 2108 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINNT\system32\clipsrv.exe
15:14:02.0458 2108 ClipSrv - ok
15:14:02.0520 2108 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:14:02.0724 2108 clr_optimization_v2.0.50727_32 - ok
15:14:02.0817 2108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINNT\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:14:02.0864 2108 clr_optimization_v4.0.30319_32 - ok
15:14:02.0864 2108 CmdIde - ok
15:14:02.0942 2108 [ DDCDE8CED6E753F9EBBD07659F808D9D ] cmuda C:\WINNT\system32\drivers\cmuda.sys
15:14:03.0208 2108 cmuda - ok
15:14:03.0224 2108 COMSysApp - ok
15:14:03.0255 2108 Cpqarray - ok
15:14:03.0302 2108 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINNT\System32\cryptsvc.dll
15:14:03.0614 2108 CryptSvc - ok
15:14:03.0661 2108 [ 5CBF20674BE8364FEBB6A13451A42F0A ] CSCrySec C:\WINNT\system32\DRIVERS\CSCrySec.sys
15:14:03.0974 2108 CSCrySec - ok
15:14:04.0114 2108 [ 6E5B42219F1FE4A3D087D9D501E343D5 ] CSObjectsSrv C:\Programme\Gemeinsame Dateien\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
15:14:04.0255 2108 CSObjectsSrv - ok
15:14:04.0317 2108 [ 2C3F213EDDD231099FB779A45D7680E0 ] CSVirtualDiskDrv C:\WINNT\system32\DRIVERS\CSVirtualDiskDrv.sys
15:14:04.0630 2108 CSVirtualDiskDrv - ok
15:14:04.0645 2108 dac2w2k - ok
15:14:04.0661 2108 dac960nt - ok
15:14:04.0708 2108 [ 5118EA8A2F55FA4D4295516500B78229 ] DCamUSBEMPIA C:\WINNT\system32\DRIVERS\emDevice.sys
15:14:04.0864 2108 DCamUSBEMPIA - ok
15:14:04.0927 2108 [ D3D765E8455A961AE567B408F767D4F9 ] DcomLaunch C:\WINNT\system32\rpcss.dll
15:14:05.0130 2108 DcomLaunch - ok
15:14:05.0192 2108 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINNT\System32\dhcpcsvc.dll
15:14:05.0411 2108 Dhcp - ok
15:14:05.0427 2108 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINNT\system32\DRIVERS\disk.sys
15:14:05.0645 2108 Disk - ok
15:14:05.0661 2108 dmadmin - ok
15:14:05.0739 2108 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINNT\system32\drivers\dmboot.sys
15:14:06.0036 2108 dmboot - ok
15:14:06.0067 2108 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINNT\system32\DRIVERS\dmio.sys
15:14:06.0286 2108 dmio - ok
15:14:06.0317 2108 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINNT\system32\drivers\dmload.sys
15:14:06.0520 2108 dmload - ok
15:14:06.0583 2108 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINNT\System32\dmserver.dll
15:14:06.0802 2108 dmserver - ok
15:14:06.0833 2108 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINNT\system32\drivers\DMusic.sys
15:14:07.0020 2108 DMusic - ok
15:14:07.0083 2108 [ 4548494812BA3B416D489E0C6AF8D643 ] Dnscache C:\WINNT\System32\dnsrslvr.dll
15:14:07.0333 2108 Dnscache - ok
15:14:07.0395 2108 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINNT\System32\dot3svc.dll
15:14:07.0614 2108 Dot3svc - ok
15:14:07.0661 2108 [ BE4E6F02AA54B6BE6873010C0D7A2F09 ] Dpmtrcdd C:\WINNT\system32\DRIVERS\dpmtrcdd.sys
15:14:07.0724 2108 Dpmtrcdd ( UnsignedFile.Multi.Generic ) - warning
15:14:07.0724 2108 Dpmtrcdd - detected UnsignedFile.Multi.Generic (1)
15:14:07.0739 2108 dpti2o - ok
15:14:07.0786 2108 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINNT\system32\drivers\drmkaud.sys
15:14:07.0974 2108 drmkaud - ok
15:14:08.0005 2108 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINNT\System32\eapsvc.dll
15:14:08.0317 2108 EapHost - ok
15:14:08.0395 2108 [ 943A8B0C6228023FB89325183C0C639E ] emAudio C:\WINNT\system32\drivers\emAudio.sys
15:14:08.0458 2108 emAudio - ok
15:14:08.0520 2108 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINNT\System32\ersvc.dll
15:14:08.0833 2108 ERSvc - ok
15:14:08.0880 2108 [ 01CE484FF6D70A39479BC6D619DE7ED6 ] EsgScanner C:\WINNT\system32\DRIVERS\EsgScanner.sys
15:14:08.0989 2108 EsgScanner - ok
15:14:09.0052 2108 [ F0A7D59AF279326528715B206669B86C ] Eventlog C:\WINNT\system32\services.exe
15:14:09.0130 2108 Eventlog - ok
15:14:09.0161 2108 [ ADA7241C16F3F42C7F210539FAD5F3AA ] EventSystem C:\WINNT\system32\es.dll
15:14:09.0286 2108 EventSystem - ok
15:14:09.0349 2108 [ 4D893323DAE445E34A4C9038B0551BC9 ] exFat C:\WINNT\system32\drivers\exFat.sys
15:14:09.0489 2108 exFat - ok
15:14:09.0552 2108 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINNT\system32\drivers\Fastfat.sys
15:14:09.0833 2108 Fastfat - ok
15:14:09.0895 2108 [ 927666F4228E3FBBC3D1171581DC8BDC ] FastUserSwitchingCompatibility C:\WINNT\System32\shsvcs.dll
15:14:10.0052 2108 FastUserSwitchingCompatibility - ok
15:14:10.0099 2108 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINNT\system32\DRIVERS\fdc.sys
15:14:10.0286 2108 Fdc - ok
15:14:10.0349 2108 [ A583BC166495B07F704533754CE29CBD ] FETNDISB C:\WINNT\system32\DRIVERS\fetnd5b.sys
15:14:10.0427 2108 FETNDISB - ok
15:14:10.0474 2108 [ 6F87E4706F59463B74BC4FAD0F67338F ] FiltUSBEMPIA C:\WINNT\system32\DRIVERS\emFilter.sys
15:14:10.0520 2108 FiltUSBEMPIA - ok
15:14:10.0583 2108 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINNT\system32\drivers\Fips.sys
15:14:10.0770 2108 Fips - ok
15:14:10.0817 2108 FirebirdServerDefaultInstance - ok
15:14:10.0895 2108 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:14:10.0989 2108 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
15:14:10.0989 2108 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
15:14:11.0052 2108 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINNT\system32\DRIVERS\flpydisk.sys
15:14:11.0224 2108 Flpydisk - ok
15:14:11.0270 2108 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINNT\system32\DRIVERS\fltMgr.sys
15:14:11.0474 2108 FltMgr - ok
15:14:11.0583 2108 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINNT\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:14:11.0630 2108 FontCache3.0.0.0 - ok
15:14:11.0677 2108 [ 30D42943A54704EF13E2562911DBFCEA ] Fs_Rec C:\WINNT\system32\drivers\Fs_Rec.sys
15:14:11.0755 2108 Fs_Rec - ok
15:14:11.0802 2108 [ 47B9CF937AC479046DA289BD5A769CE9 ] FTDIBUS C:\WINNT\system32\drivers\ftdibus.sys
15:14:11.0864 2108 FTDIBUS - ok
15:14:11.0927 2108 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINNT\system32\DRIVERS\ftdisk.sys
15:14:12.0161 2108 Ftdisk - ok
15:14:12.0239 2108 [ 216B9A2191676034999785C7F94FA5D6 ] FTSER2K C:\WINNT\system32\drivers\ftser2k.sys
15:14:12.0302 2108 FTSER2K - ok
15:14:12.0349 2108 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINNT\system32\DRIVERS\gameenum.sys
15:14:12.0567 2108 gameenum - ok
15:14:12.0614 2108 [ FBB83375DFCF0BF28BC50CF95D7B8C32 ] gmc-i_cdc_x86 C:\WINNT\system32\DRIVERS\gmc-i_cdc_x86.sys
15:14:12.0692 2108 gmc-i_cdc_x86 - ok
15:14:12.0739 2108 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINNT\system32\DRIVERS\msgpc.sys
15:14:12.0974 2108 Gpc - ok
15:14:13.0114 2108 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
15:14:13.0395 2108 gupdate - ok
15:14:13.0411 2108 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
15:14:13.0442 2108 gupdatem - ok
15:14:13.0520 2108 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
15:14:13.0708 2108 gusvc - ok
15:14:13.0770 2108 [ 995178A443B07FA9EEAEA041D7B4B5CA ] hardlock C:\WINNT\system32\drivers\hardlock.sys
15:14:14.0067 2108 hardlock - ok
15:14:14.0083 2108 hasplms - ok
15:14:14.0145 2108 [ 2DD25F060DC9F79B5CDF33D90ED93669 ] Haspnt C:\WINNT\system32\drivers\Haspnt.sys
15:14:14.0192 2108 Haspnt ( UnsignedFile.Multi.Generic ) - warning
15:14:14.0192 2108 Haspnt - detected UnsignedFile.Multi.Generic (1)
15:14:14.0286 2108 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINNT\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:14:14.0552 2108 helpsvc - ok
15:14:14.0614 2108 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINNT\system32\DRIVERS\hidusb.sys
15:14:14.0802 2108 HidUsb - ok
15:14:14.0849 2108 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINNT\System32\kmsvc.dll
15:14:15.0036 2108 hkmsvc - ok
15:14:15.0083 2108 [ BCC47D4138EED5C527FC17C9E9D339C4 ] hotcore3 C:\WINNT\system32\DRIVERS\hotcore3.sys
15:14:15.0161 2108 hotcore3 - ok
15:14:15.0177 2108 hpn - ok
15:14:15.0239 2108 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINNT\system32\Drivers\HTTP.sys
15:14:15.0380 2108 HTTP - ok
15:14:15.0427 2108 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINNT\System32\w3ssl.dll
15:14:15.0630 2108 HTTPFilter - ok
15:14:15.0645 2108 i2omgmt - ok
15:14:15.0661 2108 i2omp - ok
15:14:15.0708 2108 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINNT\system32\drivers\i8042prt.sys
15:14:15.0911 2108 i8042prt - ok
15:14:15.0927 2108 iatmunin - ok
15:14:16.0036 2108 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:14:16.0114 2108 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:14:16.0114 2108 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:14:16.0239 2108 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:14:16.0364 2108 idsvc - ok
15:14:16.0411 2108 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINNT\system32\DRIVERS\imapi.sys
15:14:16.0599 2108 Imapi - ok
15:14:16.0677 2108 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINNT\system32\imapi.exe
15:14:16.0895 2108 ImapiService - ok
15:14:16.0927 2108 [ 2276401A0F013FC902A79B471572217A ] InCDfs C:\WINNT\system32\drivers\InCDfs.sys
15:14:16.0974 2108 InCDfs ( UnsignedFile.Multi.Generic ) - warning
15:14:16.0974 2108 InCDfs - detected UnsignedFile.Multi.Generic (1)
15:14:16.0989 2108 [ DC898826D8B1BACCE60A8F7AB491A0B0 ] InCDPass C:\WINNT\system32\DRIVERS\InCDPass.sys
15:14:17.0020 2108 InCDPass ( UnsignedFile.Multi.Generic ) - warning
15:14:17.0020 2108 InCDPass - detected UnsignedFile.Multi.Generic (1)
15:14:17.0052 2108 [ 5FA708ADA99D9F7B0AF68698B0FAFF48 ] InCDrec C:\WINNT\system32\drivers\InCDrec.sys
15:14:17.0083 2108 InCDrec ( UnsignedFile.Multi.Generic ) - warning
15:14:17.0083 2108 InCDrec - detected UnsignedFile.Multi.Generic (1)
15:14:17.0145 2108 [ A2F61A1CCAFEE540AA74F2C2CF8D63C2 ] incdrm C:\WINNT\system32\drivers\incdrm.sys
15:14:17.0177 2108 incdrm ( UnsignedFile.Multi.Generic ) - warning
15:14:17.0177 2108 incdrm - detected UnsignedFile.Multi.Generic (1)
15:14:17.0302 2108 [ 37EC04536A01A03008499E54DE6BFAD1 ] InCDsrv C:\Programme\Ahead\InCD\InCDsrv.exe
15:14:17.0427 2108 InCDsrv ( UnsignedFile.Multi.Generic ) - warning
15:14:17.0427 2108 InCDsrv - detected UnsignedFile.Multi.Generic (1)
15:14:17.0458 2108 ini910u - ok
15:14:17.0474 2108 IntelIde - ok
15:14:17.0536 2108 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINNT\system32\DRIVERS\intelppm.sys
15:14:17.0786 2108 intelppm - ok
15:14:17.0833 2108 InterBaseGuardian - ok
15:14:17.0849 2108 InterBaseServer - ok
15:14:17.0911 2108 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINNT\system32\DRIVERS\Ip6Fw.sys
15:14:18.0192 2108 Ip6Fw - ok
15:14:18.0239 2108 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINNT\system32\DRIVERS\ipfltdrv.sys
15:14:18.0505 2108 IpFilterDriver - ok
15:14:18.0583 2108 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINNT\system32\DRIVERS\ipinip.sys
15:14:18.0849 2108 IpInIp - ok
15:14:18.0942 2108 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINNT\system32\DRIVERS\ipnat.sys
15:14:19.0145 2108 IpNat - ok
15:14:19.0161 2108 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINNT\system32\DRIVERS\ipsec.sys
15:14:19.0333 2108 IPSec - ok
15:14:19.0395 2108 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINNT\system32\DRIVERS\irda.sys
15:14:19.0520 2108 irda - ok
15:14:19.0567 2108 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINNT\system32\DRIVERS\irenum.sys
15:14:19.0692 2108 IRENUM - ok
15:14:19.0755 2108 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINNT\System32\irmon.dll
15:14:19.0895 2108 Irmon - ok
15:14:19.0927 2108 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINNT\system32\DRIVERS\irsir.sys
15:14:20.0052 2108 irsir - ok
15:14:20.0099 2108 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINNT\system32\DRIVERS\isapnp.sys
15:14:20.0302 2108 isapnp - ok
15:14:20.0427 2108 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
15:14:20.0520 2108 JavaQuickStarterService - ok
15:14:20.0567 2108 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINNT\system32\DRIVERS\kbdclass.sys
15:14:20.0817 2108 Kbdclass - ok
15:14:20.0880 2108 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINNT\system32\DRIVERS\kbdhid.sys
15:14:21.0145 2108 kbdhid - ok
15:14:21.0208 2108 [ CE3958F58547454884E97BDA78CD7040 ] kl1 C:\WINNT\system32\drivers\kl1.sys
15:14:21.0255 2108 kl1 - ok
15:14:21.0302 2108 [ 53EEDAB3F0511321AC3AE8BC968B158C ] KLBG C:\WINNT\system32\DRIVERS\klbg.sys
15:14:21.0380 2108 KLBG - ok
15:14:21.0427 2108 [ CF9F89B7B5E08BEB60E52DD7FF3A69E5 ] KLIF C:\WINNT\system32\DRIVERS\klif.sys
15:14:21.0474 2108 KLIF - ok
15:14:21.0505 2108 [ FBDC2034B58D2135D25FE99EB8B747C3 ] klim5 C:\WINNT\system32\DRIVERS\klim5.sys
15:14:21.0536 2108 klim5 - ok
15:14:21.0599 2108 [ 1F351C4BA53BFE58A1CA5FCDD11E1F81 ] klmouflt C:\WINNT\system32\DRIVERS\klmouflt.sys
15:14:21.0677 2108 klmouflt - ok
15:14:21.0724 2108 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINNT\system32\drivers\kmixer.sys
15:14:21.0927 2108 kmixer - ok
15:14:21.0989 2108 [ C6EBF1D6AD71DF30DB49B8D3287E1368 ] KSecDD C:\WINNT\system32\drivers\KSecDD.sys
15:14:22.0442 2108 KSecDD - ok
15:14:22.0489 2108 [ 41202C42C8D1A4465AB121F806E93F24 ] lanmanserver C:\WINNT\System32\srvsvc.dll
15:14:22.0708 2108 lanmanserver - ok
15:14:22.0755 2108 [ C9B816901C1ABF28BA6C5B6CB65EB75B ] lanmanworkstation C:\WINNT\System32\wkssvc.dll
15:14:23.0067 2108 lanmanworkstation - ok
15:14:23.0083 2108 lbrtfdc - ok
15:14:23.0145 2108 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINNT\System32\lmhsvc.dll
15:14:23.0427 2108 LmHosts - ok
15:14:23.0489 2108 [ 269C14D512B74CC28D2812FF7D1EB066 ] MarvinBus C:\WINNT\system32\DRIVERS\MarvinBus.sys
15:14:23.0536 2108 MarvinBus ( UnsignedFile.Multi.Generic ) - warning
15:14:23.0536 2108 MarvinBus - detected UnsignedFile.Multi.Generic (1)
15:14:23.0661 2108 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
15:14:23.0786 2108 MDM - ok
15:14:23.0833 2108 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINNT\System32\msgsvc.dll
15:14:24.0130 2108 Messenger - ok
15:14:24.0255 2108 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
15:14:24.0458 2108 Microsoft Office Groove Audit Service - ok
15:14:24.0505 2108 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINNT\system32\drivers\mnmdd.sys
15:14:24.0755 2108 mnmdd - ok
15:14:24.0802 2108 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINNT\system32\mnmsrvc.exe
15:14:25.0020 2108 mnmsrvc - ok
15:14:25.0083 2108 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINNT\system32\drivers\Modem.sys
15:14:25.0270 2108 Modem - ok
15:14:25.0302 2108 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINNT\system32\DRIVERS\mouclass.sys
15:14:25.0536 2108 Mouclass - ok
15:14:25.0599 2108 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINNT\system32\DRIVERS\mouhid.sys
15:14:25.0770 2108 mouhid - ok
15:14:25.0802 2108 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINNT\system32\drivers\MountMgr.sys
15:14:25.0989 2108 MountMgr - ok
15:14:26.0052 2108 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
15:14:26.0130 2108 MozillaMaintenance - ok
15:14:26.0177 2108 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINNT\system32\DRIVERS\MPE.sys
15:14:26.0442 2108 MPE - ok
15:14:26.0458 2108 mraid35x - ok
15:14:26.0520 2108 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINNT\system32\DRIVERS\mrxdav.sys
15:14:26.0833 2108 MRxDAV - ok
15:14:26.0927 2108 [ FB2FCCC70F7174C7BF64F48E96D3ADF4 ] MRxSmb C:\WINNT\system32\DRIVERS\mrxsmb.sys
15:14:27.0161 2108 MRxSmb - ok
15:14:27.0224 2108 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINNT\system32\msdtc.exe
15:14:27.0427 2108 MSDTC - ok
15:14:27.0489 2108 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINNT\system32\drivers\Msfs.sys
15:14:27.0708 2108 Msfs - ok
15:14:27.0770 2108 [ 95C6432151CCFF8617352F8E616A1AA4 ] MSIRCOMM C:\WINNT\system32\DRIVERS\MSIRCOMM.sys
15:14:27.0911 2108 MSIRCOMM - ok
15:14:27.0927 2108 MSIServer - ok
15:14:27.0989 2108 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINNT\system32\drivers\MSKSSRV.sys
15:14:28.0255 2108 MSKSSRV - ok
15:14:28.0270 2108 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINNT\system32\drivers\MSPCLOCK.sys
15:14:28.0552 2108 MSPCLOCK - ok
15:14:28.0599 2108 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINNT\system32\drivers\MSPQM.sys
15:14:28.0880 2108 MSPQM - ok
15:14:28.0927 2108 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINNT\system32\DRIVERS\mssmbios.sys
15:14:29.0161 2108 mssmbios - ok
15:14:29.0208 2108 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINNT\system32\drivers\MSTEE.sys
15:14:29.0505 2108 MSTEE - ok
15:14:29.0567 2108 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINNT\system32\drivers\msmpu401.sys
15:14:29.0849 2108 ms_mpu401 - ok
15:14:29.0911 2108 [ C3BBEF8614B90C31367D9DF8D3B81B4C ] multikey C:\WINNT\system32\DRIVERS\multikey.sys
15:14:30.0067 2108 multikey ( UnsignedFile.Multi.Generic ) - warning
15:14:30.0067 2108 multikey - detected UnsignedFile.Multi.Generic (1)
15:14:30.0130 2108 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINNT\system32\drivers\Mup.sys
15:14:30.0583 2108 Mup - ok
15:14:30.0645 2108 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINNT\system32\DRIVERS\NABTSFEC.sys
15:14:30.0942 2108 NABTSFEC - ok
15:14:31.0020 2108 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINNT\System32\qagentrt.dll
15:14:31.0317 2108 napagent - ok
15:14:31.0395 2108 NasPmService - ok
15:14:31.0442 2108 [ 0DA8B8DE4425745D9B6AD21622A3138F ] NA_Service C:\WINNT\system32\NA_Service.exe
15:14:31.0489 2108 NA_Service ( UnsignedFile.Multi.Generic ) - warning
15:14:31.0489 2108 NA_Service - detected UnsignedFile.Multi.Generic (1)
15:14:31.0567 2108 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINNT\system32\drivers\NDIS.sys
15:14:31.0880 2108 NDIS - ok
15:14:31.0895 2108 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINNT\system32\DRIVERS\NdisIP.sys
15:14:32.0114 2108 NdisIP - ok
15:14:32.0161 2108 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINNT\system32\DRIVERS\ndistapi.sys
15:14:32.0474 2108 NdisTapi - ok
15:14:32.0536 2108 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINNT\system32\DRIVERS\ndisuio.sys
15:14:32.0724 2108 Ndisuio - ok
15:14:32.0770 2108 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINNT\system32\DRIVERS\ndiswan.sys
15:14:32.0974 2108 NdisWan - ok
15:14:33.0020 2108 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINNT\system32\drivers\NDProxy.sys
15:14:33.0349 2108 NDProxy - ok
15:14:33.0411 2108 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINNT\system32\DRIVERS\netbios.sys
15:14:33.0630 2108 NetBIOS - ok
15:14:33.0692 2108 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINNT\system32\DRIVERS\netbt.sys
15:14:33.0880 2108 NetBT - ok
15:14:33.0942 2108 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINNT\system32\netdde.exe
15:14:34.0192 2108 NetDDE - ok
15:14:34.0208 2108 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINNT\system32\netdde.exe
15:14:34.0364 2108 NetDDEdsdm - ok
15:14:34.0411 2108 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINNT\system32\lsass.exe
15:14:34.0661 2108 Netlogon - ok
15:14:34.0708 2108 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINNT\System32\netman.dll
15:14:35.0036 2108 Netman - ok
15:14:35.0083 2108 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:14:35.0208 2108 NetTcpPortSharing - ok
15:14:35.0286 2108 [ 4AA50627B01C0E9C6B4C6BD3AF648F12 ] Nla C:\WINNT\System32\mswsock.dll
15:14:35.0380 2108 Nla - ok
15:14:35.0458 2108 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINNT\system32\drivers\Npfs.sys
15:14:35.0708 2108 Npfs - ok
15:14:35.0755 2108 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINNT\system32\drivers\Ntfs.sys
15:14:36.0083 2108 Ntfs - ok
15:14:36.0114 2108 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINNT\system32\lsass.exe
15:14:36.0333 2108 NtLmSsp - ok
15:14:36.0458 2108 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINNT\system32\ntmssvc.dll
15:14:36.0692 2108 NtmsSvc - ok
15:14:36.0739 2108 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINNT\system32\drivers\Null.sys
15:14:36.0895 2108 Null - ok
15:14:36.0942 2108 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINNT\system32\DRIVERS\nwlnkflt.sys
15:14:37.0114 2108 NwlnkFlt - ok
15:14:37.0161 2108 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINNT\system32\DRIVERS\nwlnkfwd.sys
15:14:37.0349 2108 NwlnkFwd - ok
15:14:37.0458 2108 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
15:14:37.0552 2108 odserv - ok
15:14:37.0630 2108 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
15:14:37.0677 2108 ose - ok
15:14:37.0974 2108 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:14:38.0239 2108 osppsvc - ok
15:14:38.0302 2108 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINNT\system32\DRIVERS\parport.sys
15:14:38.0474 2108 Parport - ok
15:14:38.0505 2108 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINNT\system32\drivers\PartMgr.sys
15:14:38.0677 2108 PartMgr - ok
15:14:38.0724 2108 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINNT\system32\drivers\ParVdm.sys
15:14:38.0911 2108 ParVdm - ok
15:14:38.0974 2108 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINNT\system32\DRIVERS\pci.sys
15:14:39.0145 2108 PCI - ok
15:14:39.0161 2108 PCIDump - ok
15:14:39.0161 2108 PCIIde - ok
15:14:39.0224 2108 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINNT\system32\drivers\Pcmcia.sys
15:14:39.0395 2108 Pcmcia - ok
15:14:39.0411 2108 PDCOMP - ok
15:14:39.0427 2108 PDFRAME - ok
15:14:39.0442 2108 PDRELI - ok
15:14:39.0442 2108 PDRFRAME - ok
15:14:39.0458 2108 perc2 - ok
15:14:39.0474 2108 perc2hib - ok
15:14:39.0536 2108 [ F0A7D59AF279326528715B206669B86C ] PlugPlay C:\WINNT\system32\services.exe
15:14:39.0599 2108 PlugPlay - ok
15:14:39.0630 2108 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINNT\system32\lsass.exe
15:14:39.0849 2108 PolicyAgent - ok
15:14:39.0927 2108 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINNT\system32\DRIVERS\raspptp.sys
15:14:40.0161 2108 PptpMiniport - ok
15:14:40.0177 2108 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINNT\system32\lsass.exe
15:14:40.0411 2108 ProtectedStorage - ok
15:14:40.0474 2108 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINNT\system32\DRIVERS\psched.sys
15:14:40.0724 2108 PSched - ok
15:14:40.0770 2108 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINNT\system32\DRIVERS\ptilink.sys
15:14:40.0958 2108 Ptilink - ok
15:14:40.0958 2108 ql1080 - ok
15:14:40.0974 2108 Ql10wnt - ok
15:14:40.0989 2108 ql12160 - ok
15:14:41.0005 2108 ql1240 - ok
15:14:41.0020 2108 ql1280 - ok
15:14:41.0083 2108 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINNT\system32\DRIVERS\rasacd.sys
15:14:41.0255 2108 RasAcd - ok
15:14:41.0317 2108 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINNT\System32\rasauto.dll
15:14:41.0489 2108 RasAuto - ok
15:14:41.0552 2108 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINNT\system32\DRIVERS\rasirda.sys
15:14:41.0692 2108 Rasirda - ok
15:14:41.0739 2108 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINNT\system32\DRIVERS\rasl2tp.sys
15:14:41.0927 2108 Rasl2tp - ok
15:14:42.0005 2108 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINNT\System32\rasmans.dll
15:14:42.0177 2108 RasMan - ok
15:14:42.0239 2108 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINNT\system32\DRIVERS\raspppoe.sys
15:14:42.0411 2108 RasPppoe - ok
15:14:42.0474 2108 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINNT\system32\DRIVERS\raspti.sys
15:14:42.0630 2108 Raspti - ok
15:14:42.0677 2108 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINNT\system32\DRIVERS\rdbss.sys
15:14:42.0849 2108 Rdbss - ok
15:14:42.0895 2108 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINNT\system32\DRIVERS\RDPCDD.sys
15:14:43.0067 2108 RDPCDD - ok
15:14:43.0130 2108 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINNT\system32\DRIVERS\rdpdr.sys
15:14:43.0349 2108 rdpdr - ok
15:14:43.0411 2108 [ FC105DD312ED64EB66BFF111E8EC6EAC ] RDPWD C:\WINNT\system32\drivers\RDPWD.sys
15:14:43.0583 2108 RDPWD - ok
15:14:43.0661 2108 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINNT\system32\sessmgr.exe
15:14:43.0864 2108 RDSessMgr - ok
15:14:43.0911 2108 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINNT\system32\DRIVERS\redbook.sys
15:14:44.0177 2108 redbook - ok
15:14:44.0239 2108 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINNT\System32\mprdim.dll
15:14:44.0505 2108 RemoteAccess - ok
15:14:44.0567 2108 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINNT\system32\regsvc.dll
15:14:44.0833 2108 RemoteRegistry - ok
15:14:44.0864 2108 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINNT\system32\Drivers\RootMdm.sys
15:14:45.0083 2108 ROOTMODEM - ok
15:14:45.0145 2108 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINNT\system32\locator.exe
15:14:45.0317 2108 RpcLocator - ok
15:14:45.0364 2108 [ D3D765E8455A961AE567B408F767D4F9 ] RpcSs C:\WINNT\system32\rpcss.dll
15:14:45.0458 2108 RpcSs - ok
15:14:45.0520 2108 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINNT\system32\rsvp.exe
15:14:45.0692 2108 RSVP - ok
15:14:45.0849 2108 [ 22814B17E3576A99A4D8BEFA90DAE144 ] s7asysvx C:\Programme\Siemens\Step7\S7BIN\s7asysvx.exe
15:14:45.0989 2108 s7asysvx ( UnsignedFile.Multi.Generic ) - warning
15:14:45.0989 2108 s7asysvx - detected UnsignedFile.Multi.Generic (1)
15:14:46.0036 2108 [ F4E4348F0ECC78A61A190E447EB2467D ] s7oefs_x C:\WINNT\System32\drivers\s7oefs_x.sys
15:14:46.0067 2108 s7oefs_x ( UnsignedFile.Multi.Generic ) - warning
15:14:46.0067 2108 s7oefs_x - detected UnsignedFile.Multi.Generic (1)
15:14:46.0192 2108 [ B4BD6A196FD9D387B0A3557CDB0B7FE7 ] s7oiehsx C:\Programme\Gemeinsame Dateien\Siemens\S7IEPG\s7oiehsx.exe
15:14:46.0239 2108 s7oiehsx ( UnsignedFile.Multi.Generic ) - warning
15:14:46.0239 2108 s7oiehsx - detected UnsignedFile.Multi.Generic (1)
15:14:46.0302 2108 [ BFFBF7D7F91C470E8247065D5072BFEE ] s7osmcax C:\WINNT\System32\Drivers\s7osmcax.sys
15:14:46.0333 2108 s7osmcax ( UnsignedFile.Multi.Generic ) - warning
15:14:46.0333 2108 s7osmcax - detected UnsignedFile.Multi.Generic (1)
15:14:46.0427 2108 [ C56D6405ECA741718A627ECEAA2ED7AD ] s7otranx C:\WINNT\System32\Drivers\S7otranx.sys
15:14:46.0505 2108 s7otranx ( UnsignedFile.Multi.Generic ) - warning
15:14:46.0505 2108 s7otranx - detected UnsignedFile.Multi.Generic (1)
15:14:46.0552 2108 [ 97CC8A8D06071921A42114CF16200A5B ] s7snsrtx C:\WINNT\system32\DRIVERS\s7snsrtx.sys
15:14:46.0583 2108 s7snsrtx ( UnsignedFile.Multi.Generic ) - warning
15:14:46.0583 2108 s7snsrtx - detected UnsignedFile.Multi.Generic (1)
15:14:46.0614 2108 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINNT\system32\lsass.exe
15:14:46.0770 2108 SamSs - ok
15:14:46.0833 2108 [ F5A633609777C212EC5FF19927FC5955 ] ScanUSBEMPIA C:\WINNT\system32\DRIVERS\emScan.sys
15:14:46.0864 2108 ScanUSBEMPIA - ok
15:14:46.0927 2108 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINNT\System32\SCardSvr.exe
15:14:47.0114 2108 SCardSvr - ok
15:14:47.0177 2108 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINNT\system32\schedsvc.dll
15:14:47.0380 2108 Schedule - ok
15:14:47.0536 2108 [ 255085398DBB66FD3E0BC2739E9FB8C5 ] scpdrv C:\PROGRAMME\GEMEINSAME DATEIEN\SIEMENS\SWS\PLUGINS\SCP\scpdrv.sys
15:14:47.0583 2108 scpdrv ( UnsignedFile.Multi.Generic ) - warning
15:14:47.0583 2108 scpdrv - detected UnsignedFile.Multi.Generic (1)
15:14:47.0630 2108 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINNT\system32\DRIVERS\secdrv.sys
15:14:47.0739 2108 Secdrv - ok
15:14:47.0770 2108 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINNT\System32\seclogon.dll
15:14:47.0958 2108 seclogon - ok
15:14:47.0974 2108 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINNT\system32\sens.dll
15:14:48.0208 2108 SENS - ok
15:14:48.0270 2108 [ B490AD520257DDA26C1D587A71E527B5 ] Ser2pl C:\WINNT\system32\DRIVERS\ser2pl.sys
15:14:48.0411 2108 Ser2pl - ok
15:14:48.0427 2108 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINNT\system32\DRIVERS\serenum.sys
15:14:48.0661 2108 serenum - ok
15:14:48.0708 2108 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINNT\system32\DRIVERS\serial.sys
15:14:48.0942 2108 Serial - ok
15:14:48.0974 2108 [ E8F3E51DA8098201F50678CEC5FCE179 ] sermouse C:\WINNT\system32\DRIVERS\sermouse.sys
15:14:49.0255 2108 sermouse - ok
15:14:49.0349 2108 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINNT\system32\DRIVERS\sfloppy.sys
15:14:49.0599 2108 Sfloppy - ok
15:14:49.0661 2108 [ F96D196D81A92A6C55178F3F49B227A1 ] SharedAccess C:\WINNT\System32\ipnathlp.dll
15:14:49.0911 2108 SharedAccess - ok
15:14:49.0989 2108 [ 927666F4228E3FBBC3D1171581DC8BDC ] ShellHWDetection C:\WINNT\System32\shsvcs.dll
15:14:50.0083 2108 ShellHWDetection - ok
15:14:50.0099 2108 Simbad - ok
15:14:50.0145 2108 [ 70D7480EBA6E5D2A1687809324237D98 ] slabbus C:\WINNT\system32\DRIVERS\slabbus.sys
15:14:50.0317 2108 slabbus - ok
15:14:50.0349 2108 [ 044C01804923A37E771A2B9750406979 ] slabser C:\WINNT\system32\DRIVERS\slabser.sys
15:14:50.0442 2108 slabser - ok
15:14:50.0489 2108 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINNT\system32\DRIVERS\SLIP.sys
15:14:50.0677 2108 SLIP - ok
15:14:50.0739 2108 [ BE3447EBEFCDFF5F4448F7C8718991B6 ] SNTIE C:\WINNT\system32\DRIVERS\sntie.sys
15:14:50.0770 2108 SNTIE ( UnsignedFile.Multi.Generic ) - warning
15:14:50.0770 2108 SNTIE - detected UnsignedFile.Multi.Generic (1)
15:14:50.0786 2108 Sparrow - ok
15:14:50.0802 2108 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINNT\system32\drivers\splitter.sys
15:14:50.0958 2108 splitter - ok
15:14:51.0020 2108 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINNT\system32\spoolsv.exe
15:14:51.0145 2108 Spooler - ok
15:14:51.0239 2108 [ B7A8148CA23C6A55712002ED317A75D9 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
15:14:51.0380 2108 SpyHunter 4 Service - ok
15:14:51.0442 2108 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINNT\system32\DRIVERS\sr.sys
15:14:51.0552 2108 sr - ok
15:14:51.0583 2108 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINNT\system32\srsvc.dll
15:14:51.0708 2108 srservice - ok
15:14:51.0786 2108 [ 9B390283569EA58D43D2586032B892F5 ] Srv C:\WINNT\system32\DRIVERS\srv.sys
15:14:52.0005 2108 Srv - ok
15:14:52.0067 2108 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINNT\System32\ssdpsrv.dll
15:14:52.0192 2108 SSDPSRV - ok
15:14:52.0255 2108 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINNT\system32\wiaservc.dll
15:14:52.0489 2108 stisvc - ok
15:14:52.0552 2108 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINNT\system32\DRIVERS\StreamIP.sys
15:14:52.0724 2108 streamip - ok
15:14:52.0770 2108 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINNT\system32\DRIVERS\swenum.sys
15:14:52.0942 2108 swenum - ok
15:14:52.0989 2108 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINNT\system32\drivers\swmidi.sys
15:14:53.0161 2108 swmidi - ok
15:14:53.0177 2108 SwPrv - ok
15:14:53.0177 2108 symc810 - ok
15:14:53.0192 2108 symc8xx - ok
15:14:53.0208 2108 sym_hi - ok
15:14:53.0224 2108 sym_u3 - ok
15:14:53.0255 2108 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINNT\system32\drivers\sysaudio.sys
15:14:53.0474 2108 sysaudio - ok
15:14:53.0505 2108 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINNT\system32\smlogsvc.exe
15:14:53.0755 2108 SysmonLog - ok
15:14:53.0802 2108 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINNT\System32\tapisrv.dll
15:14:54.0052 2108 TapiSrv - ok
15:14:54.0130 2108 [ AD978A1B783B5719720CFF204B666C8E ] Tcpip C:\WINNT\system32\DRIVERS\tcpip.sys
15:14:54.0224 2108 Tcpip - ok
15:14:54.0255 2108 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINNT\system32\drivers\TDPIPE.sys
15:14:54.0505 2108 TDPIPE - ok
15:14:54.0536 2108 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINNT\system32\drivers\TDTCP.sys
15:14:54.0755 2108 TDTCP - ok
15:14:54.0817 2108 [ 88155247177638048422893737429D9E ] TermDD C:\WINNT\system32\DRIVERS\termdd.sys
15:14:54.0974 2108 TermDD - ok
15:14:55.0036 2108 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINNT\System32\termsrv.dll
15:14:55.0208 2108 TermService - ok
15:14:55.0224 2108 [ 927666F4228E3FBBC3D1171581DC8BDC ] Themes C:\WINNT\System32\shsvcs.dll
15:14:55.0270 2108 Themes - ok
15:14:55.0333 2108 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINNT\system32\tlntsvr.exe
15:14:55.0474 2108 TlntSvr - ok
15:14:55.0489 2108 TosIde - ok
15:14:55.0552 2108 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINNT\system32\trkwks.dll
15:14:55.0708 2108 TrkWks - ok
15:14:55.0770 2108 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] TVicPort C:\WINNT\system32\drivers\TVicPort.sys
15:14:55.0833 2108 TVicPort ( UnsignedFile.Multi.Generic ) - warning
15:14:55.0833 2108 TVicPort - detected UnsignedFile.Multi.Generic (1)
15:14:55.0895 2108 [ D85938F272D1BCF3DB3A31FC0A048928 ] uagp35 C:\WINNT\system32\DRIVERS\uagp35.sys
15:14:56.0067 2108 uagp35 - ok
15:14:56.0130 2108 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINNT\system32\drivers\Udfs.sys
15:14:56.0302 2108 Udfs - ok
15:14:56.0427 2108 [ B7A165DDC6B2C8ACCFD5986933940285 ] UI Assistant Service C:\Programme\ZTE Join Air\AssistantServices.exe
15:14:56.0442 2108 UI Assistant Service ( UnsignedFile.Multi.Generic ) - warning
15:14:56.0458 2108 UI Assistant Service - detected UnsignedFile.Multi.Generic (1)
15:14:56.0458 2108 ultra - ok
15:14:56.0536 2108 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINNT\system32\DRIVERS\update.sys
15:14:56.0755 2108 Update - ok
15:14:56.0817 2108 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINNT\System32\upnphost.dll
15:14:56.0927 2108 upnphost - ok
15:14:56.0958 2108 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINNT\System32\ups.exe
15:14:57.0130 2108 UPS - ok
15:14:57.0161 2108 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINNT\system32\drivers\usbaudio.sys
15:14:57.0349 2108 usbaudio - ok
15:14:57.0395 2108 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINNT\system32\DRIVERS\usbccgp.sys
15:14:57.0583 2108 usbccgp - ok
15:14:57.0645 2108 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINNT\system32\DRIVERS\usbehci.sys
15:14:57.0911 2108 usbehci - ok
15:14:57.0958 2108 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINNT\system32\DRIVERS\usbhub.sys
15:14:58.0208 2108 usbhub - ok
15:14:58.0270 2108 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINNT\system32\DRIVERS\usbprint.sys
15:14:58.0489 2108 usbprint - ok
15:14:58.0552 2108 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINNT\system32\DRIVERS\usbscan.sys
15:14:59.0052 2108 usbscan - ok
15:14:59.0114 2108 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINNT\system32\DRIVERS\USBSTOR.SYS
15:14:59.0317 2108 USBSTOR - ok
15:14:59.0333 2108 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINNT\system32\DRIVERS\usbuhci.sys
15:14:59.0536 2108 usbuhci - ok
15:14:59.0583 2108 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINNT\system32\Drivers\usbvideo.sys
15:14:59.0802 2108 usbvideo - ok
15:14:59.0864 2108 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINNT\System32\drivers\vga.sys
15:15:00.0036 2108 VgaSave - ok
15:15:00.0083 2108 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINNT\system32\DRIVERS\viaagp1.sys
15:15:00.0208 2108 viaagp1 - ok
15:15:00.0239 2108 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINNT\system32\DRIVERS\viaide.sys
15:15:00.0411 2108 ViaIde - ok
15:15:00.0458 2108 [ F199939205DCCC7836AE5AB8B5DD5E83 ] viamraid C:\WINNT\system32\DRIVERS\viamraid.sys
15:15:00.0552 2108 viamraid - ok
15:15:00.0552 2108 VMUVC - ok
15:15:00.0614 2108 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINNT\system32\drivers\VolSnap.sys
15:15:00.0817 2108 VolSnap - ok
15:15:00.0849 2108 [ 1C8A783E90C34D205596F1AB4A97E261 ] vsbus C:\WINNT\system32\DRIVERS\vsb.sys
15:15:00.0880 2108 vsbus ( UnsignedFile.Multi.Generic ) - warning
15:15:00.0880 2108 vsbus - detected UnsignedFile.Multi.Generic (1)
15:15:00.0911 2108 [ 3377DAA1CB8CAC46A538C236F5F3D58F ] vserial C:\WINNT\system32\DRIVERS\vserial.sys
15:15:00.0927 2108 vserial ( UnsignedFile.Multi.Generic ) - warning
15:15:00.0927 2108 vserial - detected UnsignedFile.Multi.Generic (1)
15:15:00.0989 2108 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINNT\System32\vssvc.exe
15:15:01.0114 2108 VSS - ok
15:15:01.0114 2108 vvftUVC - ok
15:15:01.0192 2108 [ 39247D93BE13E0C67A996A837EAB8E02 ] W32Time C:\WINNT\system32\w32time.dll
15:15:01.0317 2108 W32Time - ok
15:15:01.0364 2108 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINNT\system32\DRIVERS\wanarp.sys
15:15:01.0536 2108 Wanarp - ok
15:15:01.0536 2108 WDICA - ok
15:15:01.0599 2108 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINNT\system32\drivers\wdmaud.sys
15:15:01.0755 2108 wdmaud - ok
15:15:01.0802 2108 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINNT\System32\webclnt.dll
15:15:01.0974 2108 WebClient - ok
15:15:02.0052 2108 [ 451F905BC7BFF9E1CFF2E7AE76196B2C ] WinDriver6 C:\WINNT\system32\drivers\windrvr6.sys
15:15:02.0067 2108 WinDriver6 ( UnsignedFile.Multi.Generic ) - warning
15:15:02.0067 2108 WinDriver6 - detected UnsignedFile.Multi.Generic (1)
15:15:02.0192 2108 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINNT\system32\wbem\WMIsvc.dll
15:15:02.0349 2108 winmgmt - ok
15:15:02.0427 2108 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN C:\WINNT\system32\mspmsnsv.dll
15:15:02.0692 2108 WmdmPmSN - ok
15:15:02.0755 2108 [ 57FA31A965D8FC3172641A93618FBE9E ] Wmi C:\WINNT\System32\advapi32.dll
15:15:02.0958 2108 Wmi - ok
15:15:03.0036 2108 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINNT\system32\wbem\wmiapsrv.exe
15:15:03.0255 2108 WmiApSrv - ok
15:15:03.0427 2108 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINNT\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:15:03.0536 2108 WPFFontCache_v0400 - ok
15:15:03.0614 2108 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINNT\system32\wscsvc.dll
15:15:03.0849 2108 wscsvc - ok
15:15:03.0864 2108 WSearch - ok
15:15:03.0942 2108 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINNT\system32\DRIVERS\WSTCODEC.SYS
15:15:04.0177 2108 WSTCODEC - ok
15:15:04.0239 2108 [ AAE1A6FFBA2B0436E91795120F48C461 ] wuauserv C:\WINNT\system32\wuauserv.dll
15:15:04.0317 2108 wuauserv - ok
15:15:04.0395 2108 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINNT\System32\wzcsvc.dll
15:15:04.0645 2108 WZCSVC - ok
15:15:04.0724 2108 [ E22DF15AF05E35A8263D03E6B375090A ] XHASP c:\winnt\system32\drivers\XHASP.sys
15:15:04.0770 2108 XHASP ( UnsignedFile.Multi.Generic ) - warning
15:15:04.0786 2108 XHASP - detected UnsignedFile.Multi.Generic (1)
15:15:04.0833 2108 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINNT\System32\xmlprov.dll
15:15:05.0036 2108 xmlprov - ok
15:15:05.0083 2108 [ 4692A3E087CF018808F376A3CC2128FA ] ZTEusbmdm6k C:\WINNT\system32\DRIVERS\ZTEusbmdm6k.sys
15:15:05.0192 2108 ZTEusbmdm6k - ok
15:15:05.0224 2108 [ 4692A3E087CF018808F376A3CC2128FA ] ZTEusbnmea C:\WINNT\system32\DRIVERS\ZTEusbnmea.sys
15:15:05.0270 2108 ZTEusbnmea - ok
15:15:05.0317 2108 [ 4692A3E087CF018808F376A3CC2128FA ] ZTEusbser6k C:\WINNT\system32\DRIVERS\ZTEusbser6k.sys
15:15:05.0364 2108 ZTEusbser6k - ok
15:15:05.0380 2108 ================ Scan global ===============================
15:15:05.0442 2108 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINNT\system32\basesrv.dll
15:15:05.0520 2108 [ 77A50BBD2A1CD6D54A876BB63570E2A8 ] C:\WINNT\system32\winsrv.dll
15:15:05.0614 2108 [ 77A50BBD2A1CD6D54A876BB63570E2A8 ] C:\WINNT\system32\winsrv.dll
15:15:05.0677 2108 [ F0A7D59AF279326528715B206669B86C ] C:\WINNT\system32\services.exe
15:15:05.0692 2108 [Global] - ok
15:15:05.0692 2108 ================ Scan MBR ==================================
15:15:05.0724 2108 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
15:15:06.0005 2108 \Device\Harddisk0\DR0 - ok
15:15:06.0005 2108 ================ Scan VBR ==================================
15:15:06.0020 2108 [ B68C632C269CABE67BA14094EA6B1813 ] \Device\Harddisk0\DR0\Partition1
15:15:06.0020 2108 \Device\Harddisk0\DR0\Partition1 - ok
15:15:06.0020 2108 ============================================================
15:15:06.0020 2108 Scan finished
15:15:06.0020 2108 ============================================================
15:15:06.0130 1760 Detected object count: 31
15:15:06.0130 1760 Actual detected object count: 31
15:15:40.0317 1760 ACEDRV05 ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0317 1760 ACEDRV05 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0317 1760 actser ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0317 1760 actser ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0317 1760 almservice ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0317 1760 almservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0333 1760 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0333 1760 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0333 1760 CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0333 1760 CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0333 1760 Dpmtrcdd ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0333 1760 Dpmtrcdd ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0333 1760 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0333 1760 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0349 1760 Haspnt ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0349 1760 Haspnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0349 1760 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0349 1760 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0349 1760 InCDfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0349 1760 InCDfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0349 1760 InCDPass ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0349 1760 InCDPass ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0349 1760 InCDrec ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0349 1760 InCDrec ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0349 1760 incdrm ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0349 1760 incdrm ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0364 1760 InCDsrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0364 1760 InCDsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0364 1760 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0364 1760 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0364 1760 multikey ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0364 1760 multikey ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0380 1760 NA_Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0380 1760 NA_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0380 1760 s7asysvx ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0380 1760 s7asysvx ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0380 1760 s7oefs_x ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0380 1760 s7oefs_x ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0380 1760 s7oiehsx ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0380 1760 s7oiehsx ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0395 1760 s7osmcax ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0395 1760 s7osmcax ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0395 1760 s7otranx ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0395 1760 s7otranx ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0395 1760 s7snsrtx ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0395 1760 s7snsrtx ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0411 1760 scpdrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0411 1760 scpdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0411 1760 SNTIE ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0411 1760 SNTIE ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0411 1760 TVicPort ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0411 1760 TVicPort ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0411 1760 UI Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0411 1760 UI Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0427 1760 vsbus ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0427 1760 vsbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0427 1760 vserial ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0427 1760 vserial ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0427 1760 WinDriver6 ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0427 1760 WinDriver6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:15:40.0442 1760 XHASP ( UnsignedFile.Multi.Generic ) - skipped by user
15:15:40.0442 1760 XHASP ( UnsignedFile.Multi.Generic ) - User select action: Skip


mfg HS77

Alt 14.12.2012, 16:11   #9
markusg
/// Malware-holic
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



hi
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.12.2012, 19:13   #10
hs77
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



Hallo
Hier der Log des ComboFix

mfg HS77

Alt 14.12.2012, 19:23   #11
markusg
/// Malware-holic
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



Hi,
lade den CCleaner standard:
CCleaner Download - CCleaner 3.25.1872
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.12.2012, 20:48   #12
hs77
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



Hier die Liste:
Adobe Dreamweaver CS3 Adobe Systems Incorporated 25.03.2008 9.0 UNNOETIG
Adobe Reader 9.5.2 - Deutsch Adobe Systems Incorporated 12.09.2012 121,00MB 9.5.2 NOTWENDIG
AIDA32 v3.93 Tamas Miklos 14.12.2012
AltistartDtmLibrary Schneider Electric 28.02.2012 4,24MB 3.0.6 NOTWENDIG
AltivarDtmLibrary Schneider Electric 28.02.2012 5,44MB 4.0.6 NOTWENDIG
AnswerWorks Runtime 15.09.2012 UNBEKANNT
Arts & Letters EXPRESS 7 Office 14.12.2012 UNNOETIG
ATI - Dienstprogramm zur Deinstallation der Software 01.12.2009 6.14.10.1022 UNBEKANNT
ATI AVIVO Codecs ATI Technologies Inc. 01.12.2009 2,20MB 10.9.0.40813 UNBEKANNT
ATI Display Driver 01.12.2009 8.062-040929a-018116C-ATI NOTWENDIG
AutoCAD LT 2002 - Deutsch Autodesk 20.04.2005 156,00MB 15.0.6.030 NOTWENDIG
Automation License Manager V2.2 + HF2 Professional Siemens AG 27.01.2010 12,13MB 02.02.0002 NOTWENDIG
Avanquest Partition Commander 11 Avanquest 07.09.2012 118,00MB 90.00.0003 NOTWENDIG
AVRStudio4 Atmel 22.12.2008 4.15.623 NOTWENDIG
BASCOM-AVR MCS Electronics 16.06.2010 1.11.9.8 NOTWENDIG
Bilder-CD für Fachkunde Elektrotechnik, 25. Auflage - Einzelliz Verlag Europa-Lehrmittel 17.12.2008 NOTWENDIG
Brother P-touch Editor 5.0 Brother Industries, Ltd. 11.10.2012 27,37MB 5.0.2200 NOTWENDIG
Brother P-touch Editor Etikettenvorlagen - Anlage #1 [DEU] Brother Industries, Ltd. 11.10.2012 0,05MB 1.0.001 NOTWENDIG
Brother P-touch Editor Etikettenvorlagen - Arztpraxis #2 [DEU] Brother Industries, Ltd. 11.10.2012 0,05MB 1.0.001 NOTWENDIG
Brother P-touch Editor Etikettenvorlagen - Feiertag #1 [DEU] Brother Industries, Ltd. 11.10.2012 0,11MB 1.0.001 NOTWENDIG
Brother P-touch Editor Etikettenvorlagen - Halloween [DEU] Brother Industries, Ltd. 11.10.2012 0,10MB 1.0.001 NOTWENDIG
Brother P-touch Editor Etikettenvorlagen - Kalender #1 [DEU] Brother Industries, Ltd. 11.10.2012 0,05MB 1.0.001 NOTWENDIG
Brother P-touch Editor Etikettenvorlagen - Persönlich #3 [DEU] Brother Industries, Ltd. 11.10.2012 0,09MB 1.0.001 NOTWENDIG
Brother P-touch Editor Etikettenvorlagen - Valentinstag [DEU] Brother Industries, Ltd. 11.10.2012 0,09MB 1.0.001 NOTWENDIG
Brother P-touch Editor Etikettenvorlagen - Vertrieb #3 [DEU] Brother Industries, Ltd. 11.10.2012 0,15MB 1.0.001 NOTWENDIG
Brother P-touch Editor Etikettenvorlagen - Vertrieb #4 [DEU] Brother Industries, Ltd. 11.10.2012 0,11MB 1.0.001 NOTWENDIG
Brother P-touch Editor Etikettenvorlagen - Weihnachten [DEU] Brother Industries, Ltd. 11.10.2012 0,19MB 1.0.001 NOTWENDIG
Brother P-touch Editor Version 4.0 Brother Industries, Ltd. 23.08.2006 4.0.017 NOTWENDIG
Brother P-touch Update Software Brother Industries, Ltd. 28.02.2012 2,79MB 1.0.0041 NOTWENDIG
BUFFALO NAS Navigator2 27.05.2012 UNBEKANNT
C-Media 3D Audio 16.11.2011 UNBEKANNT
CA 01 - der interaktive Katalog von Industry Automation and Drive Technologies 10-2009 Deutsch SIEMENS AG 18.02.2010 NOTWENDIG 24.00.0001
Canon Camera Access Library Canon Inc. 05.09.2011 8.5.0.2 NOTWENDIG
CANON iMAGE GATEWAY MyCamera Download Plugin Canon Inc. 05.09.2011 3.1.1.2 NOTWENDIG
CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Inc. 07.10.2011 1.9.0.9 NOTWENDIG
Canon iP4600 series Benutzerregistrierung 08.09.2011 NOTWENDIG
Canon iP4600 series Printer Driver 12.09.2011 NOTWENDIG
Canon MOV Decoder Canon Inc. 05.09.2011 1.8.0.7 NOTWENDIG
Canon MOV Encoder Canon Inc. 05.09.2011 1.7.0.3 NOTWENDIG
Canon MovieEdit Task for ZoomBrowser EX Canon Inc. 07.10.2011 3.8.0.5 NOTWENDIG
Canon Utilities CameraWindow DC 8 Canon Inc. 05.09.2011 8.5.0.7 NOTWENDIG
Canon Utilities CameraWindow Launcher Canon Inc. 05.09.2011 7.5.0.2 NOTWENDIG
Canon Utilities Movie Uploader for YouTube Canon Inc. 05.09.2011 1.2.0.7 NOTWENDIG
Canon Utilities MyCamera Canon Inc. 05.09.2011 7.4.0.2 NOTWENDIG
Canon Utilities PhotoStitch Canon Inc. 05.09.2011 3.1.22.46 NOTWENDIG
Canon Utilities ZoomBrowser EX Canon Inc. 07.10.2011 6.7.2.33 NOTWENDIG
Canon ZoomBrowser EX Memory Card Utility Canon Inc. 05.09.2011 1.5.1.10 NOTWENDIG
CCleaner Piriform 25.11.2012 3.25 NOTWENDIG
Crystal Reports for .NET Framework 2.0 (x86) Business Objects 21.09.2010 35,71MB 10.2.0 UNBEKANNT
Crystal Reports für .NET Framework 2.0 Language Pack (x86) - DEU Business Objects 21.09.2010 4,49MB 10.2.0 UNBEKANNT
DataView Chauvin Arnoux 17.11.2009 2.06.0020 NOTWENDIG
doPDF 7.0 printer Softland 27.06.2011 NOTWENDIG
Electric Testing Center 01.34.00 GMC-I Messtechnik GmbH 21.09.2012 01.34.00 NOTWENDIG
ELEKTROmanagerProfessional 7F08, 01.08.2010 MEBEDO GmbH 27.06.2011 7F08, 01.08.2010 NOTWENDIG
es control 2.2 professional DEMO CH. BEHA GmbH Germany 23.04.2009 50,42MB 2.02.0002 UNNOETIG
es control 2.5 professional BEHA-AMPROBE GmbH 17.06.2009 131,00MB 2.05.0002 NOTWENDIG
Farnell InOne CD Catalogue v2.00 Farnell InOne 16.03.2005 2.00.0000 UNNOETIG
Festo - Produktkatalog Festo 23.03.2010 2.857,00MB 3.2010.1113 UNNOETIG
Festo Configurator Version 52.20 Festo AG & Co. 18.02.2010 Festo Configurator Version 52.20 UNNOETIG
Firebird 2.5.1.26351 (Win32) Firebird Project 04.10.2012 2.5.1.26351 UNBEKANNT
FlukeView Forms 19.07.2012 UNNOETIG
FlukeViewFormsVcRedist Fluke 19.07.2012 4,44MB 9.0.21022 UNNOETIG
Freeware.de Toolbar Freeware.de 13.08.2012 6.9.0.16 UNNOETIG
FTDI USB Serial Converter Drivers 15.02.2012 NOTWENDIG
GeoGebra 4 International GeoGebra Institute 07.02.2012 UNBEKANNT
GIMP 2.6.11 The GIMP Team 30.08.2011 2.6.11 NOTWENDIG
GMC-I Driver Control 1.13.00 GMC-I Messtechnik GmbH 21.09.2012 1.13.00 NOTWENDIG
Google Earth Google 06.05.2011 84,68MB 6.0.2.2074 UNNOETIG
Hardlock Device Driver 15.09.2012 UNBEKANNT
HDClone 4.1 Free Edition 05.09.2012 UNBEKANNT
HEROLD Telefonbuch CD home + route HEROLD Business Data GmbH 29.01.2008 UNNOETIG
hp deskjet 970c series 24.11.2005 NOTWENDIG
hp deskjet 970c series (nur entfernen) 24.11.2005 NOTWENDIG
iDim 2.0 CPi GmbH. 21.09.2012 2.0 NOTWENDIG
ImgBurn LIGHTNING UK! 29.11.2012 2.5.7.0 NOTWENDIG
InterBase 6.0 22.06.2005 NOTWENDIG
iPlanSchema 5.0 CPi GmbH. 21.09.2010 5.0 NOTWENDIG
Java(TM) 6 Update 24 Oracle 24.02.2011 90,88MB 6.0.240 UNBEKANNT
Join Air ZTE 15.02.2010 1.0.0.1 NOTWENDIG
KOMPASS Digital Map Tirol KOMPASS Karten GmbH 10.06.2011 NOTWENDIG
L&H TTS3000 Deutsch UNBEKANNT
Lernout & Hauspie TruVoice American English TTS Engine UNBEKANNT
LexiumDTMLibrary Schneider Electric 28.02.2012 0,02MB 1.03.0300 UNBEKANNT
LOGO!Soft Comfort V3.1 15.09.2012 UNNOETIG
LOGO!Soft Comfort V5.0 Siemens AG 02.05.2005 5.0.0.0 UNNOETIG
LOGO!Soft Comfort V6.1 Siemens AG 05.01.2009 6.1.0.0 NOTWENDIG
LOGO!Soft Comfort V7.0 Siemens AG 08.11.2012 7.0.0.0 NOTWENDIG
LOGOSoft Comfort V4.0 Siemens AG 14.03.2005 4.0.0.0 UNNOETIG
Lotus SmartSuite Version 9.5 25.02.2005 NOTWENDIG
Malwarebytes Anti-Malware Version 1.65.1.1000 Malwarebytes Corporation 05.12.2012 1.65.1.1000 NOTWENDIG
maxx PDFMAILER Professional gotomaxx GmbH 09.03.2005 6,66MB 3.0.17 NOTWENDIG
MEBEDO ELEKTROmanagerProfessional8 8F03 MEBEDO GmbH 04.10.2012 8F03 NOTWENDIG
MicroCapture 2.5 05.03.2012 2.5 NOTWENDIG
Microsoft .NET Framework 1.1 06.04.2011 UNBEKANNT
Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 11.08.2011 1.375,00MB 2.2.30729 UNBEKANNT
Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 05.04.2011 311,00MB 3.2.30729 UNBEKANNT
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 05.04.2011 UNBEKANNT
Microsoft AutoRoute v11.0 Microsoft Corporation 11.06.2007 320,00MB 11.00.18.1900 UNBEKANNT
Microsoft Office Enterprise 2007 Microsoft Corporation 13.10.2011 12.0.6425.1000 NOTWENDIG
Microsoft Office Home and Business 2010 Microsoft Corporation 04.04.2011 14.0.4763.1000 NOTWENDIG
Microsoft Office Project Professional 2007 Microsoft Corporation 15.09.2011 12.0.6425.1000 NOTWENDIG
Microsoft Office SharePoint Designer 2007 Microsoft Corporation 15.09.2011 12.0.6425.1000 NOTWENDIG
Microsoft Office Visio Professional 2007 Microsoft Corporation 15.09.2011 12.0.6425.1000 NOTWENDIG
Microsoft Silverlight Microsoft Corporation 22.08.2012 187,00MB 4.1.10329.0 NOTWENDIG
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 04.04.2011 0,11MB 8.0.50727.4053 NOTWENDIG
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 28.02.2012 4,61MB 8.0.56336 NOTWENDIG
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 19.05.2011 10,20MB 9.0.30729.5570 NOTWENDIG
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 26.08.2010 10,19MB 9.0.30729.4148 NOTWENDIG
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.06.2011 10,20MB 9.0.30729.6161 NOTWENDIG
Microsoft Windows Media Video 9 VCM 15.10.2009 UNBEKANNT
Mobile Modem Assistant 29.08.2006 1.00.000 UNBEKANNT
Mobile Phone Manager BenQ Mobile GmbH & Co. OHG 29.08.2006 4.05.51.11.2.2 UNBEKANNT
Mozilla Firefox 17.0.1 (x86 de) Mozilla 04.12.2012 17.0.1 NOTWENDIG
Mozilla Maintenance Service Mozilla 04.12.2012 17.0.1 NOTWENDIG
MProg 3.0a 10.06.2010 UNBEKANNT
MSI to redistribute MS VS2005 CRT libraries The Firebird Project 27.06.2011 1,58MB 8.0.50727.42 UNBEKANNT
MSXML 4.0 SP2 Parser and SDK Microsoft Corporation 15.10.2009 5,05MB 4.20.9818.0 UNBEKANNT
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 04.04.2011 2,94MB 4.30.2107.0 UNBEKANNT
MuM Symbolbibliotheken für AutoCAD 20.04.2005 NOTWENDIG
MuM Symbolbibliotheken für MS Office 20.04.2005 NOTWENDIG
Nero Suite 03.03.2005 NOTWENDIG
PARTcommunity 3D Web Viewer CADENAS 12.10.2012 1,79MB 1.0.36.11 UNBEKANNT
PCSoft Schneider Toshiba Inverter 12.04.2012 48,77MB 01.07.0 NOTWENDIG
PDF-XChange 3 Tracker Software 17.11.2009 NOTWENDIG
PL-2303 USB-to-Serial NOTWENDIG
PowerDVD 28.02.2005 NOTWENDIG
PowerSuite Launch Atv61Atv71PLUS Schneider Electric 15.02.2012 377,00MB 02.61 NOTWENDIG
QualiStar View V2.2 METRIX 22.08.2007 6,08MB 2.2 NOTWENDIG
QuickTime 07.03.2012 UNBEKANT
SA MODBUS Driver Schneider Automation 15.02.2012 1.8 UNBEKANNT
Samsung USB Driver 19.07.2012 UNBEKANNT
SAT 100 Basic 28.03.2012 UNNOETIG
Schneider Electric Modbus Communication DTM Library Schneider Electric 28.02.2012 18,43MB 2.0.2 NOTWENDIG
Security Update for Windows Search 4 - KB963093 Microsoft Corporation 04.04.2011
Setup-Start von Microsoft Works 2004 11.06.2007 UNBEKANNT
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista Silicon Laboratories, Inc. 05.01.2009 4.40 UNBEKANNT
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista_2 (c:\SiLabs\MCU_2) Silicon Laboratories, Inc. 24.03.2009 5.30 UNBEKANNT
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 Silicon Laboratories, Inc. 13.09.2012 6.2.00 UNBEKANNT
SIMATIC STEP 7 V5.4 + SP1 Professional Siemens AG 27.01.2010 366,00MB 05.04.0000 NOTWENDIG
SITRAINonCD Siemens AG A&D PT 5 18.02.2010 97,56MB 13.0.0NOTWENDIG
SmartSync 29.08.2006 NOTWENDIG
SoMove Lite Schneider Electric 28.02.2012 68,24MB 1.4.1.0 NOTWENDIG
TAPPS 1.29 DE 31.10.2012 NOTWENDIG
TeSysDTMLibrary Schneider Electric 28.02.2012 0,30MB 2.1.0.0 NOTWENDIG
TRUETZSCHLER Ersatzteil-Katalog (DE) 10.10.2011 NOTWENDIG
TRUETZSCHLER Spare Parts Manual (EN) 10.10.2011 NOTWENDIG
TrySim 15.03.2005 UNBEKANNT
VFD Setup Software 14.12.2012 NOTWENDIG
VFD Setup Software(SW2) MITSUBISHI ELECTRIC CORPORATION 11.01.2008 1.03.0012 NOTWENDIG
VLC media player 2.0.0 VideoLAN 08.03.2012 2.0.0 UNBEKANNT
VPlus User Interface BONFIGLIOLI Vectron GmbH 22.07.2008 11,60MB 3.03 NOTWENDIG
vrt-disk 2006 ECA 05.07.2012 1.04.0000 NOTWENDIG
WIDCOMM Bluetooth Software WIDCOMM, Inc. 31.10.2012 17,99MB 5.5.0.3200 NOTWENDIG
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) FTDI 10.06.2010 03/13/2008 2.04.06 NOTWENDIG
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) FTDI 10.06.2010 03/13/2008 2.04.06 NOTWENDIG
Windows Search 4.0 Microsoft Corporation 04.04.2011 04.00.6001.503 UNBEKANNT
WinRAR 03.11.2010 NOTWENDIG
WorldCAT®-3D-Designer 08.09.2011 UNNOETIG

mfg HS77

Alt 15.12.2012, 14:27   #13
markusg
/// Malware-holic
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



Hi,
deinstaliere:
Adobe Dreamweaver
Adobe Reader
neueste version laden
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok


deinstaliere:
Arts & Letters
Farnell
Festo
FlukeView : beide
Freeware.de
Google Earth
HEROLD
Java
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
Lernout
SAT 100
WorldCAT®
Öffne CCleaner, analysieren, starten, PC neustarten.
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste
    mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.12.2012, 14:42   #14
markusg
/// Malware-holic
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



edit: Doppelpost
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.12.2012, 11:17   #15
hs77
 
Ich habe mir den Polizei Virus eingefangen. - Standard

Ich habe mir den Polizei Virus eingefangen.



Hallo
Hier der Log vom AdwCleaner:

# AdwCleaner v2.101 - Datei am 19/12/2012 um 10:49:04 erstellt
# Aktualisiert am 16/12/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : E W - EW
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\E W\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Dokumente und Einstellungen\E W\Desktop\sweetpcfix.url
Ordner Gefunden : C:\Programme\Conduit

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Web-Suche
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\SweetIM
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2736476
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Schlüssel Gefunden : HKLM\Software\SweetIM
Schlüssel Gefunden : HKU\S-1-5-21-2669302297-1654253177-847386435-1004\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.18702

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.26010003&st=12&barid={03020337-18FB-4E8D-9887-8C346B8D98A0}

*************************

AdwCleaner[R1].txt - [1739 octets] - [19/12/2012 10:49:04]

########## EOF - C:\AdwCleaner[R1].txt - [1799 octets] ##########

mfg HS77

Antwort

Themen zu Ich habe mir den Polizei Virus eingefangen.
administrator, aktion, anti, anti-malware, autostart, dateien, dokumente, eingefangen, explorer, gen, kaspersky, lsass.exe, malware, microsoft, minute, registrierung, security, service, service pack 3, software, speicher, version, vieren, virus, win




Ähnliche Themen: Ich habe mir den Polizei Virus eingefangen.


  1. Habe ich mir einen Virus eingefangen? Was nun?
    Antiviren-, Firewall- und andere Schutzprogramme - 25.09.2014 (3)
  2. Windows 7, Polizei Virus mit Firefox eingefangen
    Log-Analyse und Auswertung - 14.01.2014 (12)
  3. Ich habe 2 DllHost.exe Prozesse, Habe ich mir einen Virus eingefangen?
    Log-Analyse und Auswertung - 29.08.2013 (9)
  4. Habe mir auch den Bundespolizei Virus eingefangen
    Log-Analyse und Auswertung - 03.05.2013 (16)
  5. Polizei Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 19.03.2013 (13)
  6. Polizei Virus Österreich eingefangen
    Log-Analyse und Auswertung - 15.12.2012 (13)
  7. Polizei-Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (12)
  8. polizei-virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 15.10.2012 (13)
  9. Habe mir den Polizei-Virus eingefangen, bitte um Hilfe beim Beseitigen
    Plagegeister aller Art und deren Bekämpfung - 29.09.2012 (6)
  10. Ukash Polizei Virus eingefangen.
    Plagegeister aller Art und deren Bekämpfung - 19.09.2012 (29)
  11. Habe mir Österreich-Version des Polizei-Trojaners eingefangen
    Plagegeister aller Art und deren Bekämpfung - 06.08.2012 (20)
  12. Ich habe mir einen Redirect Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 21.04.2012 (17)
  13. Habe ich mir einen Virus eingefangen ?
    Plagegeister aller Art und deren Bekämpfung - 14.02.2012 (1)
  14. Ich habe mir den 50€ virus eingefangen (habe OTL.txt und Extra.txt
    Log-Analyse und Auswertung - 09.01.2012 (1)
  15. Habe mir einen Virus eingefangen!
    Log-Analyse und Auswertung - 04.09.2008 (1)
  16. Ich habe mir wieder einen Virus eingefangen:-(
    Log-Analyse und Auswertung - 21.07.2008 (1)
  17. Habe mir Virus oder Spyware eingefangen
    Log-Analyse und Auswertung - 31.12.2005 (5)

Zum Thema Ich habe mir den Polizei Virus eingefangen. - Ich habe mir den Polizei Virus eingefangen. Habe den Pc mit Kaspersky Win Unlooker feigeschallten. Und habe den PC mit Anti Malware untersucht. Hier der Log. Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org - Ich habe mir den Polizei Virus eingefangen....
Archiv
Du betrachtest: Ich habe mir den Polizei Virus eingefangen. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.