Kasperskay meldet "Gefunden: HEUR: Exploit.Java.CVE-2012-0507.gen"

hrbg · 27.03.2013, 13:03

Hallo, seit 2 Tagen meldet Kasperky auf meinem Laptop einen Virenfund.
Das Virus lässt sich nicht isolieren. Scheint etwas Schwierigeres zu sein....
Kann mir jemand helfen?

Wichtiger Hinweis:
Malwarebytes hat von früheren Suchläufen in Quarantäne (Sreenshot "Malwarebytes.pdf" als Dateianhang):
PUP.OfferBundler.ST
PUP.AdBundle
PUP.Bundleinstaller.IB
Backdoor.Cycbot.Gen
Trojan.Downloader
Kann ich die Kameraden einfach löschen?????

Die erbetenen Protokolle EXTRAS.txt und GMER.txt musste sich leider als Archiv anhängen, weil das Protokoll OLT.txt zu groß war.
Umgekehrt war OLT.txt zur groß, um es als Datei anzuhängen.

Hier das OLT-Protokoll:
OTL logfile created on: 26.03.2013 16:28:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HBG\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,99 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 57,70% Memory free
4,22 Gb Paging File | 2,81 Gb Available in Paging File | 66,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 89,43 Gb Total Space | 8,16 Gb Free Space | 9,13% Space Free | Partition Type: NTFS
Drive D: | 52,78 Gb Total Space | 39,44 Gb Free Space | 74,73% Space Free | Partition Type: NTFS
Drive E: | 411,08 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: HBG-MOBIL | User Name: HBG | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.03.26 16:21:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HBG\Downloads\OTL.exe
PRC - [2013.03.23 09:23:41 | 001,104,280 | ---- | M] (Spotify Ltd) -- C:\Users\HBG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.02.04 17:21:34 | 001,513,536 | ---- | M] (1und1 Mail und Media GmbH) -- C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.01 11:41:13 | 003,491,792 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2012.10.31 15:39:09 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2012.06.28 20:49:22 | 001,173,712 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2012.06.28 20:48:10 | 005,924,712 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
PRC - [2012.06.28 20:47:22 | 000,821,584 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2012.06.28 20:47:12 | 000,403,688 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2012.06.28 20:46:30 | 005,993,216 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2012.04.09 17:43:42 | 001,557,160 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011.10.03 10:10:12 | 000,189,760 | ---- | M] (Solid Documents, LLC) -- C:\Windows\Installer\MSIB24E.tmp
PRC - [2011.09.13 09:16:10 | 000,510,920 | ---- | M] () -- C:\Users\HBG\ALDITALKVerbindungsassistent_Launcher.exe
PRC - [2011.09.13 09:16:04 | 000,342,984 | ---- | M] () -- C:\Users\HBG\ALDITALKVerbindungsassistent_Service.exe
PRC - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009.09.06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () -- C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
PRC - [2008.01.19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006.12.07 18:51:04 | 001,143,152 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Net4Switch\Net4Switch.exe

========== Modules (No Company Name) ==========

MOD - [2012.06.28 20:46:10 | 013,005,184 | ---- | M] () -- C:\Program Files\Acronis\TrueImageHome\Common\ti_managers.dll
MOD - [2012.06.28 17:34:28 | 000,018,816 | ---- | M] () -- C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
MOD - [2011.09.13 09:16:10 | 000,510,920 | ---- | M] () -- C:\Users\HBG\ALDITALKVerbindungsassistent_Launcher.exe
MOD - [2011.04.24 22:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
MOD - [2011.04.24 22:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
MOD - [2011.04.24 22:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
MOD - [2011.04.24 22:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
MOD - [2011.04.24 22:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
MOD - [2011.04.24 22:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
MOD - [2011.04.20 18:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
MOD - [2006.12.09 21:47:40 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswui.dll
MOD - [2006.12.09 17:34:36 | 000,139,264 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipsw_cfgmgr.dll
MOD - [2006.12.07 18:42:48 | 000,188,416 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswsysmon.dll
MOD - [2006.12.07 18:41:10 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswresmgr.dll
MOD - [2006.12.07 18:41:02 | 000,204,800 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswcore.dll
MOD - [2006.12.07 17:29:06 | 000,007,168 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\iphelper.dll
MOD - [2006.12.07 00:55:32 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswhlp.dll
MOD - [2006.12.07 00:55:22 | 000,086,016 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswds.dll
MOD - [2006.12.07 00:42:26 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\cxcmrt.dll
MOD - [2006.11.21 22:15:32 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswgblset.dll
MOD - [2006.11.21 22:15:20 | 000,086,016 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswobj.dll
MOD - [2006.11.17 18:17:46 | 000,049,152 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\LogonStartup.dll
MOD - [2006.09.22 21:50:40 | 000,049,152 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ResItf.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (ccSetMgr)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (ccEvtMgr)
SRV - [2013.03.13 16:37:49 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.08 09:32:13 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.01 11:41:13 | 003,491,792 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012.11.13 14:34:46 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.10.31 15:39:09 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2012.06.28 20:48:10 | 005,924,712 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2012.06.28 20:47:22 | 000,821,584 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.10.03 10:10:12 | 000,189,760 | ---- | M] (Solid Documents, LLC) [Auto | Running] -- C:\Windows\Installer\MSIB24E.tmp -- (SCPDFReadSpool)
SRV - [2011.09.13 09:16:04 | 000,342,984 | ---- | M] () [Auto | Running] -- C:\Users\HBG\ALDITALKVerbindungsassistent_Service.exe -- (ALDITALKVerbindungsassistent_Service)
SRV - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.09.06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.01.22 18:35:52 | 000,103,808 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007.03.26 19:43:02 | 000,864,816 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007.02.06 02:13:14 | 000,094,208 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\ipswuio.sys -- (ipswuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013.02.06 13:19:14 | 001,690,784 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rt2870.sys -- (rt2870)
DRV - [2012.12.15 09:02:52 | 000,116,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2012.12.15 09:02:52 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2012.12.01 11:41:19 | 000,234,752 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2012.12.01 11:40:49 | 000,775,232 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2012.12.01 11:40:38 | 000,614,592 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2012.12.01 11:38:55 | 000,126,880 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vididr.sys -- (vididr)
DRV - [2012.12.01 11:38:50 | 000,086,496 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vsflt67.sys -- (vidsflt67)
DRV - [2012.06.07 15:00:55 | 000,177,600 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2012.06.07 15:00:53 | 000,080,416 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fltsrv.sys -- (fltsrv)
DRV - [2011.06.08 14:20:17 | 000,570,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011.03.10 17:36:18 | 000,023,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2011.03.04 12:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2011.03.04 12:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2011.02.14 02:42:36 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2011.02.14 02:42:34 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2011.02.14 02:42:32 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009.11.02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.09.05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.06.22 19:26:06 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2007.09.23 19:55:01 | 000,109,744 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007.08.03 05:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.03.26 19:43:00 | 000,039,472 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007.03.26 19:42:58 | 000,016,304 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\Windows\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2007.03.26 19:42:56 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007.03.26 19:42:44 | 000,108,592 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007.01.23 04:00:59 | 000,050,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.12.14 17:41:05 | 000,185,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2006.12.14 17:41:05 | 000,026,384 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2006.12.14 17:40:53 | 000,275,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2006.12.14 17:40:53 | 000,024,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2006.12.14 17:40:51 | 000,245,880 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2006.12.14 17:38:35 | 000,831,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVEX15.SYS -- (NAVEX15)
DRV - [2006.12.14 17:38:33 | 000,079,240 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVENG.SYS -- (NAVENG)
DRV - [2006.12.14 17:34:33 | 000,202,872 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20061025.029\IDSvix86.sys -- (IDSvix86)
DRV - [2006.12.14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.14 12:42:45 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.11.02 10:50:17 | 000,041,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2006.11.02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006.11.02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006.10.14 04:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2005.05.26 17:19:18 | 000,839,724 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\HBG\Documents
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.web.de/tb/ie_startpage
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {424E1B9E-FD14-4112-A912-CA8330CF5A86}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=4312_7&babsrc=SP_ss&mntrId=fa94a7ac0000000000000015af393853
IE - HKCU\..\SearchScopes\{1F03280F-5D22-4C49-8AC1-48F7928C4988}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=MGX&o=15359&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=JQ&apn_dtid=YYYYYYYYDE&apn_uid=1F133E18-9A44-485B-A608-A3972477F9B8&apn_sauid=BAC84ABF-A12A-4184-A87E-48C15560DDB8
IE - HKCU\..\SearchScopes\{424E1B9E-FD14-4112-A912-CA8330CF5A86}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{8990CAE6-534B-402C-92B8-80EB5E51F484}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{8B3AB5A0-D576-44AF-8753-1B6515CE9F60}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
IE - HKCU\..\SearchScopes\{C61671AD-48CD-4BDD-B37B-77D7DA791967}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49354

========== FireFox ==========

FF - prefs.js..CT3241949.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT3241949&SearchSource=13"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3241949&SearchSource=2&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.10.31 15:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.10.31 15:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.10.31 15:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 09:32:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.08 09:31:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 09:32:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.08 09:31:58 | 000,000,000 | ---D | M]

[2010.03.26 19:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HBG\AppData\Roaming\mozilla\Extensions
[2012.11.22 12:39:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HBG\AppData\Roaming\mozilla\Firefox\Profiles\th4710u9.default-1343061943453\extensions
[2012.11.24 20:05:53 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\HBG\AppData\Roaming\mozilla\Firefox\Profiles\th4710u9.default-1343061943453\extensions\toolbar@ask.com
[2011.12.28 11:39:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HBG\AppData\Roaming\mozilla\Firefox\Profiles\yp55qh8v.default\extensions
[2011.05.17 13:12:44 | 000,002,333 | ---- | M] () -- C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\searchplugins\askcom.xml
[2012.10.28 18:51:27 | 000,001,034 | ---- | M] () -- C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\searchplugins\fileconverter-13-customized-web-search.xml
[2013.03.08 09:31:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013.03.08 09:31:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\ffxtlbr@babylon.com
[2013.03.08 09:31:50 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\mozilla firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
[2013.03.08 09:31:51 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak2
[2013.03.08 09:32:14 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.01.23 11:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2013.01.19 13:11:59 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.19 13:11:59 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.01.19 13:11:59 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.19 13:11:59 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.19 13:11:59 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.19 13:11:59 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: hxxp://search.babylon.com/?affID=109958&tt=4312_7&babsrc=HP_ss&mntrId=fa94a7ac0000000000000015af393853
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.6 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: YouTube = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Google Mail = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WEB.DE MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (WEB.DE MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\HBG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\HBG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Run Context - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O8 - Extra context menu item: Run Word Explorer - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O9 - Extra Button: Run Word Explorer - {26231800-6CE9-43d8-9357-5B4DC8CF4561} - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O9 - Extra 'Tools' menuitem : Run Word Explorer - {26231800-6CE9-43d8-9357-5B4DC8CF4561} - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33C356C5-CCE1-4246-BE34-213C78FA0A21}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F952BDE-BBE5-44EB-9339-036F116C8410}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{07f0cb47-d153-11df-b568-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{07f0cb47-d153-11df-b568-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{0f5af784-83bf-11df-8c66-ebd6765066d3}\Shell - "" = AutoRun
O33 - MountPoints2\{0f5af784-83bf-11df-8c66-ebd6765066d3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{0f5af789-83bf-11df-8c66-ebd6765066d3}\Shell - "" = AutoRun
O33 - MountPoints2\{0f5af789-83bf-11df-8c66-ebd6765066d3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{17e7ea36-abab-11df-95a9-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{17e7ea36-abab-11df-95a9-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{17e7ea38-abab-11df-95a9-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{17e7ea38-abab-11df-95a9-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2433ca01-1b2f-11e1-b7ea-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{2433ca01-1b2f-11e1-b7ea-001d60a340fb}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\index.html
O33 - MountPoints2\{2545fd65-39e7-11df-9983-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{2545fd65-39e7-11df-9983-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2545fd86-39e7-11df-9983-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{2545fd86-39e7-11df-9983-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3af65f3c-6da7-11e1-8a01-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{3af65f3c-6da7-11e1-8a01-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3af65f6a-6da7-11e1-8a01-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{3af65f6a-6da7-11e1-8a01-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{415399cd-4641-11e2-a144-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{415399cd-4641-11e2-a144-001d60a340fb}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{4434fc81-3df6-11df-8ca1-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4434fc81-3df6-11df-8ca1-001d60a340fb}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4434fc83-3df6-11df-8ca1-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4434fc83-3df6-11df-8ca1-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4434fd27-3df6-11df-8ca1-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4434fd27-3df6-11df-8ca1-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4e98ae26-8d11-11e0-9d9d-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4e98ae26-8d11-11e0-9d9d-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4e98ae29-8d11-11e0-9d9d-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4e98ae29-8d11-11e0-9d9d-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{59f07131-65e4-11e1-8f98-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{59f07131-65e4-11e1-8f98-001e101f8924}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6d1fcbe0-7fbd-11e1-9b14-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{6d1fcbe0-7fbd-11e1-9b14-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{780cc5fe-3606-11e1-a299-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{780cc5fe-3606-11e1-a299-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{780cc613-3606-11e1-a299-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{780cc613-3606-11e1-a299-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{7a3f1380-45d0-11e2-a4f8-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{7a3f1380-45d0-11e2-a4f8-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7ca3d0e8-458c-11df-8363-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{7ca3d0e8-458c-11df-8363-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8ddcb8f0-6a2b-11e1-9426-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{8ddcb8f0-6a2b-11e1-9426-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbd9f2-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbd9f2-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbda21-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda21-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbda25-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda25-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbda32-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda32-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{92dbda33-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda33-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9d7bb166-a895-11e1-b9f3-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{9d7bb166-a895-11e1-b9f3-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b478a478-51bc-11e1-85e2-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{b478a478-51bc-11e1-85e2-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b7ca19cb-69f6-11e1-ac62-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{b7ca19cb-69f6-11e1-ac62-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d0f4e335-3c94-11df-9ca7-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{d0f4e335-3c94-11df-9ca7-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d0f4e3ad-3c94-11df-9ca7-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{d0f4e3ad-3c94-11df-9ca7-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e6a0422c-514a-11df-ad24-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{e6a0422c-514a-11df-ad24-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f17ccf21-4689-11e2-b672-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{f17ccf21-4689-11e2-b672-001d60a340fb}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{f17ccf60-4689-11e2-b672-001e101f2b52}\Shell - "" = AutoRun
O33 - MountPoints2\{f17ccf60-4689-11e2-b672-001e101f2b52}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{fa6d3f02-f33c-11e1-8ff6-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{fa6d3f02-f33c-11e1-8ff6-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fd427367-6374-11e1-aeda-001e101f21c1}\Shell - "" = AutoRun
O33 - MountPoints2\{fd427367-6374-11e1-aeda-001e101f21c1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.03.22 22:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.03.16 14:20:45 | 000,000,000 | ---D | C] -- C:\Users\HBG\Documents\Bianka
[2013.03.15 10:21:29 | 000,000,000 | ---D | C] -- C:\Users\HBG\Documents\PAYBACK_gUTSCHEIN-bis1204-Dateien
[2013.03.08 18:37:02 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Local\Spotify
[2013.03.08 18:31:58 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Roaming\Spotify
[2013.03.08 17:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\UUdb
[2013.03.08 17:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\1und1Softwareaktualisierung
[2013.03.08 17:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck
[2013.03.08 17:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\1&1 Mail & Media GmbH
[2013.03.08 17:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\WEB.DE MailCheck
[2013.03.08 16:56:55 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Local\Apps
[2013.03.08 16:56:54 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Local\Deployment
[2013.03.08 09:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.03.05 10:48:49 | 000,000,000 | ---D | C] -- C:\Users\HBG\Documents\HausFrechenAnDerVogtei48
[2012.12.15 00:13:17 | 000,535,496 | ---- | C] (WebToGo Mobiles Internet GmbH) -- C:\Users\HBG\ALDITALKVerbindungsassistent_SMSMMS.exe
[2012.12.15 00:13:16 | 000,495,616 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGAlerts.dll
[2012.12.15 00:13:16 | 000,401,462 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcp60.dll
[2012.12.15 00:13:16 | 000,286,773 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcrt.dll
[2012.12.15 00:13:16 | 000,237,568 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGSoapUtil.dll
[2012.12.15 00:13:16 | 000,233,472 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGHandOver.dll
[2012.12.15 00:13:16 | 000,208,896 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGHuaweiNDISUtil.dll
[2012.12.15 00:13:16 | 000,102,400 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Users\HBG\Del_CD_ROM.exe
[2012.12.15 00:13:15 | 000,925,696 | ---- | C] (WebToGo) -- C:\Users\HBG\WtgWiFiCore.dll
[2012.12.15 00:13:15 | 000,780,024 | ---- | C] (QUALCOMM, Inc.) -- C:\Users\HBG\QCWWAN2k.dll
[2012.12.15 00:13:15 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcr71.dll
[2012.12.15 00:13:15 | 000,090,112 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WtgWiFiVista.dll
[2012.12.15 00:13:14 | 001,093,120 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfc80u.dll
[2012.12.15 00:13:14 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcr80.dll
[2012.12.15 00:13:14 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcp80.dll
[2012.12.15 00:13:14 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcm80.dll
[2012.12.15 00:13:14 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfcm80.dll
[2012.12.15 00:13:14 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfcm80u.dll
[2012.12.15 00:13:13 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfc80.dll
[2012.12.15 00:13:13 | 000,057,344 | ---- | C] (WinAbility® Software Corporation) -- C:\Users\HBG\VistaLib32.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.03.26 16:33:01 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.26 15:37:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.26 15:06:00 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.26 15:06:00 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.26 15:05:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.26 12:01:04 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.26 11:11:53 | 000,000,000 | ---- | M] () -- C:\Users\HBG\defogger_reenable
[2013.03.26 10:20:34 | 2138,365,952 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.25 22:58:24 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.03.25 18:22:50 | 000,000,224 | ---- | M] () -- C:\Windows\tasks\ARO 2012.job
[2013.03.18 19:35:14 | 000,045,312 | ---- | M] () -- C:\Users\HBG\Documents\BBK_2410_1_zusammenstellung_aufwendungen_20130319.pdf
[2013.03.18 19:35:12 | 000,000,059 | ---- | M] () -- C:\Windows\wpd99.drv
[2013.03.17 18:41:39 | 000,642,970 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.03.17 18:41:39 | 000,607,918 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.17 18:41:39 | 000,132,284 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.03.17 18:41:39 | 000,109,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.03.16 17:20:00 | 000,306,313 | ---- | M] () -- C:\Users\HBG\Documents\Vorschlag.PDF
[2013.03.15 20:43:30 | 000,001,750 | ---- | M] () -- C:\Users\HBG\Desktop\Spotify.lnk
[2013.03.15 14:03:33 | 000,089,434 | ---- | M] () -- C:\Users\HBG\Documents\EVA_Terminanfrage_Filmdigitalisieren_Groupon.pdf
[2013.03.15 10:21:29 | 000,008,154 | ---- | M] () -- C:\Users\HBG\Documents\PAYBACK_gUTSCHEIN-bis1204.htm
[2013.03.12 19:39:05 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.08 17:03:59 | 000,001,906 | ---- | M] () -- C:\Users\HBG\Desktop\Amazon.lnk
[2013.03.08 17:03:59 | 000,001,904 | ---- | M] () -- C:\Users\HBG\Desktop\WEB.DE.lnk
[2013.03.08 17:03:59 | 000,001,898 | ---- | M] () -- C:\Users\HBG\Desktop\eBay.lnk
[2013.02.26 19:07:58 | 000,063,322 | ---- | M] () -- C:\Users\HBG\Documents\Roller Reklamation.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.03.26 11:11:53 | 000,000,000 | ---- | C] () -- C:\Users\HBG\defogger_reenable
[2013.03.18 19:35:11 | 000,045,312 | ---- | C] () -- C:\Users\HBG\Documents\BBK_2410_1_zusammenstellung_aufwendungen_20130319.pdf
[2013.03.16 17:20:00 | 000,306,313 | ---- | C] () -- C:\Users\HBG\Documents\Vorschlag.PDF
[2013.03.15 14:03:30 | 000,089,434 | ---- | C] () -- C:\Users\HBG\Documents\EVA_Terminanfrage_Filmdigitalisieren_Groupon.pdf
[2013.03.15 10:21:27 | 000,008,154 | ---- | C] () -- C:\Users\HBG\Documents\PAYBACK_gUTSCHEIN-bis1204.htm
[2013.03.08 18:37:00 | 000,001,750 | ---- | C] () -- C:\Users\HBG\Desktop\Spotify.lnk
[2013.03.08 18:37:00 | 000,001,694 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2013.03.08 17:03:59 | 000,001,906 | ---- | C] () -- C:\Users\HBG\Desktop\Amazon.lnk
[2013.03.08 17:03:59 | 000,001,904 | ---- | C] () -- C:\Users\HBG\Desktop\WEB.DE.lnk
[2013.03.08 17:03:59 | 000,001,898 | ---- | C] () -- C:\Users\HBG\Desktop\eBay.lnk
[2013.02.26 19:07:53 | 000,063,322 | ---- | C] () -- C:\Users\HBG\Documents\Roller Reklamation.pdf
[2013.02.19 13:37:24 | 000,002,151 | ---- | C] () -- C:\Users\HBG\.recently-used.xbel
[2013.02.11 23:51:54 | 000,042,214 | ---- | C] () -- C:\Users\HBG\20130209_165604.jpg
[2013.01.15 17:49:48 | 000,014,172 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2012.12.15 00:13:20 | 000,158,664 | ---- | C] () -- C:\Users\HBG\Huaweiregcleaner.exe
[2012.12.15 00:13:20 | 000,079,436 | ---- | C] () -- C:\Users\HBG\billing_sms.wav
[2012.12.15 00:13:20 | 000,007,994 | ---- | C] () -- C:\Users\HBG\Responses.xml
[2012.12.15 00:13:20 | 000,002,815 | ---- | C] () -- C:\Users\HBG\network_wifi_disconnect.html
[2012.12.15 00:13:20 | 000,002,750 | ---- | C] () -- C:\Users\HBG\network.html
[2012.12.15 00:13:20 | 000,002,026 | ---- | C] () -- C:\Users\HBG\network_available.html
[2012.12.15 00:13:20 | 000,002,024 | ---- | C] () -- C:\Users\HBG\3Gnetwork_available.html
[2012.12.15 00:13:20 | 000,001,887 | ---- | C] () -- C:\Users\HBG\threshold_cut.html
[2012.12.15 00:13:20 | 000,001,834 | ---- | C] () -- C:\Users\HBG\general_sms.html
[2012.12.15 00:13:20 | 000,001,670 | ---- | C] () -- C:\Users\HBG\error.xml
[2012.12.15 00:13:20 | 000,001,490 | ---- | C] () -- C:\Users\HBG\WAPConfig.xml
[2012.12.15 00:13:20 | 000,001,205 | ---- | C] () -- C:\Users\HBG\info.html
[2012.12.15 00:13:20 | 000,001,201 | ---- | C] () -- C:\Users\HBG\error.html
[2012.12.15 00:13:20 | 000,001,153 | ---- | C] () -- C:\Users\HBG\ads.html
[2012.12.15 00:13:20 | 000,001,124 | ---- | C] () -- C:\Users\HBG\threshold.html
[2012.12.15 00:13:20 | 000,001,122 | ---- | C] () -- C:\Users\HBG\billing_sms.html
[2012.12.15 00:13:20 | 000,001,086 | ---- | C] () -- C:\Users\HBG\plain.html
[2012.12.15 00:13:20 | 000,001,074 | ---- | C] () -- C:\Users\HBG\brand_sms.html
[2012.12.15 00:13:20 | 000,000,983 | ---- | C] () -- C:\Users\HBG\img_ads.html
[2012.12.15 00:13:20 | 000,000,809 | ---- | C] () -- C:\Users\HBG\configMedion.ini
[2012.12.15 00:13:20 | 000,000,038 | ---- | C] () -- C:\Users\HBG\runOnConnect.ini
[2012.12.15 00:13:17 | 000,510,920 | ---- | C] () -- C:\Users\HBG\ALDITALKVerbindungsassistent_Launcher.exe
[2012.12.15 00:13:17 | 000,342,984 | ---- | C] () -- C:\Users\HBG\ALDITALKVerbindungsassistent_Service.exe
[2012.12.15 00:13:17 | 000,281,544 | ---- | C] () -- C:\Users\HBG\OSU.exe
[2012.12.15 00:13:17 | 000,074,884 | ---- | C] () -- C:\Users\HBG\Images_Medion_Asst.xml
[2012.12.15 00:13:17 | 000,038,190 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Asst_0007.xml
[2012.12.15 00:13:17 | 000,027,353 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Asst_0007.xml
[2012.12.15 00:13:17 | 000,018,939 | ---- | C] () -- C:\Users\HBG\Help_Medion_0007.chm
[2012.12.15 00:13:17 | 000,009,288 | ---- | C] () -- C:\Users\HBG\Controls_Medion_SMSMMS_0007.xml
[2012.12.15 00:13:17 | 000,008,734 | ---- | C] () -- C:\Users\HBG\Images_Medion_Upgrader.xml
[2012.12.15 00:13:17 | 000,008,376 | ---- | C] () -- C:\Users\HBG\Images_Medion_SMSMMS.xml
[2012.12.15 00:13:17 | 000,007,342 | ---- | C] () -- C:\Users\HBG\Images_Medion_Uninstaller.xml
[2012.12.15 00:13:17 | 000,006,471 | ---- | C] () -- C:\Users\HBG\Strings_Medion_SMSMMS_0007.xml
[2012.12.15 00:13:17 | 000,006,149 | ---- | C] () -- C:\Users\HBG\Eula_Medion_0007.htm
[2012.12.15 00:13:17 | 000,006,069 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Upgrader_0007.xml
[2012.12.15 00:13:17 | 000,005,190 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Address_0007.xml
[2012.12.15 00:13:17 | 000,002,679 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Address_0007.xml
[2012.12.15 00:13:17 | 000,002,568 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Uninstaller_0007.xml
[2012.12.15 00:13:17 | 000,002,486 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Upgrader_0007.xml
[2012.12.15 00:13:17 | 000,002,037 | ---- | C] () -- C:\Users\HBG\Offers_Medion_0007.xml
[2012.12.15 00:13:17 | 000,001,718 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Uninstaller_0007.xml
[2012.12.15 00:13:17 | 000,000,282 | ---- | C] () -- C:\Users\HBG\Images_Medion_Address.xml
[2012.12.15 00:13:16 | 001,633,224 | ---- | C] () -- C:\Users\HBG\ALDITALKVerbindungsassistent.exe
[2012.12.15 00:13:16 | 001,097,728 | ---- | C] () -- C:\Users\HBG\NDISAPI.dll
[2012.12.15 00:13:16 | 000,606,208 | ---- | C] () -- C:\Users\HBG\WTGXMLUtil.dll
[2012.12.15 00:13:16 | 000,043,976 | ---- | C] () -- C:\Users\HBG\InstallWTGService.exe
[2012.12.15 00:13:16 | 000,001,817 | ---- | C] () -- C:\Users\HBG\config.ini
[2012.12.15 00:13:16 | 000,001,597 | ---- | C] () -- C:\Users\HBG\KD.xml
[2012.12.15 00:13:16 | 000,000,991 | ---- | C] () -- C:\Users\HBG\bn.xml
[2012.12.15 00:13:15 | 000,294,912 | ---- | C] () -- C:\Users\HBG\WTGSMSPCClient.dll
[2012.12.15 00:13:15 | 000,204,800 | ---- | C] () -- C:\Users\HBG\LiveBoxCM.dll
[2012.12.15 00:13:15 | 000,126,976 | ---- | C] () -- C:\Users\HBG\WtgWiFi.dll
[2012.12.15 00:13:14 | 000,883,656 | ---- | C] () -- C:\Users\HBG\Setup.exe
[2012.12.15 00:13:14 | 000,823,296 | ---- | C] () -- C:\Users\HBG\libeay32.dll
[2012.12.15 00:13:14 | 000,094,274 | ---- | C] () -- C:\Users\HBG\WtgZip.dll
[2012.12.15 00:13:13 | 004,392,468 | ---- | C] () -- C:\Users\HBG\webtogodb.wdb
[2012.12.15 00:13:13 | 000,244,680 | ---- | C] () -- C:\Users\HBG\WTGVistaUtil.exe
[2012.12.15 00:13:13 | 000,106,496 | ---- | C] () -- C:\Users\HBG\WtgUtil.dll
[2012.12.15 00:13:13 | 000,090,112 | ---- | C] () -- C:\Users\HBG\WtgPorts.dll
[2012.12.15 00:13:13 | 000,069,632 | ---- | C] () -- C:\Users\HBG\WTGMMSPCClient.dll
[2012.12.15 00:13:13 | 000,012,288 | ---- | C] () -- C:\Users\HBG\WTGDebugs.dll
[2012.12.15 00:13:12 | 000,565,248 | ---- | C] () -- C:\Users\HBG\WtgCore.dll
[2012.12.15 00:13:12 | 000,306,120 | ---- | C] () -- C:\Users\HBG\Uninstaller.exe
[2012.12.15 00:13:12 | 000,196,608 | ---- | C] () -- C:\Users\HBG\WtgDetection.dll
[2012.12.15 00:13:12 | 000,139,264 | ---- | C] () -- C:\Users\HBG\WtgBluetooth.dll
[2012.12.15 00:13:12 | 000,102,400 | ---- | C] () -- C:\Users\HBG\WtgDatabase.dll
[2012.12.15 00:13:12 | 000,086,016 | ---- | C] () -- C:\Users\HBG\WtgDialup.dll
[2012.12.15 00:13:12 | 000,073,728 | ---- | C] () -- C:\Users\HBG\WtgDriverInstall.dll
[2012.12.15 00:13:12 | 000,012,800 | ---- | C] () -- C:\Users\HBG\WtgDriverInstallX.dll
[2012.10.25 17:28:24 | 000,009,322 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (Windows).EML
[2012.03.07 13:43:06 | 000,021,857 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2011.12.09 20:36:04 | 000,000,045 | RH-- | C] () -- C:\Windows\PAWSETUP.INI
[2011.12.09 20:35:12 | 000,000,306 | ---- | C] () -- C:\Windows\HD.INI
[2011.12.08 12:44:05 | 000,048,690 | ---- | C] () -- C:\Users\HBG\P081211_12.42.jpg
[2011.12.08 12:43:51 | 001,146,711 | ---- | C] () -- C:\Users\HBG\P081211_12.41.jpg
[2011.10.04 22:36:34 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2011.10.03 10:10:21 | 000,027,456 | ---- | C] () -- C:\Windows\System32\solidlocalmon.dll
[2011.10.03 10:10:21 | 000,018,752 | ---- | C] () -- C:\Windows\System32\solidlocalui.dll
[2011.08.06 10:31:29 | 000,068,640 | ---- | C] () -- C:\Windows\unTMV.exe
[2011.07.13 13:27:07 | 000,004,096 | -H-- | C] () -- C:\Users\HBG\AppData\Local\keyfile3.drm
[2011.06.08 14:28:50 | 000,017,408 | ---- | C] () -- C:\Users\HBG\AppData\Local\WebpageIcons.db
[2011.06.08 14:23:54 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011.06.08 14:23:54 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011.06.01 17:40:28 | 000,012,968 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
[2011.06.01 08:09:12 | 000,000,091 | ---- | C] () -- C:\Users\HBG\AppData\Local\fusioncache.dat
[2011.05.31 20:49:18 | 000,000,310 | ---- | C] () -- C:\Windows\ContWin.ini
[2011.05.31 12:58:16 | 000,038,746 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\B8E4.9CB
[2011.05.13 12:06:01 | 000,000,321 | ---- | C] () -- C:\Windows\devk.ini
[2011.05.13 12:06:01 | 000,000,210 | ---- | C] () -- C:\Windows\easap1.ini
[2011.01.28 16:24:04 | 000,012,629 | -H-- | C] () -- C:\Users\HBG\jpeggeri.dat
[2011.01.26 17:08:58 | 000,015,499 | -H-- | C] () -- C:\Users\HBG\ZbThumbnail.info
[2011.01.26 16:58:23 | 001,391,293 | ---- | C] () -- C:\Users\HBG\IMG_0681.JPG
[2011.01.26 16:58:23 | 001,181,975 | ---- | C] () -- C:\Users\HBG\IMG_0682.JPG
[2011.01.26 16:58:23 | 001,152,731 | ---- | C] () -- C:\Users\HBG\IMG_0683.JPG
[2010.06.10 18:00:00 | 000,000,680 | ---- | C] () -- C:\Users\HBG\AppData\Local\d3d9caps.dat
[2010.04.10 20:32:13 | 000,011,264 | ---- | C] () -- C:\Users\HBG\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.28 10:08:08 | 000,000,008 | RH-- | C] () -- C:\Users\HBG\hwid

========== ZeroAccess Check ==========

[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.11.27 10:01:58 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\514AE669-0FC5-419F-87ED-33748D0FD205
[2011.11.26 17:30:01 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\Acronis
[2011.08.20 08:42:08 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\CD-LabelPrint
[2012.12.01 11:41:19 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\D7451E7C-964C-4779-BC13-40A2459226E3
[2013.02.06 12:21:47 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\elsterformular
[2013.02.19 13:37:24 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\gtk-2.0
[2012.12.16 09:27:09 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\HBG
[2012.10.28 18:51:56 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\IrfanView
[2011.06.07 11:00:29 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\Leotpu
[2011.12.08 12:04:42 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\LG Electronics
[2012.11.22 13:13:37 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\MAGIX
[2010.04.03 11:19:48 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\pdf995
[2013.03.02 11:31:57 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\SolidDocuments
[2013.03.25 08:51:00 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\Spotify
[2012.03.13 10:33:47 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\SuperMailer
[2010.11.11 12:32:42 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\TeamViewer
[2013.03.13 20:07:02 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\TVgenial
[2010.03.31 15:09:40 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\Vodafone
[2011.06.08 14:51:00 | 000,000,000 | ---D | M] -- C:\Users\HBG\AppData\Roaming\Zeipk

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 304 bytes -> C:\Users\HBG\Documents\Medion-TV2.jpg:Updt_SummaryInformation
@Alternate Data Stream - 143 bytes -> C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (Windows).EML:OECustomProperty

< End of report >

cosinus · 28.03.2013, 15:14

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

hrbg · 28.03.2013, 17:12

Hallo Cosinus,

zuerst einmal HERZLICHEN DANK, das ihr euch meines Problems annehmt. Ich habe - wie im Board vorgeschlagen - auch Malwarebytes laufen lassen. Malwarebytes hatte aber keine Funde gemeldet:

Malwarebytes Anti-Malware 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.03.26.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
HBG :: HBG-MOBIL [Administrator]

26.03.2013 10:34:57
mbam-log-2013-03-26 (10-34-57).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 233454
Laufzeit: 14 Minute(n), 38 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Gruß hrbg

cosinus · 29.03.2013, 00:00

Du solltest eigentlich noch keine neuen Scans machen, aber ist nicht schlimm, ich wollte im ersten Schritt nur wissen ob du andere Funde eines Virenscanners zu verzeichnen hattest und wenn ja, wollte ich davon die Logs sehen

Außerdem solltest du alle folgenden Logs in CODE-Tags posten, das würde auch ausdrücklich erwähnt und haarklein erklärt wie das geht

hrbg · 29.03.2013, 15:35

Hallo Cosinus,

das Log von Malwarebytes ist vor Eröffnung des Threads erstellt worden.

Die Anweisung bzgl. Code-Tags hatte ich gelesen, dies hatte ich aber bei der Erstellung des Threads vergessen. Sorry, bin halt etwa älter (fast 70). Hatte nur gelesen "Logfiles posten ...".
Wie soll ich nun verfahren? Soll ich die Logs in Code-Tags einbetten, soll ich diesen Thread schließen und nach Anweisung neu eröffnen oder soll ich alles so lassen wie es ist?

Ein (möglicherweise) wichtiger Hinweis ist mir noch eingefallen: In letzter Zeit gab es öfters Probleme mit dem Firewall. Er kam entweder verspätet hoch (mit Kaspersky) oder manchmal auch garnicht (Kaspersky wurde dann auch in der Taskleiste nicht als aktiv angezeigt). In diesen Fällen habe ich einige Minuten gewartet, den Laptop neu gestartet und alles lief wieder rund.

Danke für die Hilfe
hrbg

cosinus · 30.03.2013, 01:24

Zitat:

das Log von Malwarebytes ist vor Eröffnung des Threads erstellt worden.

Das hab ich nicht vergessen. Aber ich fragte nach weiteren Logs bzw. ob du nun wirklich alle mit Funden gepostet hast

hrbg · 31.03.2013, 09:51

Hallo cosinus,

ich habe von kaspersky noch Logs mit positiven Funden eingestellt:

Datei-Anti-Virus

Code:

ATTFilter

Datum: Heute (2)	
6633Ad01	Gepackt: Swf2Swc	30.03.2013 08:26:10	
68BA2d01	Gepackt: Swf2Swc	30.03.2013 08:26:13	
Datum: Gestern (42)	
ECDD0d01	Gepackt: Swf2Swc	29.03.2013 19:11:17	
03461d01	Gepackt: Swf2Swc	29.03.2013 19:10:05	
71EDCd01	Gepackt: Swf2Swc	29.03.2013 19:10:05	
96AC9d01	Gepackt: Swf2Swc	29.03.2013 19:10:05	
7447Dd01	Gepackt: Swf2Swc	29.03.2013 19:09:46	
BC6D5d01	Gepackt: Swf2Swc	29.03.2013 19:08:51	
F071Ad01	Gepackt: Swf2Swc	29.03.2013 19:08:50	
846EDd01	Gepackt: Swf2Swc	29.03.2013 19:08:49	
4A58Fd01	Gepackt: Swf2Swc	29.03.2013 19:08:44	
6B03Ed01	Gepackt: Swf2Swc	29.03.2013 19:08:44	
E49A5d01	Gepackt: Swf2Swc	29.03.2013 19:08:44	
5EBDEd01	Gepackt: Swf2Swc	29.03.2013 19:08:44	
6D5DCd01	Gepackt: Swf2Swc	29.03.2013 19:08:44	
633B7d01	Gepackt: Swf2Swc	29.03.2013 19:08:36	
E3614d01	Gepackt: Swf2Swc	29.03.2013 19:04:02	
0B81Fd01	Gepackt: Swf2Swc	29.03.2013 19:03:43	
6F4A6d01	Gepackt: Swf2Swc	29.03.2013 19:03:34	
6A29Ed01	Gepackt: Swf2Swc	29.03.2013 19:02:08	
E069Bd01	Gepackt: Swf2Swc	29.03.2013 19:02:08	
FCFE6d01	Gepackt: Swf2Swc	29.03.2013 19:01:56	
5193Bd01	Gepackt: Swf2Swc	29.03.2013 19:01:56	
2F13Fd01	Gepackt: Swf2Swc	29.03.2013 16:04:21	
Outlook.pst	Bearbeitungsfehler	29.03.2013 15:29:32	
BEE99d01	Gepackt: Swf2Swc	29.03.2013 15:21:13	
84CBBd01	Gepackt: Swf2Swc	29.03.2013 15:17:25	
8FD5Ad01	Gepackt: Swf2Swc	29.03.2013 15:06:06	
CA753d01	Gepackt: Swf2Swc	29.03.2013 15:03:35	
E3750d01	Gepackt: Swf2Swc	29.03.2013 15:00:04	
83941d01	Gepackt: Swf2Swc	29.03.2013 15:00:03	
046BFd01	Gepackt: Swf2Swc	29.03.2013 14:59:36	
2DC37d01	Gepackt: Swf2Swc	29.03.2013 14:58:37	
5B0D2d01	Gepackt: Swf2Swc	29.03.2013 14:57:55	
539ECd01	Gepackt: Swf2Swc	29.03.2013 14:57:01	
6674Cd01	Gepackt: Swf2Swc	29.03.2013 14:56:41	
4DBA1d01	Gepackt: Swf2Swc	29.03.2013 14:56:33	
E660Fd01	Gepackt: Swf2Swc	29.03.2013 14:56:32	
chart9[1].swf	Gepackt: Swf2Swc	29.03.2013 14:51:30	
chart9[1].swf	Gepackt: Swf2Swc	29.03.2013 14:51:27	
$ObjId	Bearbeitungsfehler	29.03.2013 10:52:43	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	29.03.2013 10:52:39	
Datei-Anti-Virus	Aufgabe wurde gestartet	29.03.2013 09:46:45	
Datei-Anti-Virus	Aufgabe wurde gestartet	29.03.2013 09:09:32	
Datum: Donnerstag (27)	
Datei-Anti-Virus	Aufgabe wurde gestartet	28.03.2013 09:36:53	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	28.03.2013 10:06:21	
$ObjId	Bearbeitungsfehler	28.03.2013 10:06:21	
E2738d01	Gepackt: Swf2Swc	28.03.2013 11:22:23	
adp94xx.sys	Gepackt: PE_Patch	28.03.2013 19:48:30	
adpahci.sys	Gepackt: PE_Patch	28.03.2013 19:48:30	
adpu160m.sys	Gepackt: PE_Patch	28.03.2013 19:48:31	
adpu320.sys	Gepackt: PE_Patch	28.03.2013 19:48:31	
E1G60I32.sys	Gepackt: PE_Patch	28.03.2013 19:48:34	
elxstor.sys	Gepackt: PE_Patch	28.03.2013 19:48:34	
HpCISSs.sys	Gepackt: PE_Patch	28.03.2013 19:48:37	
iirsp.sys	Gepackt: PE_Patch	28.03.2013 19:48:38	
PE_Patch	Gepackt: PE_Patch	28.03.2013 19:48:38	
iteraid.sys	Gepackt: PE_Patch	28.03.2013 19:48:38	
lsi_scsi.sys	Gepackt: PE_Patch	28.03.2013 19:49:43	
megasas.sys	Gepackt: PE_Patch	28.03.2013 19:49:44	
Mraid35x.sys	Gepackt: PE_Patch	28.03.2013 19:49:44	
NETw3v32.sys	Gepackt: PE_Patch	28.03.2013 19:49:45	
nfrd960.sys	Gepackt: PE_Patch	28.03.2013 19:49:45	
NTRIGDIGI.SYS	Gepackt: PE_Patch	28.03.2013 19:49:45	
ql2300.sys	Gepackt: PE_Patch	28.03.2013 19:49:47	
Rtnicxp.sys	Gepackt: PE_Patch	28.03.2013 19:49:48	
symc8xx.sys	Gepackt: PE_Patch	28.03.2013 19:49:49	
sym_hi.sys	Gepackt: PE_Patch	28.03.2013 19:49:50	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	28.03.2013 19:54:29	
AA08Dd01	Gepackt: Swf2Swc	28.03.2013 20:21:38	
$ObjId	Bearbeitungsfehler	28.03.2013 22:36:27	
Datum: Mittwoch (77)	
Datei-Anti-Virus	Aufgabe wurde gestartet	27.03.2013 09:10:12	
D6ABAd01	Gepackt: Swf2Swc	27.03.2013 09:16:00	
01454d01	Gepackt: Swf2Swc	27.03.2013 09:16:23	
65A35d01	Gepackt: Swf2Swc	27.03.2013 09:16:29	
E0803d01	Gepackt: Swf2Swc	27.03.2013 09:16:31	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 09:55:25	
$ObjId	Bearbeitungsfehler	27.03.2013 09:55:27	
Outlook.pst	Bearbeitungsfehler	27.03.2013 10:17:42	
E0803d01	Gepackt: Swf2Swc	27.03.2013 11:38:36	
65A35d01	Gepackt: Swf2Swc	27.03.2013 11:38:36	
046BFd01	Gepackt: Swf2Swc	27.03.2013 11:38:42	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 11:56:38	
$ObjId	Bearbeitungsfehler	27.03.2013 11:56:38	
05692d01	Gepackt: Swf2Swc	27.03.2013 12:01:04	
539ECd01	Gepackt: Swf2Swc	27.03.2013 12:01:05	
E72ABd01	Gepackt: Swf2Swc	27.03.2013 12:01:34	
88CBAd01	Gepackt: Swf2Swc	27.03.2013 12:10:25	
43B02d01	Gepackt: Swf2Swc	27.03.2013 12:10:26	
457ACd01	Gepackt: Swf2Swc	27.03.2013 12:10:26	
193DBd01	Gepackt: Swf2Swc	27.03.2013 12:10:52	
ED33Bd01	Gepackt: Swf2Swc	27.03.2013 12:10:52	
E660Fd01	Gepackt: Swf2Swc	27.03.2013 12:12:24	
E3750d01	Gepackt: Swf2Swc	27.03.2013 12:12:41	
2B509d01	Gepackt: Swf2Swc	27.03.2013 12:12:47	
F5ACCd01	Gepackt: Swf2Swc	27.03.2013 12:12:47	
F8F0Cd01	Gepackt: Swf2Swc	27.03.2013 12:15:05	
OTL.exe	Gepackt: PE_Patch.PECompact	27.03.2013 12:32:49	
PE_Patch.PECompact	Gepackt: PecBundle	27.03.2013 12:32:49	
PecBundle	Gepackt: PECompact	27.03.2013 12:32:50	
gmer_2.1.19155.exe	Gepackt: UPX	27.03.2013 12:54:59	
jxpiinstall(1).exe	Gepackt: UPX	27.03.2013 12:55:00	
2F13Fd01	Gepackt: Swf2Swc	27.03.2013 14:07:44	
OTL.exe	Gepackt: PE_Patch.PECompact	27.03.2013 15:20:32	
PE_Patch.PECompact	Gepackt: PecBundle	27.03.2013 15:20:32	
PecBundle	Gepackt: PECompact	27.03.2013 15:20:32	
gmer_2.1.19155.exe	Gepackt: UPX	27.03.2013 15:23:06	
2F13Fd01	Gepackt: Swf2Swc	27.03.2013 15:34:40	
7DEDEd01	Gepackt: Swf2Swc	27.03.2013 15:36:08	
5193Bd01	Gepackt: Swf2Swc	27.03.2013 15:36:23	
FCFE6d01	Gepackt: Swf2Swc	27.03.2013 15:36:23	
113F0d01	Gepackt: Swf2Swc	27.03.2013 15:36:34	
4C810d01	Gepackt: Swf2Swc	27.03.2013 15:36:34	
B54B6d01	Gepackt: Swf2Swc	27.03.2013 15:37:24	
E660Fd01	Gepackt: Swf2Swc	27.03.2013 15:38:09	
05CBCd01	Gepackt: Swf2Swc	27.03.2013 15:38:30	
E72ABd01	Gepackt: Swf2Swc	27.03.2013 15:39:28	
30D7Cd01	Gepackt: Swf2Swc	27.03.2013 15:39:31	
E3750d01	Gepackt: Swf2Swc	27.03.2013 15:39:57	
F5415d01	Gepackt: Swf2Swc	27.03.2013 15:40:01	
E2738d01	Gepackt: Swf2Swc	27.03.2013 15:41:45	
ED33Bd01	Gepackt: Swf2Swc	27.03.2013 15:47:47	
6BFEEd01	Gepackt: Swf2Swc	27.03.2013 15:48:02	
EFDE0d01	Gepackt: Swf2Swc	27.03.2013 15:48:17	
5B49Fd01	Gepackt: Swf2Swc	27.03.2013 15:48:17	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 16:41:52	
$ObjId	Bearbeitungsfehler	27.03.2013 16:41:57	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 17:07:04	
$ObjId	Bearbeitungsfehler	27.03.2013 17:53:36	
E660Fd01	Gepackt: Swf2Swc	27.03.2013 18:11:00	
ED33Bd01	Gepackt: Swf2Swc	27.03.2013 18:42:25	
E3750d01	Gepackt: Swf2Swc	27.03.2013 18:44:00	
7BAA7d01	Gepackt: Swf2Swc	27.03.2013 18:44:02	
C8C37d01	Gepackt: Swf2Swc	27.03.2013 18:45:19	
59BF6d01	Gepackt: Swf2Swc	27.03.2013 18:45:30	
6F4A6d01	Gepackt: Swf2Swc	27.03.2013 18:46:48	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 18:53:43	
$ObjId	Bearbeitungsfehler	27.03.2013 18:53:43	
B54B6d01	Gepackt: Swf2Swc	27.03.2013 19:04:15	
8EB80d01	Gepackt: Swf2Swc	27.03.2013 19:04:17	
AFF99d01	Gepackt: Swf2Swc	27.03.2013 19:04:34	
$ObjId	Bearbeitungsfehler	27.03.2013 20:08:47	
OTL.exe	Gepackt: PE_Patch.PECompact	27.03.2013 21:10:17	
PE_Patch.PECompact	Gepackt: PecBundle	27.03.2013 21:10:18	
PecBundle	Gepackt: PECompact	27.03.2013 21:10:19	
gmer_2.1.19155.exe	Gepackt: UPX	27.03.2013 21:18:58	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 21:43:23	
E2738d01	Gepackt: Swf2Swc	27.03.2013 21:44:44	
Datum: Dienstag (96)	
Datei-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 09:05:45	
wlanapi.dll	Gepackt: PE_Patch.Stolen	26.03.2013 09:06:10	
05F5Ad01	Gepackt: Swf2Swc	26.03.2013 09:28:24	
1E4C8d01	Gepackt: Swf2Swc	26.03.2013 09:41:16	
9FDCEd01	Gepackt: Swf2Swc	26.03.2013 09:45:16	
FDB71d01	Gepackt: Swf2Swc	26.03.2013 09:45:49	
MLSHEXT.DLL	Bearbeitungsfehler	26.03.2013 10:14:11	
Shows Desktop.lnk	Bearbeitungsfehler	26.03.2013 10:14:11	
MLSHEXT.DLL	Bearbeitungsfehler	26.03.2013 10:14:11	
 Malwarebytes Anti-Malware .lnk	Bearbeitungsfehler	26.03.2013 10:14:51	
MLSHEXT.DLL	Bearbeitungsfehler	26.03.2013 10:14:51	
MLSHEXT.DLL	Bearbeitungsfehler	26.03.2013 10:15:31	
infpub.dat	Bearbeitungsfehler	26.03.2013 10:15:31	
MLSHEXT.DLL	Bearbeitungsfehler	26.03.2013 10:15:31	
Datei-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 10:23:19	
E8C48d01	Gepackt: Swf2Swc	26.03.2013 10:33:38	
IDSvix86.sys	Gepackt: PE_Patch	26.03.2013 10:37:34	
ewdcsc.sys	Gepackt: PE_Patch	26.03.2013 10:43:59	
_uninstall2580	Gepackt: UPX	26.03.2013 10:44:33	
isrt.dll	Gepackt: PE_Patch.PECompact	26.03.2013 10:44:35	
PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 10:44:35	
PecBundle	Gepackt: PECompact	26.03.2013 10:44:35	
VLC-1.1.0-WIN32.EXE	Gepackt: WiseSFXDropper	26.03.2013 10:45:05	
Spotify088Setup.exe	Gepackt: UPX	26.03.2013 10:45:14	
WISE0082.BIN	Gepackt: Swf2Swc	26.03.2013 10:46:01	
WISE0083.BIN	Gepackt: Swf2Swc	26.03.2013 10:46:01	
WISE0084.BIN	Gepackt: Swf2Swc	26.03.2013 10:46:01	
lynx_install.exe	Gepackt: WiseSFXDropper	26.03.2013 10:46:22	
jxpiinstall(1).exe	Gepackt: UPX	26.03.2013 10:46:31	
jxpiinstall(2).exe	Gepackt: UPX	26.03.2013 10:46:32	
#	Gepackt: PE_Patch.PECompact	26.03.2013 10:46:35	
PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 10:46:35	
PecBundle	Gepackt: PECompact	26.03.2013 10:46:35	
ISSetup.dll	Gepackt: PE_Patch.PECompact	26.03.2013 10:47:42	
PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 10:47:42	
PecBundle	Gepackt: PECompact	26.03.2013 10:47:42	
6C032d01	Gepackt: Swf2Swc	26.03.2013 10:53:10	
9F94Fd01	Gepackt: Swf2Swc	26.03.2013 10:53:19	
8FD5Ad01	Gepackt: Swf2Swc	26.03.2013 10:53:19	
D49F2d01	Gepackt: Swf2Swc	26.03.2013 10:53:25	
B8558d01	Gepackt: Swf2Swc	26.03.2013 10:53:25	
1B493d01	Gepackt: Swf2Swc	26.03.2013 10:53:26	
D49F2d01	Gepackt: Swf2Swc	26.03.2013 10:53:31	
B8558d01	Gepackt: Swf2Swc	26.03.2013 10:53:31	
811E8d01	Gepackt: Swf2Swc	26.03.2013 11:02:13	
3534Ed01	Gepackt: Swf2Swc	26.03.2013 11:03:12	
99253d01	Gepackt: Swf2Swc	26.03.2013 11:03:28	
627B4d01	Gepackt: Swf2Swc	26.03.2013 11:04:18	
9563Ed01	Gepackt: Swf2Swc	26.03.2013 11:04:18	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	26.03.2013 12:00:44	
$ObjId	Bearbeitungsfehler	26.03.2013 12:00:50	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	26.03.2013 12:23:35	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	26.03.2013 12:27:11	
$ObjId	Bearbeitungsfehler	26.03.2013 15:05:48	
E2738d01	Gepackt: Swf2Swc	26.03.2013 15:43:50	
BABEEd01	Gepackt: Swf2Swc	26.03.2013 16:00:02	
D1BF2d01	Gepackt: Swf2Swc	26.03.2013 16:00:11	
E660Fd01	Gepackt: Swf2Swc	26.03.2013 16:00:12	
E660Fd01	Gepackt: Swf2Swc	26.03.2013 16:00:31	
50F33d01	Gepackt: Swf2Swc	26.03.2013 16:00:32	
B54B6d01	Gepackt: Swf2Swc	26.03.2013 16:01:32	
9E6F7d01	Gepackt: Swf2Swc	26.03.2013 16:02:02	
55A95d01	Gepackt: Swf2Swc	26.03.2013 16:02:07	
6BFEEd01	Gepackt: Swf2Swc	26.03.2013 16:02:32	
9222Ed01	Gepackt: Swf2Swc	26.03.2013 16:03:21	
E3750d01	Gepackt: Swf2Swc	26.03.2013 16:03:36	
61805d01	Gepackt: Swf2Swc	26.03.2013 16:04:28	
64186d01	Gepackt: Swf2Swc	26.03.2013 16:04:30	
E9F24d01	Gepackt: Swf2Swc	26.03.2013 16:06:02	
D6ABAd01	Gepackt: Swf2Swc	26.03.2013 16:06:44	
C333Bd01	Gepackt: Swf2Swc	26.03.2013 16:06:44	
14DDEd01	Gepackt: Swf2Swc	26.03.2013 16:08:00	
17E4Fd01	Gepackt: Swf2Swc	26.03.2013 16:08:33	
D85E4d01	Gepackt: Swf2Swc	26.03.2013 16:08:54	
1AB83d01	Gepackt: Swf2Swc	26.03.2013 16:09:03	
E4283d01	Gepackt: Swf2Swc	26.03.2013 16:09:38	
94FD2d01	Gepackt: Swf2Swc	26.03.2013 16:09:38	
OTL.exe	Gepackt: PE_Patch.PECompact	26.03.2013 16:21:43	
PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 16:21:45	
PecBundle	Gepackt: PECompact	26.03.2013 16:21:46	
Outlook.pst	Bearbeitungsfehler	26.03.2013 16:21:59	
Outlook.pst	Bearbeitungsfehler	26.03.2013 16:23:38	
OTL5931.tmp	Gepackt: PE_Patch.PECompact	26.03.2013 16:25:20	
PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 16:25:20	
PecBundle	Gepackt: PECompact	26.03.2013 16:25:20	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	26.03.2013 16:29:31	
$ObjId	Bearbeitungsfehler	26.03.2013 16:29:31	
9F94Fd01	Gepackt: Swf2Swc	26.03.2013 17:14:28	
596AEd01	Gepackt: Swf2Swc	26.03.2013 17:14:48	
56338d01	Gepackt: Swf2Swc	26.03.2013 17:14:48	
Datei-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 17:26:34	
OTL.exe	Gepackt: PE_Patch.PECompact	26.03.2013 17:45:44	
PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 17:45:44	
PecBundle	Gepackt: PECompact	26.03.2013 17:45:44	
8FD5Ad01	Gepackt: Swf2Swc	26.03.2013 19:14:10	
gmer_2.1.19155.exe	Gepackt: UPX	26.03.2013 19:17:10	
Datum: Montag (32)	
Datei-Anti-Virus	Aufgabe wurde gestartet	25.03.2013 08:43:34	
igfxress.dll	Bearbeitungsfehler	25.03.2013 09:20:46	
Datei-Anti-Virus	Aufgabe wurde gestartet	25.03.2013 16:37:06	
8FA41d01	Gepackt: Swf2Swc	25.03.2013 17:55:06	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	25.03.2013 18:22:31	
$ObjId	Bearbeitungsfehler	25.03.2013 18:22:42	
$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	25.03.2013 18:44:58	
$ObjId	Bearbeitungsfehler	25.03.2013 18:45:00	
15691d01	Gepackt: Swf2Swc	25.03.2013 21:42:45	
8CBC6d01	Gepackt: Swf2Swc	25.03.2013 21:42:45	
5193Bd01	Gepackt: Swf2Swc	25.03.2013 21:43:07	
FCFE6d01	Gepackt: Swf2Swc	25.03.2013 21:43:07	
0B81Fd01	Gepackt: Swf2Swc	25.03.2013 21:44:19	
E2738d01	Gepackt: Swf2Swc	25.03.2013 21:45:27	
2B84Ed01	Gepackt: Swf2Swc	25.03.2013 21:48:57	
05692d01	Gepackt: Swf2Swc	25.03.2013 21:48:57	
65A35d01	Gepackt: Swf2Swc	25.03.2013 21:49:29	
2F710d01	Gepackt: Swf2Swc	25.03.2013 21:49:49	
43B02d01	Gepackt: Swf2Swc	25.03.2013 21:50:27	
43B02d01	Gepackt: Swf2Swc	25.03.2013 21:50:43	
3708Bd01	Gepackt: Swf2Swc	25.03.2013 21:50:50	
ECBBEd01	Gepackt: Swf2Swc	25.03.2013 21:50:51	
E3750d01	Gepackt: Swf2Swc	25.03.2013 21:50:51	
E660Fd01	Gepackt: Swf2Swc	25.03.2013 21:51:49	
05CBCd01	Gepackt: Swf2Swc	25.03.2013 21:53:10	
EDDF3d01	Gepackt: Swf2Swc	25.03.2013 21:57:57	
ED33Bd01	Gepackt: Swf2Swc	25.03.2013 21:58:11	
ED33Bd01	Gepackt: Swf2Swc	25.03.2013 21:58:27	
BEE82d01	Gepackt: Swf2Swc	25.03.2013 22:00:48	
E2A32d01	Gepackt: Swf2Swc	25.03.2013 22:01:58	
22508d01	Gepackt: Swf2Swc	25.03.2013 22:02:13	
6EBDBd01	Gepackt: Swf2Swc	25.03.2013 22:02:52

,

erkannte Bedrohungen

Code:

ATTFilter

Typ: trojanisches Programm (1)	
HEUR:Exploit.Java.CVE-2012-0507.gen	Gefunden; nicht verarbeitet	26.03.2013 10:07:24

,

Programmkontrolle

Code:

ATTFilter

Datum: Heute (2)	
30.03.2013 08:27:34	Spybot - Search & Destroy	Programm wurde verschoben in Gruppe Vertrauenswürdig	
30.03.2013 08:24:21	Firefox	Erlaubt: Installation von Hooks	
Datum: Gestern (22)	
29.03.2013 20:21:28	Microsoft Office Excel	Erlaubt: Installation von Hooks	
29.03.2013 18:55:45	Firefox	Erlaubt: Installation von Hooks	
29.03.2013 18:10:09	Microsoft Office Excel	Erlaubt: Installation von Hooks	
29.03.2013 17:28:45	Microsoft Office Word	Erlaubt: Installation von Hooks	
29.03.2013 17:28:13	Windows Explorer	Erlaubt: Installation von Hooks	
29.03.2013 17:23:17	Microsoft Office Excel	Erlaubt: Installation von Hooks	
29.03.2013 16:58:21	Firefox	Erlaubt: Installation von Hooks	
29.03.2013 16:01:24	your digital EPG	Erlaubt: Installation von Hooks	
29.03.2013 15:01:47	Firefox	Erlaubt: Installation von Hooks	
29.03.2013 14:50:02	Internet Explorer	Erlaubt: Installation von Hooks	
29.03.2013 11:56:21	Windows Media Player	Erlaubt: Installation von Hooks	
29.03.2013 10:53:54	MCULauncher.EXE	Erlaubt: Abfangen von eingehenden Ereignissen	
29.03.2013 10:53:08	Windows Media Player	Erlaubt: Installation von Hooks	
29.03.2013 10:03:59	Firefox	Erlaubt: Installation von Hooks	
29.03.2013 09:52:15	Microsoft Office Word	Erlaubt: Installation von Hooks	
29.03.2013 09:51:36	Windows Explorer	Erlaubt: Installation von Hooks	
29.03.2013 09:51:04	MPMINISIGSTUB.EXE	Programm wurde verschoben in Gruppe Vertrauenswürdig	
29.03.2013 09:51:01	AntiSpyware Definition Update	Programm wurde verschoben in Gruppe Vertrauenswürdig	
29.03.2013 09:49:15	Microsoft Office Excel	Erlaubt: Installation von Hooks	
29.03.2013 09:47:50	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
29.03.2013 09:46:45	Kaspersky Internet Security	Aufgabe wurde gestartet	
29.03.2013 09:09:32	Kaspersky Internet Security	Aufgabe wurde gestartet	
Datum: Donnerstag (20)	
28.03.2013 09:36:53	Kaspersky Internet Security	Aufgabe wurde gestartet	
28.03.2013 09:38:15	Microsoft Office Excel	Erlaubt: Installation von Hooks	
28.03.2013 09:38:21	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
28.03.2013 10:38:57	Internet Explorer	Erlaubt: Installation von Hooks	
28.03.2013 11:03:32	Firefox	Erlaubt: Installation von Hooks	
28.03.2013 11:42:52	Microsoft Office Excel	Erlaubt: Installation von Hooks	
28.03.2013 12:16:42	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
28.03.2013 13:33:09	Windows Explorer	Erlaubt: Installation von Hooks	
28.03.2013 13:56:08	Windows Explorer	Erlaubt: Installation von Hooks	
28.03.2013 14:07:12	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
28.03.2013 16:45:51	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
28.03.2013 16:46:37	Microsoft Office Excel	Erlaubt: Installation von Hooks	
28.03.2013 16:51:40	Internet Explorer	Erlaubt: Installation von Hooks	
28.03.2013 19:16:18	Windows Media Player	Erlaubt: Installation von Hooks	
28.03.2013 19:20:51	MCULauncher.EXE	Erlaubt: Abfangen von eingehenden Ereignissen	
28.03.2013 19:37:22	Windows Media Player	Erlaubt: Installation von Hooks	
28.03.2013 19:53:49	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
28.03.2013 20:18:57	Microsoft Office Excel	Erlaubt: Installation von Hooks	
28.03.2013 23:13:16	Windows Explorer	Erlaubt: Installation von Hooks	
28.03.2013 23:16:37	Microsoft Office Excel	Erlaubt: Installation von Hooks	
Datum: Mittwoch (26)	
27.03.2013 09:10:12	Kaspersky Internet Security	Aufgabe wurde gestartet	
27.03.2013 09:14:56	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
27.03.2013 09:15:23	Firefox	Erlaubt: Installation von Hooks	
27.03.2013 09:21:01	Microsoft Office Excel	Erlaubt: Installation von Hooks	
27.03.2013 11:10:53	OTL.exe	Programm wurde verschoben in Gruppe Vertrauenswürdig	
27.03.2013 11:36:42	Windows Media Player	Erlaubt: Installation von Hooks	
27.03.2013 11:38:41	Windows Explorer	Erlaubt: Installation von Hooks	
27.03.2013 11:39:05	Windows Explorer	Erlaubt: Installation von Hooks	
27.03.2013 11:41:37	Windows Media Player	Erlaubt: Installation von Hooks	
27.03.2013 11:54:02	Microsoft Office Word	Erlaubt: Installation von Hooks	
27.03.2013 12:46:05	PDFSAVE.EXE	Erlaubt: Installation von Hooks	
27.03.2013 12:47:00	Internet Explorer	Erlaubt: Installation von Hooks	
27.03.2013 13:09:42	Microsoft Office Word	Erlaubt: Installation von Hooks	
27.03.2013 13:22:58	Windows Media Player	Erlaubt: Installation von Hooks	
27.03.2013 13:23:35	Zb Module	Erlaubt: Verwendung von Programmschnittstellen anderer Prozesse	
27.03.2013 13:27:04	Microsoft Office Excel	Erlaubt: Installation von Hooks	
27.03.2013 13:35:53	Windows Media Player	Erlaubt: Installation von Hooks	
27.03.2013 13:36:24	Microsoft Office Excel	Erlaubt: Installation von Hooks	
27.03.2013 14:07:13	Firefox	Erlaubt: Installation von Hooks	
27.03.2013 15:34:28	Firefox	Erlaubt: Installation von Hooks	
27.03.2013 18:02:50	Microsoft Office Excel	Erlaubt: Installation von Hooks	
27.03.2013 19:18:14	Microsoft Office Excel	Erlaubt: Installation von Hooks	
27.03.2013 21:00:42	Microsoft Office Excel	Erlaubt: Installation von Hooks	
27.03.2013 21:13:36	Microsoft Office Excel	Erlaubt: Installation von Hooks	
27.03.2013 21:42:41	Firefox	Erlaubt: Installation von Hooks	
27.03.2013 22:11:55	Microsoft Office Excel	Erlaubt: Installation von Hooks	
Datum: Dienstag (55)	
26.03.2013 09:05:45	Kaspersky Internet Security	Aufgabe wurde gestartet	
26.03.2013 09:08:53	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
26.03.2013 09:11:56	Internet Explorer	Erlaubt: Installation von Hooks	
26.03.2013 09:16:21	MPAS-D_BD_1.147.212.0.EXE	Programm wurde verschoben in Gruppe Vertrauenswürdig	
26.03.2013 09:16:24	mpminisigstub.exe	Programm wurde verschoben in Gruppe Vertrauenswürdig	
26.03.2013 09:17:08	Internet Explorer	Erlaubt: Installation von Hooks	
26.03.2013 09:23:00	Internet Explorer	Erlaubt: Installation von Hooks	
26.03.2013 09:26:43	Firefox	Erlaubt: Installation von Hooks	
26.03.2013 09:35:20	Microsoft Office Excel	Erlaubt: Installation von Hooks	
26.03.2013 09:48:50	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
26.03.2013 10:02:37	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
26.03.2013 10:03:07	Internet Explorer	Erlaubt: Installation von Hooks	
26.03.2013 10:23:19	Kaspersky Internet Security	Aufgabe wurde gestartet	
26.03.2013 10:26:37	 Malwarebytes Anti-Malware 	Programm wurde verschoben in Gruppe Vertrauenswürdig	
26.03.2013 10:26:46	Unbekannt	Erlaubt: Starten eines Treibers	
26.03.2013 10:27:00	Firefox	Erlaubt: Installation von Hooks	
26.03.2013 10:28:12	Unbekannt	Erlaubt: Starten eines Treibers	
26.03.2013 10:34:25	Unbekannt	Erlaubt: Starten eines Treibers	
26.03.2013 10:39:14	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
26.03.2013 10:49:36	Notepad	Programm wurde verschoben in Gruppe Vertrauenswürdig	
26.03.2013 11:10:58	DEFOGGER.EXE	Programm wurde verschoben in Gruppe Vertrauenswürdig	
26.03.2013 12:01:37	Windows Explorer	Erlaubt: Installation von Hooks	
26.03.2013 12:02:12	Microsoft Office Word	Erlaubt: Installation von Hooks	
26.03.2013 12:02:53	Microsoft Office Excel	Erlaubt: Installation von Hooks	
26.03.2013 12:05:15	Windows Explorer	Erlaubt: Installation von Hooks	
26.03.2013 12:05:33	Microsoft Office Word	Erlaubt: Installation von Hooks	
26.03.2013 12:12:45	Microsoft Office Excel	Erlaubt: Installation von Hooks	
26.03.2013 12:22:47	Windows Explorer	Erlaubt: Installation von Hooks	
26.03.2013 12:23:06	Microsoft Office Word	Erlaubt: Installation von Hooks	
26.03.2013 15:26:46	Internet Explorer	Erlaubt: Installation von Hooks	
26.03.2013 15:33:05	Internet Explorer	Erlaubt: Installation von Hooks	
26.03.2013 15:39:03	Windows Media Player	Erlaubt: Installation von Hooks	
26.03.2013 15:39:15	Media Foundation Protected Pipeline EXE	Programm wurde verschoben in Gruppe Vertrauenswürdig	
26.03.2013 15:39:57	Windows Explorer	Erlaubt: Installation von Hooks	
26.03.2013 15:40:25	Windows Explorer	Erlaubt: Installation von Hooks	
26.03.2013 15:45:21	Microsoft Office Word	Erlaubt: Installation von Hooks	
26.03.2013 15:53:42	Microsoft Office Excel	Erlaubt: Installation von Hooks	
26.03.2013 16:11:34	Notepad	Programm wurde verschoben in Gruppe Vertrauenswürdig	
26.03.2013 16:14:38	Windows Explorer	Erlaubt: Installation von Hooks	
26.03.2013 16:21:46	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
26.03.2013 16:25:00	Windows Explorer	Erlaubt: Installation von Hooks	
26.03.2013 16:25:26	OTL.exe	Programm wurde verschoben in Gruppe Schwach beschränkt	
26.03.2013 16:25:38	Firefox	Erlaubt: Installation von Hooks	
26.03.2013 16:26:26	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
26.03.2013 16:27:08	Microsoft Office Word	Erlaubt: Installation von Hooks	
26.03.2013 16:28:57	OTL.exe	Erlaubt: Zuweisen von Debugger-Rechten	
26.03.2013 16:30:02	OTL.exe	Erlaubt: Veränderung von Rechten für Objekte	
26.03.2013 16:42:05	OTL.exe	Erlaubt: Dienst für Änderung öffnen	
26.03.2013 17:14:02	Firefox	Erlaubt: Installation von Hooks	
26.03.2013 17:17:16	Notepad	Erlaubt: Installation von Hooks	
26.03.2013 17:17:51	Windows Explorer	Erlaubt: Installation von Hooks	
26.03.2013 17:26:34	Kaspersky Internet Security	Aufgabe wurde gestartet	
26.03.2013 18:57:35	Microsoft Office Excel	Erlaubt: Installation von Hooks	
26.03.2013 19:00:22	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
26.03.2013 19:13:56	Firefox	Erlaubt: Installation von Hooks	
Datum: Montag (16)	
25.03.2013 08:43:34	Kaspersky Internet Security	Aufgabe wurde gestartet	
25.03.2013 08:46:28	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
25.03.2013 08:52:09	Internet Explorer	Erlaubt: Installation von Hooks	
25.03.2013 09:15:19	Microsoft Office Excel	Erlaubt: Installation von Hooks	
25.03.2013 16:37:06	Kaspersky Internet Security	Aufgabe wurde gestartet	
25.03.2013 16:38:51	Microsoft Office Outlook	Erlaubt: Installation von Hooks	
25.03.2013 16:39:50	Firefox	Erlaubt: Installation von Hooks	
25.03.2013 16:41:43	Windows Explorer	Erlaubt: Installation von Hooks	
25.03.2013 16:42:13	Microsoft Office Word	Erlaubt: Installation von Hooks	
25.03.2013 16:46:30	Microsoft Office Excel	Erlaubt: Installation von Hooks	
25.03.2013 17:15:03	Internet Explorer	Erlaubt: Installation von Hooks	
25.03.2013 17:56:49	Microsoft Office Excel	Erlaubt: Installation von Hooks	
25.03.2013 20:15:01	Microsoft Office Excel	Erlaubt: Installation von Hooks	
25.03.2013 21:37:08	Internet Explorer	Erlaubt: Installation von Hooks	
25.03.2013 21:42:00	Firefox	Erlaubt: Installation von Hooks	
25.03.2013 22:56:25	Microsoft Office Excel	Erlaubt: Installation von Hooks

,

Schutzcenter

Code:

ATTFilter

Datum: Heute (7)	
Spybot - Search & Destroy	Vertrauenswürdig	Programm wurde verschoben in Gruppe Vertrauenswürdig	30.03.2013 08:27:34	
Firefox	68BA2d01	Gepackt: Swf2Swc	30.03.2013 08:26:13	
Firefox	6633Ad01	Gepackt: Swf2Swc	30.03.2013 08:26:10	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	30.03.2013 08:24:21	
Microsoft Office Outlook		Gepackt: Html2Rtf	30.03.2013 08:23:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	30.03.2013 08:23:38	
Kaspersky Internet Security		Die Datenbanken sind veraltet	30.03.2013 08:16:15	
Datum: Gestern (182)	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 20:26:04	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 20:21:28	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 20:20:46	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 20:20:40	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	29.03.2013 20:07:46	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	29.03.2013 20:07:12	
Firefox	ECDD0d01	Gepackt: Swf2Swc	29.03.2013 19:11:17	
Firefox	03461d01	Gepackt: Swf2Swc	29.03.2013 19:10:05	
Firefox	71EDCd01	Gepackt: Swf2Swc	29.03.2013 19:10:05	
Firefox	96AC9d01	Gepackt: Swf2Swc	29.03.2013 19:10:05	
Firefox	7447Dd01	Gepackt: Swf2Swc	29.03.2013 19:09:46	
Firefox	BC6D5d01	Gepackt: Swf2Swc	29.03.2013 19:08:51	
Firefox	F071Ad01	Gepackt: Swf2Swc	29.03.2013 19:08:50	
Firefox	846EDd01	Gepackt: Swf2Swc	29.03.2013 19:08:49	
Firefox	4A58Fd01	Gepackt: Swf2Swc	29.03.2013 19:08:44	
Firefox	6B03Ed01	Gepackt: Swf2Swc	29.03.2013 19:08:44	
Firefox	E49A5d01	Gepackt: Swf2Swc	29.03.2013 19:08:44	
Firefox	5EBDEd01	Gepackt: Swf2Swc	29.03.2013 19:08:44	
Firefox	6D5DCd01	Gepackt: Swf2Swc	29.03.2013 19:08:44	
Firefox	633B7d01	Gepackt: Swf2Swc	29.03.2013 19:08:36	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	29.03.2013 19:06:31	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	29.03.2013 19:05:37	
Firefox	E3614d01	Gepackt: Swf2Swc	29.03.2013 19:04:02	
Firefox	0B81Fd01	Gepackt: Swf2Swc	29.03.2013 19:03:43	
Firefox	6F4A6d01	Gepackt: Swf2Swc	29.03.2013 19:03:34	
Firefox	6A29Ed01	Gepackt: Swf2Swc	29.03.2013 19:02:08	
Firefox	E069Bd01	Gepackt: Swf2Swc	29.03.2013 19:02:08	
Firefox	FCFE6d01	Gepackt: Swf2Swc	29.03.2013 19:01:56	
Firefox	5193Bd01	Gepackt: Swf2Swc	29.03.2013 19:01:56	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 18:55:45	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 18:10:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 17:32:06	
Microsoft Office Word	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 17:28:45	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 17:28:13	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 17:25:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 17:25:09	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 17:23:17	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 17:06:21	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	29.03.2013 17:04:38	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	29.03.2013 17:04:06	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 16:59:27	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 16:58:21	
Firefox	2F13Fd01	Gepackt: Swf2Swc	29.03.2013 16:04:21	
your digital EPG	DWMAPI.DLL	Erlaubt: Installation von Hooks	29.03.2013 16:01:24	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 16:01:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 16:01:06	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 16:01:02	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 15:59:20	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 15:36:55	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 15:36:55	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 15:36:29	
Microsoft Office Outlook	Outlook.pst	Bearbeitungsfehler	29.03.2013 15:29:32	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 15:21:45	
Firefox	BEE99d01	Gepackt: Swf2Swc	29.03.2013 15:21:13	
Firefox	84CBBd01	Gepackt: Swf2Swc	29.03.2013 15:17:25	
Firefox	8FD5Ad01	Gepackt: Swf2Swc	29.03.2013 15:06:06	
Firefox	CA753d01	Gepackt: Swf2Swc	29.03.2013 15:03:35	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	29.03.2013 15:03:12	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	29.03.2013 15:02:17	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 15:01:47	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 15:01:07	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 15:01:06	
Firefox	E3750d01	Gepackt: Swf2Swc	29.03.2013 15:00:04	
Firefox	83941d01	Gepackt: Swf2Swc	29.03.2013 15:00:03	
Firefox	046BFd01	Gepackt: Swf2Swc	29.03.2013 14:59:36	
Firefox	2DC37d01	Gepackt: Swf2Swc	29.03.2013 14:58:37	
Firefox	5B0D2d01	Gepackt: Swf2Swc	29.03.2013 14:57:55	
Firefox	539ECd01	Gepackt: Swf2Swc	29.03.2013 14:57:01	
Firefox	6674Cd01	Gepackt: Swf2Swc	29.03.2013 14:56:41	
Firefox	4DBA1d01	Gepackt: Swf2Swc	29.03.2013 14:56:33	
Firefox	E660Fd01	Gepackt: Swf2Swc	29.03.2013 14:56:32	
Internet Explorer	chart9[1].swf	Gepackt: Swf2Swc	29.03.2013 14:51:30	
Internet Explorer	chart9[1].swf	Gepackt: Swf2Swc	29.03.2013 14:51:27	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 14:50:02	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 14:49:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 14:48:57	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:56:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:56:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:48:03	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:47:51	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:47:47	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:47:05	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:45:54	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:45:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:45:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:42:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:41:17	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:41:16	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:41:13	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:41:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:41:02	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:41:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 12:40:59	
Windows Media Player	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 11:56:21	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:55:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:55:15	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:52:47	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:51:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:48:40	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:45:38	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde abgeschlossen	29.03.2013 11:39:32	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:36:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:35:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:35:17	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:35:15	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:35:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:35:10	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:35:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:35:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:35:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:35:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:35:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 11:34:46	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	29.03.2013 11:34:02	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	29.03.2013 11:32:40	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde gestartet	29.03.2013 11:22:40	
MCULauncher.EXE	explorer.exe	Erlaubt: Abfangen von eingehenden Ereignissen	29.03.2013 10:53:54	
Windows Media Player	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 10:53:08	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	29.03.2013 10:52:43	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	29.03.2013 10:52:39	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 10:03:59	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 10:02:38	
Host Process for Windows Services	avp.exe	Verboten	29.03.2013 09:57:39	
Microsoft Office Word	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 09:52:15	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 09:51:36	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:51:32	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:51:25	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:51:24	
MPMINISIGSTUB.EXE	Vertrauenswürdig	Programm wurde verschoben in Gruppe Vertrauenswürdig	29.03.2013 09:51:04	
AntiSpyware Definition Update	Vertrauenswürdig	Programm wurde verschoben in Gruppe Vertrauenswürdig	29.03.2013 09:51:01	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 09:49:15	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:58	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:54	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:45	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:29	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:29	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:28	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:48:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	29.03.2013 09:47:58	
Task Scheduler Engine	avp.exe	Verboten	29.03.2013 09:47:56	
Windows Explorer	avp.exe	Verboten	29.03.2013 09:47:56	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	29.03.2013 09:47:50	
Kaspersky Internet Security		Der Schutz wurde aktiviert	29.03.2013 09:46:45	
Kaspersky Internet Security		Der Schutz wurde aktiviert	29.03.2013 09:46:45	
Kaspersky Internet Security	Firewall	Aufgabe wurde gestartet	29.03.2013 09:46:45	
Kaspersky Internet Security	Web-Anti-Virus	Aufgabe wurde gestartet	29.03.2013 09:46:45	
Kaspersky Internet Security			29.03.2013 09:46:45	
Kaspersky Internet Security		Der Schutz funktioniert nicht	29.03.2013 09:46:45	
Kaspersky Internet Security			29.03.2013 09:46:45	
Kaspersky Internet Security	Aktivitätsmonitor	Aufgabe wurde gestartet	29.03.2013 09:46:45	
Kaspersky Internet Security	Proaktiver Schutz	Aufgabe wurde gestartet	29.03.2013 09:46:45	
Kaspersky Internet Security	Mail-Anti-Virus	Aufgabe wurde gestartet	29.03.2013 09:46:45	
Kaspersky Internet Security	IM-Anti-Virus	Aufgabe wurde gestartet	29.03.2013 09:46:45	
Kaspersky Internet Security	Schutz vor Netzwerkangriffen	Aufgabe wurde gestartet	29.03.2013 09:46:45	
Kaspersky Internet Security	Programmkontrolle	Aufgabe wurde gestartet	29.03.2013 09:46:45	
Kaspersky Internet Security	Datei-Anti-Virus	Aufgabe wurde gestartet	29.03.2013 09:46:45	
Kaspersky Internet Security	Anti-Spam	Aufgabe wurde gestartet	29.03.2013 09:46:45	
Kaspersky Internet Security		Es gibt unverarbeitete Objekte	29.03.2013 09:46:43	
Unbekanntes Programm	04	Verboten	29.03.2013 09:46:03	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde gestartet	29.03.2013 09:39:41	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	29.03.2013 09:32:11	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	29.03.2013 09:27:00	
Kaspersky Internet Security	Datei-Anti-Virus	Aufgabe wurde gestartet	29.03.2013 09:09:32	
Kaspersky Internet Security	Firewall	Aufgabe wurde gestartet	29.03.2013 09:09:32	
Kaspersky Internet Security	Web-Anti-Virus	Aufgabe wurde gestartet	29.03.2013 09:09:32	
Kaspersky Internet Security			29.03.2013 09:09:32	
Kaspersky Internet Security			29.03.2013 09:09:32	
Kaspersky Internet Security	Aktivitätsmonitor	Aufgabe wurde gestartet	29.03.2013 09:09:32	
Kaspersky Internet Security	Proaktiver Schutz	Aufgabe wurde gestartet	29.03.2013 09:09:32	
Kaspersky Internet Security	Mail-Anti-Virus	Aufgabe wurde gestartet	29.03.2013 09:09:32	
Kaspersky Internet Security	IM-Anti-Virus	Aufgabe wurde gestartet	29.03.2013 09:09:32	
Kaspersky Internet Security	Schutz vor Netzwerkangriffen	Aufgabe wurde gestartet	29.03.2013 09:09:32	
Kaspersky Internet Security	Programmkontrolle	Aufgabe wurde gestartet	29.03.2013 09:09:32	
Kaspersky Internet Security	Anti-Spam	Aufgabe wurde gestartet	29.03.2013 09:09:32	
Kaspersky Internet Security		Es gibt unverarbeitete Objekte	29.03.2013 09:09:32	
Datum: Donnerstag (229)	
Kaspersky Internet Security		Es gibt unverarbeitete Objekte	28.03.2013 09:36:51	
Kaspersky Internet Security	Anti-Spam	Aufgabe wurde gestartet	28.03.2013 09:36:53	
Kaspersky Internet Security	Datei-Anti-Virus	Aufgabe wurde gestartet	28.03.2013 09:36:53	
Kaspersky Internet Security	Programmkontrolle	Aufgabe wurde gestartet	28.03.2013 09:36:53	
Kaspersky Internet Security	Firewall	Aufgabe wurde gestartet	28.03.2013 09:36:53	
Kaspersky Internet Security	IM-Anti-Virus	Aufgabe wurde gestartet	28.03.2013 09:36:53	
Kaspersky Internet Security	Mail-Anti-Virus	Aufgabe wurde gestartet	28.03.2013 09:36:53	
Kaspersky Internet Security	Aktivitätsmonitor	Aufgabe wurde gestartet	28.03.2013 09:36:53	
Kaspersky Internet Security			28.03.2013 09:36:53	
Kaspersky Internet Security			28.03.2013 09:36:53	
Kaspersky Internet Security	Web-Anti-Virus	Aufgabe wurde gestartet	28.03.2013 09:36:53	
Kaspersky Internet Security	Schutz vor Netzwerkangriffen	Aufgabe wurde gestartet	28.03.2013 09:36:53	
Kaspersky Internet Security	Proaktiver Schutz	Aufgabe wurde gestartet	28.03.2013 09:36:53	
Host Process for Windows Services	avp.exe	Verboten	28.03.2013 09:37:03	
Kaspersky Internet Security		Der Schutz wurde aktiviert	28.03.2013 09:37:47	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 09:38:15	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 09:38:21	
Microsoft Windows Search Indexer	file_cache	Verboten	28.03.2013 09:38:26	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:55:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:17	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:17	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:20	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:20	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:21	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:21	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:22	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	28.03.2013 09:57:22	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:22	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:22	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:23	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:23	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:24	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:24	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:25	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:25	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:25	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:32	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:37	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:40	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:51	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:54	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:57:58	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:58:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:58:01	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:58:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:58:10	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:58:11	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:58:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:58:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 09:58:13	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	28.03.2013 10:03:52	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	28.03.2013 10:06:21	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	28.03.2013 10:06:21	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde gestartet	28.03.2013 10:07:04	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde abgeschlossen	28.03.2013 10:21:19	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:38:46	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 10:38:57	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:42:01	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:42:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:43:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:45:34	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:45:41	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:45:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:45:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:45:51	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:45:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:45:58	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:46:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:46:04	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:46:05	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:46:11	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:49:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:49:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:49:54	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:50:41	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:50:45	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:51:10	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:51:15	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:51:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:51:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:52:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:53:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:54:16	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:58:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:58:48	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:58:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:58:55	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:58:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 10:58:57	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:02:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:02:42	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 11:03:32	
Firefox	E2738d01	Gepackt: Swf2Swc	28.03.2013 11:22:23	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:25:37	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:25:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:25:43	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:25:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:25:45	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:25:46	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:25:46	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:25:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:26:04	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:26:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:26:11	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:26:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:40:59	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:41:48	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:41:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:41:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:41:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:41:57	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 11:42:02	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 11:42:52	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	28.03.2013 12:05:20	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	28.03.2013 12:06:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 12:16:16	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 12:16:25	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 12:16:27	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 12:16:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 12:16:48	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 12:17:07	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:01:07	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:01:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:01:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:04:57	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:10:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:10:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:10:43	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:10:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:10:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:10:48	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:10:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:30:19	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 13:33:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 13:35:23	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 13:56:08	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 14:07:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:07:15	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:07:21	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:07:21	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:07:22	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:07:22	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:07:23	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	28.03.2013 14:07:39	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	28.03.2013 14:08:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:08:15	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:12:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:12:59	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:14:03	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:14:07	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 14:14:12	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 16:45:51	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 16:46:01	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 16:46:10	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 16:46:11	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 16:46:11	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 16:46:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 16:46:23	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 16:46:28	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 16:46:30	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 16:46:34	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 16:46:37	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 16:50:56	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 16:51:40	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	28.03.2013 17:00:52	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	28.03.2013 17:01:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 17:13:35	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 17:13:36	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 17:42:24	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 17:42:28	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 17:42:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 17:47:59	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 17:54:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 18:45:10	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	28.03.2013 19:02:58	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	28.03.2013 19:04:23	
Windows Media Player	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 19:16:18	
MCULauncher.EXE	zoombrowser.exe	Erlaubt: Abfangen von eingehenden Ereignissen	28.03.2013 19:20:51	
Windows Media Player	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 19:37:22	
Windows Problem Reporting	adp94xx.sys	Gepackt: PE_Patch	28.03.2013 19:48:30	
Windows Problem Reporting	adpahci.sys	Gepackt: PE_Patch	28.03.2013 19:48:30	
Windows Problem Reporting	adpu160m.sys	Gepackt: PE_Patch	28.03.2013 19:48:31	
Windows Problem Reporting	adpu320.sys	Gepackt: PE_Patch	28.03.2013 19:48:31	
Windows Problem Reporting	E1G60I32.sys	Gepackt: PE_Patch	28.03.2013 19:48:34	
Windows Problem Reporting	elxstor.sys	Gepackt: PE_Patch	28.03.2013 19:48:34	
Windows Problem Reporting	HpCISSs.sys	Gepackt: PE_Patch	28.03.2013 19:48:37	
Windows Problem Reporting	iirsp.sys	Gepackt: PE_Patch	28.03.2013 19:48:38	
Windows Problem Reporting	PE_Patch	Gepackt: PE_Patch	28.03.2013 19:48:38	
Windows Problem Reporting	iteraid.sys	Gepackt: PE_Patch	28.03.2013 19:48:38	
Windows Problem Reporting	lsi_scsi.sys	Gepackt: PE_Patch	28.03.2013 19:49:43	
Windows Problem Reporting	megasas.sys	Gepackt: PE_Patch	28.03.2013 19:49:44	
Windows Problem Reporting	Mraid35x.sys	Gepackt: PE_Patch	28.03.2013 19:49:44	
Windows Problem Reporting	NETw3v32.sys	Gepackt: PE_Patch	28.03.2013 19:49:45	
Windows Problem Reporting	nfrd960.sys	Gepackt: PE_Patch	28.03.2013 19:49:45	
Windows Problem Reporting	NTRIGDIGI.SYS	Gepackt: PE_Patch	28.03.2013 19:49:45	
Windows Problem Reporting	ql2300.sys	Gepackt: PE_Patch	28.03.2013 19:49:47	
Windows Problem Reporting	Rtnicxp.sys	Gepackt: PE_Patch	28.03.2013 19:49:48	
Windows Problem Reporting	symc8xx.sys	Gepackt: PE_Patch	28.03.2013 19:49:49	
Windows Problem Reporting	sym_hi.sys	Gepackt: PE_Patch	28.03.2013 19:49:50	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 19:53:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 19:53:51	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	28.03.2013 19:54:29	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 19:59:27	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 20:18:57	
Firefox	AA08Dd01	Gepackt: Swf2Swc	28.03.2013 20:21:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 20:32:43	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 20:34:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 20:34:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 20:34:31	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	28.03.2013 22:36:27	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 23:13:16	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 23:16:06	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 23:16:07	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 23:16:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 23:16:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 23:16:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 23:16:20	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	28.03.2013 23:16:37	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 23:20:23	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 23:20:41	
Microsoft Office Outlook		Gepackt: Html2Rtf	28.03.2013 23:21:26	
Client Server Runtime Process	avp.exe	Verboten	28.03.2013 23:21:52	
Client Server Runtime Process	avp.exe	Verboten	28.03.2013 23:22:20	
Kaspersky Internet Security		Der Schutz wurde aktiviert	28.03.2013 23:23:12	
Kaspersky Internet Security		Der Schutz funktioniert nicht	28.03.2013 23:23:15	
Datum: Mittwoch (271)	
Firefox	ED33Bd01	Gepackt: Swf2Swc	27.03.2013 15:47:47	
Firefox	6BFEEd01	Gepackt: Swf2Swc	27.03.2013 15:48:02	
Firefox	EFDE0d01	Gepackt: Swf2Swc	27.03.2013 15:48:17	
Firefox	5B49Fd01	Gepackt: Swf2Swc	27.03.2013 15:48:17	
Kaspersky Internet Security	Untersuchung bei Computerleerlauf	Aufgabe wurde gestartet	27.03.2013 15:53:27	
Kaspersky Internet Security	Untersuchung bei Computerleerlauf	Aufgabe wurde beendet	27.03.2013 16:17:16	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 16:17:43	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 16:17:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 16:17:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 16:17:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 16:17:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 16:18:07	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 16:18:07	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 16:19:01	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 16:19:04	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 16:19:23	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 16:41:52	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	27.03.2013 16:41:57	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	27.03.2013 16:42:06	
Kaspersky Internet Security	Update	Störung in Aufgabe	27.03.2013 16:42:49	
Kaspersky Internet Security	Untersuchung bei Computerleerlauf	Aufgabe wurde gestartet	27.03.2013 16:42:50	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 17:07:04	
Kaspersky Internet Security	Untersuchung bei Computerleerlauf	Aufgabe wurde abgeschlossen	27.03.2013 17:52:15	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	27.03.2013 17:53:36	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	27.03.2013 18:01:16	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 18:02:50	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	27.03.2013 18:04:32	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 18:06:24	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 18:07:34	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 18:08:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 18:08:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 18:08:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 18:09:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 18:09:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 18:10:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 18:10:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 18:10:15	
Firefox	E660Fd01	Gepackt: Swf2Swc	27.03.2013 18:11:00	
Firefox	ED33Bd01	Gepackt: Swf2Swc	27.03.2013 18:42:25	
Firefox	E3750d01	Gepackt: Swf2Swc	27.03.2013 18:44:00	
Firefox	7BAA7d01	Gepackt: Swf2Swc	27.03.2013 18:44:02	
Firefox	C8C37d01	Gepackt: Swf2Swc	27.03.2013 18:45:19	
Firefox	59BF6d01	Gepackt: Swf2Swc	27.03.2013 18:45:30	
Firefox	6F4A6d01	Gepackt: Swf2Swc	27.03.2013 18:46:48	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 18:53:43	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	27.03.2013 18:53:43	
Firefox	B54B6d01	Gepackt: Swf2Swc	27.03.2013 19:04:15	
Firefox	8EB80d01	Gepackt: Swf2Swc	27.03.2013 19:04:17	
Firefox	AFF99d01	Gepackt: Swf2Swc	27.03.2013 19:04:34	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 19:18:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 19:45:06	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 19:45:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 19:45:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 19:45:11	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 19:47:15	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	27.03.2013 20:04:53	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	27.03.2013 20:06:37	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	27.03.2013 20:08:47	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 20:52:58	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 20:52:58	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 20:52:59	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 20:54:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 20:59:43	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 21:00:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:06:43	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:06:54	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:07:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:07:16	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:07:16	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:07:18	
Host Process for Windows Services	OTL.exe	Gepackt: PE_Patch.PECompact	27.03.2013 21:10:17	
Host Process for Windows Services	PE_Patch.PECompact	Gepackt: PecBundle	27.03.2013 21:10:18	
Host Process for Windows Services	PecBundle	Gepackt: PECompact	27.03.2013 21:10:19	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:11:05	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:12:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:13:01	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:13:11	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 21:13:36	
Host Process for Windows Services	gmer_2.1.19155.exe	Gepackt: UPX	27.03.2013 21:18:58	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 21:42:41	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 21:43:23	
Firefox	E2738d01	Gepackt: Swf2Swc	27.03.2013 21:44:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:45:34	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 21:45:46	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	27.03.2013 22:06:37	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	27.03.2013 22:07:34	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 22:11:34	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 22:11:55	
Kaspersky Internet Security		Spam	27.03.2013 22:15:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 22:15:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 22:15:38	
Client Server Runtime Process	avp.exe	Verboten	27.03.2013 22:16:02	
Client Server Runtime Process	avp.exe	Verboten	27.03.2013 22:16:30	
Kaspersky Internet Security		Der Schutz funktioniert nicht	27.03.2013 22:17:18	
Kaspersky Internet Security		Es gibt unverarbeitete Objekte	27.03.2013 09:10:12	
Kaspersky Internet Security	Anti-Spam	Aufgabe wurde gestartet	27.03.2013 09:10:12	
Kaspersky Internet Security	Datei-Anti-Virus	Aufgabe wurde gestartet	27.03.2013 09:10:12	
Kaspersky Internet Security	Programmkontrolle	Aufgabe wurde gestartet	27.03.2013 09:10:12	
Kaspersky Internet Security	Schutz vor Netzwerkangriffen	Aufgabe wurde gestartet	27.03.2013 09:10:12	
Kaspersky Internet Security	IM-Anti-Virus	Aufgabe wurde gestartet	27.03.2013 09:10:12	
Kaspersky Internet Security	Mail-Anti-Virus	Aufgabe wurde gestartet	27.03.2013 09:10:12	
Kaspersky Internet Security	Proaktiver Schutz	Aufgabe wurde gestartet	27.03.2013 09:10:12	
Kaspersky Internet Security	Aktivitätsmonitor	Aufgabe wurde gestartet	27.03.2013 09:10:12	
Kaspersky Internet Security			27.03.2013 09:10:12	
Kaspersky Internet Security			27.03.2013 09:10:12	
Kaspersky Internet Security	Web-Anti-Virus	Aufgabe wurde gestartet	27.03.2013 09:10:12	
Kaspersky Internet Security	Firewall	Aufgabe wurde gestartet	27.03.2013 09:10:12	
Microsoft Windows Search Indexer	SysWHist	Verboten	27.03.2013 09:10:16	
Kaspersky Internet Security		Der Schutz wurde aktiviert	27.03.2013 09:10:25	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 09:14:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:15:06	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 09:15:23	
Firefox	D6ABAd01	Gepackt: Swf2Swc	27.03.2013 09:16:00	
Firefox	01454d01	Gepackt: Swf2Swc	27.03.2013 09:16:23	
Firefox	65A35d01	Gepackt: Swf2Swc	27.03.2013 09:16:29	
Firefox	E0803d01	Gepackt: Swf2Swc	27.03.2013 09:16:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:16:33	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:05	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:05	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:19	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:19	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:20	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:29	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:32	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:33	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:33	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:33	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:34	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:46	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:48	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:51	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:54	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:17:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:20:31	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 09:21:01	
Host Process for Windows Services	avp.exe	Verboten	27.03.2013 09:22:05	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	27.03.2013 09:25:14	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	27.03.2013 09:28:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:28:22	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:28:28	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:28:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:28:54	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:28:58	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:29:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:29:20	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:29:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:30:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:30:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:31:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:31:20	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:31:23	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:31:26	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:31:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:31:43	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:31:48	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:32:19	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:32:21	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 09:32:24	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 09:55:25	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	27.03.2013 09:55:27	
Kaspersky Internet Security	Untersuchung bei Computerleerlauf	Aufgabe wurde gestartet	27.03.2013 09:55:37	
Kaspersky Internet Security	Untersuchung bei Computerleerlauf	Aufgabe wurde beendet	27.03.2013 09:56:21	
Microsoft Office Outlook	Outlook.pst	Bearbeitungsfehler	27.03.2013 10:17:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 10:21:06	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 10:21:10	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 10:21:15	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 10:21:16	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde gestartet	27.03.2013 10:25:37	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 10:26:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 10:26:47	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde abgeschlossen	27.03.2013 10:40:30	
OTL.exe	Vertrauenswürdig	Programm wurde verschoben in Gruppe Vertrauenswürdig	27.03.2013 11:10:53	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	27.03.2013 11:28:51	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	27.03.2013 11:29:43	
Windows Media Player	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 11:36:42	
Firefox	E0803d01	Gepackt: Swf2Swc	27.03.2013 11:38:36	
Firefox	65A35d01	Gepackt: Swf2Swc	27.03.2013 11:38:36	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 11:38:41	
Firefox	046BFd01	Gepackt: Swf2Swc	27.03.2013 11:38:42	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 11:39:05	
Windows Media Player	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 11:41:37	
Microsoft Office Word	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 11:54:02	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	27.03.2013 11:56:38	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	27.03.2013 11:56:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:57:51	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:57:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:57:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:57:54	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:57:55	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:57:55	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:59:07	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:59:48	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:59:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:59:55	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:59:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 11:59:59	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 12:00:01	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 12:00:07	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 12:00:14	
Firefox	05692d01	Gepackt: Swf2Swc	27.03.2013 12:01:04	
Firefox	539ECd01	Gepackt: Swf2Swc	27.03.2013 12:01:05	
Firefox	E72ABd01	Gepackt: Swf2Swc	27.03.2013 12:01:34	
Firefox	88CBAd01	Gepackt: Swf2Swc	27.03.2013 12:10:25	
Firefox	43B02d01	Gepackt: Swf2Swc	27.03.2013 12:10:26	
Firefox	457ACd01	Gepackt: Swf2Swc	27.03.2013 12:10:26	
Firefox	193DBd01	Gepackt: Swf2Swc	27.03.2013 12:10:52	
Firefox	ED33Bd01	Gepackt: Swf2Swc	27.03.2013 12:10:52	
Firefox	E660Fd01	Gepackt: Swf2Swc	27.03.2013 12:12:24	
Firefox	E3750d01	Gepackt: Swf2Swc	27.03.2013 12:12:41	
Firefox	2B509d01	Gepackt: Swf2Swc	27.03.2013 12:12:47	
Firefox	F5ACCd01	Gepackt: Swf2Swc	27.03.2013 12:12:47	
Firefox	F8F0Cd01	Gepackt: Swf2Swc	27.03.2013 12:15:05	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 12:15:23	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 12:15:24	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 12:15:29	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 12:15:33	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 12:17:00	
Windows Explorer	OTL.exe	Gepackt: PE_Patch.PECompact	27.03.2013 12:32:49	
Windows Explorer	PE_Patch.PECompact	Gepackt: PecBundle	27.03.2013 12:32:49	
Windows Explorer	PecBundle	Gepackt: PECompact	27.03.2013 12:32:50	
PDFSAVE.EXE	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 12:46:05	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 12:47:00	
Firefox	gmer_2.1.19155.exe	Gepackt: UPX	27.03.2013 12:54:59	
Firefox	jxpiinstall(1).exe	Gepackt: UPX	27.03.2013 12:55:00	
Microsoft Office Word	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 13:09:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 13:10:38	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	27.03.2013 13:22:45	
Kaspersky Internet Security	Update	Störung in Aufgabe	27.03.2013 13:22:49	
Kaspersky Internet Security	Untersuchung bei Computerleerlauf	Aufgabe wurde gestartet	27.03.2013 13:22:50	
Windows Media Player	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 13:22:58	
Kaspersky Internet Security	Untersuchung bei Computerleerlauf	Aufgabe wurde beendet	27.03.2013 13:23:11	
Zb Module	OLEB082CE3A50814AD28D7D491ED9F2	Erlaubt: Verwendung von Programmschnittstellen anderer Prozesse	27.03.2013 13:23:35	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 13:27:04	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 13:31:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 13:33:43	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 13:35:39	
Windows Media Player	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 13:35:53	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 13:36:24	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 13:37:51	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 14:07:13	
Firefox	2F13Fd01	Gepackt: Swf2Swc	27.03.2013 14:07:44	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	27.03.2013 15:17:41	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	27.03.2013 15:19:26	
Host Process for Windows Services	OTL.exe	Gepackt: PE_Patch.PECompact	27.03.2013 15:20:32	
Host Process for Windows Services	PE_Patch.PECompact	Gepackt: PecBundle	27.03.2013 15:20:32	
Host Process for Windows Services	PecBundle	Gepackt: PECompact	27.03.2013 15:20:32	
Host Process for Windows Services	gmer_2.1.19155.exe	Gepackt: UPX	27.03.2013 15:23:06	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 15:34:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	27.03.2013 15:34:18	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	27.03.2013 15:34:28	
Firefox	2F13Fd01	Gepackt: Swf2Swc	27.03.2013 15:34:40	
Firefox	7DEDEd01	Gepackt: Swf2Swc	27.03.2013 15:36:08	
Firefox	5193Bd01	Gepackt: Swf2Swc	27.03.2013 15:36:23	
Firefox	FCFE6d01	Gepackt: Swf2Swc	27.03.2013 15:36:23	
Firefox	113F0d01	Gepackt: Swf2Swc	27.03.2013 15:36:34	
Firefox	4C810d01	Gepackt: Swf2Swc	27.03.2013 15:36:34	
Firefox	B54B6d01	Gepackt: Swf2Swc	27.03.2013 15:37:24	
Firefox	E660Fd01	Gepackt: Swf2Swc	27.03.2013 15:38:09	
Firefox	05CBCd01	Gepackt: Swf2Swc	27.03.2013 15:38:30	
Firefox	E72ABd01	Gepackt: Swf2Swc	27.03.2013 15:39:28	
Firefox	30D7Cd01	Gepackt: Swf2Swc	27.03.2013 15:39:31	
Firefox	E3750d01	Gepackt: Swf2Swc	27.03.2013 15:39:57	
Firefox	F5415d01	Gepackt: Swf2Swc	27.03.2013 15:40:01	
Firefox	E2738d01	Gepackt: Swf2Swc	27.03.2013 15:41:45	
Datum: Dienstag (348)	
Kaspersky Internet Security	Web-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 09:05:45	
Host Process for Windows Services	wlanapi.dll	Gepackt: PE_Patch.Stolen	26.03.2013 09:06:10	
Kaspersky Internet Security		Der Schutz wurde aktiviert	26.03.2013 09:07:00	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 09:08:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:09:10	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:09:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:09:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:09:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:09:58	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:09:59	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:10:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:10:58	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:11:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:11:20	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:11:22	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:11:27	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 09:11:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:14:43	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:14:46	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:14:48	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:14:51	
MPAS-D_BD_1.147.212.0.EXE	Vertrauenswürdig	Programm wurde verschoben in Gruppe Vertrauenswürdig	26.03.2013 09:16:21	
mpminisigstub.exe	Vertrauenswürdig	Programm wurde verschoben in Gruppe Vertrauenswürdig	26.03.2013 09:16:24	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 09:17:08	
Host Process for Windows Services	avp.exe	Verboten	26.03.2013 09:19:55	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	26.03.2013 09:21:47	
Kaspersky Internet Security	Update	Störung in Aufgabe	26.03.2013 09:22:00	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 09:23:00	
Kaspersky Internet Security	4fa6845e-5963e97d	Gefunden: HEUR:Exploit.Java.CVE-2012-0507.gen	26.03.2013 09:23:54	
Kaspersky Internet Security	4fa6845e-5963e97d	Nicht desinfizierte Objekte: HEUR:Exploit.Java.CVE-2012-0507.gen	26.03.2013 09:24:11	
Task Scheduler Engine	avp.exe	Verboten	26.03.2013 09:24:21	
Client Server Runtime Process	avp.exe	Verboten	26.03.2013 09:24:22	
Windows Explorer	avp.exe	Verboten	26.03.2013 09:26:04	
Kaspersky Internet Security	4fa6845e-5963e97d	Gefunden: HEUR:Exploit.Java.CVE-2012-0507.gen	26.03.2013 09:26:08	
Kaspersky Internet Security	4fa6845e-5963e97d	Nicht desinfizierte Objekte: HEUR:Exploit.Java.CVE-2012-0507.gen	26.03.2013 09:26:12	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 09:26:43	
Firefox	05F5Ad01	Gepackt: Swf2Swc	26.03.2013 09:28:24	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 09:35:20	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde gestartet	26.03.2013 09:35:55	
Firefox	1E4C8d01	Gepackt: Swf2Swc	26.03.2013 09:41:16	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	26.03.2013 09:42:47	
Firefox	9FDCEd01	Gepackt: Swf2Swc	26.03.2013 09:45:16	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	26.03.2013 09:45:25	
Firefox	FDB71d01	Gepackt: Swf2Swc	26.03.2013 09:45:49	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 09:48:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:48:58	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde abgeschlossen	26.03.2013 09:50:40	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:59:28	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:59:32	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:59:41	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:59:41	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:59:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:59:45	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:59:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 09:59:59	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:02:29	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 10:02:37	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:02:45	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 10:03:07	
Ask Updater	avp.exe	Verboten	26.03.2013 10:06:30	
Kaspersky Internet Security	4fa6845e-5963e97d	Gefunden: HEUR:Exploit.Java.CVE-2012-0507.gen	26.03.2013 10:07:24	
Kaspersky Internet Security	4fa6845e-5963e97d	Nicht desinfizierte Objekte: HEUR:Exploit.Java.CVE-2012-0507.gen	26.03.2013 10:07:33	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:10:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:12:25	
System	MLSHEXT.DLL	Bearbeitungsfehler	26.03.2013 10:14:11	
Windows Explorer	Shows Desktop.lnk	Bearbeitungsfehler	26.03.2013 10:14:11	
System	MLSHEXT.DLL	Bearbeitungsfehler	26.03.2013 10:14:11	
Windows Explorer	 Malwarebytes Anti-Malware .lnk	Bearbeitungsfehler	26.03.2013 10:14:51	
System	MLSHEXT.DLL	Bearbeitungsfehler	26.03.2013 10:14:51	
System	MLSHEXT.DLL	Bearbeitungsfehler	26.03.2013 10:15:31	
Host Process for Windows Services	infpub.dat	Bearbeitungsfehler	26.03.2013 10:15:31	
System	MLSHEXT.DLL	Bearbeitungsfehler	26.03.2013 10:15:31	
Kaspersky Internet Security		Es gibt unverarbeitete Objekte	26.03.2013 10:23:18	
Kaspersky Internet Security	Anti-Spam	Aufgabe wurde gestartet	26.03.2013 10:23:19	
Kaspersky Internet Security	Schutz vor Netzwerkangriffen	Aufgabe wurde gestartet	26.03.2013 10:23:19	
Kaspersky Internet Security	IM-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 10:23:19	
Kaspersky Internet Security	Mail-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 10:23:19	
Kaspersky Internet Security	Proaktiver Schutz	Aufgabe wurde gestartet	26.03.2013 10:23:19	
Kaspersky Internet Security	Firewall	Aufgabe wurde gestartet	26.03.2013 10:23:19	
Kaspersky Internet Security	Datei-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 10:23:19	
Kaspersky Internet Security	Aktivitätsmonitor	Aufgabe wurde gestartet	26.03.2013 10:23:19	
Kaspersky Internet Security	Programmkontrolle	Aufgabe wurde gestartet	26.03.2013 10:23:19	
Kaspersky Internet Security			26.03.2013 10:23:19	
Kaspersky Internet Security		Der Schutz wurde aktiviert	26.03.2013 10:23:19	
Kaspersky Internet Security			26.03.2013 10:23:19	
Kaspersky Internet Security	Web-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 10:23:19	
Microsoft Windows Search Indexer	file_cache	Verboten	26.03.2013 10:25:27	
 Malwarebytes Anti-Malware 	Vertrauenswürdig	Programm wurde verschoben in Gruppe Vertrauenswürdig	26.03.2013 10:26:37	
Unbekannt	MBAMSWISSARMY.SYS	Erlaubt: Starten eines Treibers	26.03.2013 10:26:46	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 10:27:00	
Unbekannt	MBAMSWISSARMY.SYS	Erlaubt: Starten eines Treibers	26.03.2013 10:28:12	
Firefox	E8C48d01	Gepackt: Swf2Swc	26.03.2013 10:33:38	
Unbekannt	MBAMSWISSARMY.SYS	Erlaubt: Starten eines Treibers	26.03.2013 10:34:25	
 Malwarebytes Anti-Malware 	avp.exe	Verboten	26.03.2013 10:35:18	
Host Process for Windows Services	avp.exe	Verboten	26.03.2013 10:35:55	
 Malwarebytes Anti-Malware 	IDSvix86.sys	Gepackt: PE_Patch	26.03.2013 10:37:34	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 10:39:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:39:30	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:40:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:40:19	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:40:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:40:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:40:51	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:40:51	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:40:51	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:40:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:41:06	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:41:06	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:41:07	
 Malwarebytes Anti-Malware 	ewdcsc.sys	Gepackt: PE_Patch	26.03.2013 10:43:59	
 Malwarebytes Anti-Malware 	_uninstall2580	Gepackt: UPX	26.03.2013 10:44:33	
 Malwarebytes Anti-Malware 	isrt.dll	Gepackt: PE_Patch.PECompact	26.03.2013 10:44:35	
 Malwarebytes Anti-Malware 	PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 10:44:35	
 Malwarebytes Anti-Malware 	PecBundle	Gepackt: PECompact	26.03.2013 10:44:35	
 Malwarebytes Anti-Malware 	VLC-1.1.0-WIN32.EXE	Gepackt: WiseSFXDropper	26.03.2013 10:45:05	
 Malwarebytes Anti-Malware 	Spotify088Setup.exe	Gepackt: UPX	26.03.2013 10:45:14	
 Malwarebytes Anti-Malware 	WISE0082.BIN	Gepackt: Swf2Swc	26.03.2013 10:46:01	
 Malwarebytes Anti-Malware 	WISE0083.BIN	Gepackt: Swf2Swc	26.03.2013 10:46:01	
 Malwarebytes Anti-Malware 	WISE0084.BIN	Gepackt: Swf2Swc	26.03.2013 10:46:01	
 Malwarebytes Anti-Malware 	lynx_install.exe	Gepackt: WiseSFXDropper	26.03.2013 10:46:22	
 Malwarebytes Anti-Malware 	jxpiinstall(1).exe	Gepackt: UPX	26.03.2013 10:46:31	
 Malwarebytes Anti-Malware 	jxpiinstall(2).exe	Gepackt: UPX	26.03.2013 10:46:32	
 Malwarebytes Anti-Malware 	#	Gepackt: PE_Patch.PECompact	26.03.2013 10:46:35	
 Malwarebytes Anti-Malware 	PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 10:46:35	
 Malwarebytes Anti-Malware 	PecBundle	Gepackt: PECompact	26.03.2013 10:46:35	
 Malwarebytes Anti-Malware 	ISSetup.dll	Gepackt: PE_Patch.PECompact	26.03.2013 10:47:42	
 Malwarebytes Anti-Malware 	PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 10:47:42	
 Malwarebytes Anti-Malware 	PecBundle	Gepackt: PECompact	26.03.2013 10:47:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:49:30	
Notepad	Vertrauenswürdig	Programm wurde verschoben in Gruppe Vertrauenswürdig	26.03.2013 10:49:36	
Firefox	6C032d01	Gepackt: Swf2Swc	26.03.2013 10:53:10	
Firefox	9F94Fd01	Gepackt: Swf2Swc	26.03.2013 10:53:19	
Firefox	8FD5Ad01	Gepackt: Swf2Swc	26.03.2013 10:53:19	
Firefox	D49F2d01	Gepackt: Swf2Swc	26.03.2013 10:53:25	
Firefox	B8558d01	Gepackt: Swf2Swc	26.03.2013 10:53:25	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde gestartet	26.03.2013 10:53:25	
Firefox	1B493d01	Gepackt: Swf2Swc	26.03.2013 10:53:26	
Firefox	D49F2d01	Gepackt: Swf2Swc	26.03.2013 10:53:31	
Firefox	B8558d01	Gepackt: Swf2Swc	26.03.2013 10:53:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:56:46	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:56:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:59:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:59:34	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 10:59:58	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 11:00:01	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 11:00:11	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 11:00:16	
Firefox	811E8d01	Gepackt: Swf2Swc	26.03.2013 11:02:13	
Firefox	3534Ed01	Gepackt: Swf2Swc	26.03.2013 11:03:12	
Firefox	99253d01	Gepackt: Swf2Swc	26.03.2013 11:03:28	
Firefox	627B4d01	Gepackt: Swf2Swc	26.03.2013 11:04:18	
Firefox	9563Ed01	Gepackt: Swf2Swc	26.03.2013 11:04:18	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde abgeschlossen	26.03.2013 11:07:02	
DEFOGGER.EXE	Vertrauenswürdig	Programm wurde verschoben in Gruppe Vertrauenswürdig	26.03.2013 11:10:58	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 11:16:15	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 11:16:15	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 11:16:16	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 11:16:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 11:16:32	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 11:16:39	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	26.03.2013 12:00:44	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	26.03.2013 12:00:50	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 12:01:37	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	26.03.2013 12:02:06	
Microsoft Office Word	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 12:02:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:02:29	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:02:30	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:02:30	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:02:30	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:02:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:02:35	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:02:35	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:02:43	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 12:02:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:03:39	
Kaspersky Internet Security	Update	Störung in Aufgabe	26.03.2013 12:03:54	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:03:59	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:04:20	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:04:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:04:40	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:04:43	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 12:05:15	
Microsoft Office Word	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 12:05:33	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:07:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:07:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:07:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:07:13	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:07:14	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 12:12:45	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:19:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:19:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:19:19	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:19:25	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 12:19:33	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 12:22:47	
Microsoft Office Word	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 12:23:06	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	26.03.2013 12:23:35	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	26.03.2013 12:23:59	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	26.03.2013 12:26:24	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	26.03.2013 12:27:11	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	26.03.2013 15:05:48	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:07:02	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:07:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:07:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:07:57	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:08:04	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:08:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:08:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:08:13	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:08:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:08:15	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:08:19	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:08:22	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:11:02	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:11:04	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:14:48	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:19:47	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:19:51	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:19:55	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	26.03.2013 15:21:25	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	26.03.2013 15:22:36	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:25:23	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:25:36	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 15:26:46	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 15:33:05	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:37:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:38:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:38:47	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:38:48	
Windows Media Player	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 15:39:03	
Media Foundation Protected Pipeline EXE	Vertrauenswürdig	Programm wurde verschoben in Gruppe Vertrauenswürdig	26.03.2013 15:39:15	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 15:39:57	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 15:40:25	
Firefox	E2738d01	Gepackt: Swf2Swc	26.03.2013 15:43:50	
Microsoft Office Word	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 15:45:21	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:46:13	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 15:49:59	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 15:53:42	
Firefox	BABEEd01	Gepackt: Swf2Swc	26.03.2013 16:00:02	
Firefox	D1BF2d01	Gepackt: Swf2Swc	26.03.2013 16:00:11	
Firefox	E660Fd01	Gepackt: Swf2Swc	26.03.2013 16:00:12	
Firefox	E660Fd01	Gepackt: Swf2Swc	26.03.2013 16:00:31	
Firefox	50F33d01	Gepackt: Swf2Swc	26.03.2013 16:00:32	
Firefox	B54B6d01	Gepackt: Swf2Swc	26.03.2013 16:01:32	
Firefox	9E6F7d01	Gepackt: Swf2Swc	26.03.2013 16:02:02	
Firefox	55A95d01	Gepackt: Swf2Swc	26.03.2013 16:02:07	
Firefox	6BFEEd01	Gepackt: Swf2Swc	26.03.2013 16:02:32	
Firefox	9222Ed01	Gepackt: Swf2Swc	26.03.2013 16:03:21	
Firefox	E3750d01	Gepackt: Swf2Swc	26.03.2013 16:03:36	
Firefox	61805d01	Gepackt: Swf2Swc	26.03.2013 16:04:28	
Firefox	64186d01	Gepackt: Swf2Swc	26.03.2013 16:04:30	
Firefox	E9F24d01	Gepackt: Swf2Swc	26.03.2013 16:06:02	
Firefox	D6ABAd01	Gepackt: Swf2Swc	26.03.2013 16:06:44	
Firefox	C333Bd01	Gepackt: Swf2Swc	26.03.2013 16:06:44	
Firefox	14DDEd01	Gepackt: Swf2Swc	26.03.2013 16:08:00	
Firefox	17E4Fd01	Gepackt: Swf2Swc	26.03.2013 16:08:33	
Firefox	D85E4d01	Gepackt: Swf2Swc	26.03.2013 16:08:54	
Firefox	1AB83d01	Gepackt: Swf2Swc	26.03.2013 16:09:03	
Firefox	E4283d01	Gepackt: Swf2Swc	26.03.2013 16:09:38	
Firefox	94FD2d01	Gepackt: Swf2Swc	26.03.2013 16:09:38	
Notepad	Vertrauenswürdig	Programm wurde verschoben in Gruppe Vertrauenswürdig	26.03.2013 16:11:34	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 16:12:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 16:12:43	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 16:14:38	
Firefox	OTL.exe	Gepackt: PE_Patch.PECompact	26.03.2013 16:21:43	
Firefox	PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 16:21:45	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 16:21:46	
Firefox	PecBundle	Gepackt: PECompact	26.03.2013 16:21:46	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 16:21:54	
Microsoft Office Outlook	Outlook.pst	Bearbeitungsfehler	26.03.2013 16:21:59	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 16:22:03	
Microsoft Windows Search Protocol Host	Outlook.pst	Bearbeitungsfehler	26.03.2013 16:23:38	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 16:25:00	
Consent UI for administrative applications	OTL5931.tmp	Gepackt: PE_Patch.PECompact	26.03.2013 16:25:20	
Consent UI for administrative applications	PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 16:25:20	
Consent UI for administrative applications	PecBundle	Gepackt: PECompact	26.03.2013 16:25:20	
OTL.exe	Schwach beschränkt	Programm wurde verschoben in Gruppe Schwach beschränkt	26.03.2013 16:25:26	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 16:25:38	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 16:26:26	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 16:26:29	
Microsoft Office Word	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 16:27:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 16:27:47	
OTL.exe	SeDebugPrivilege	Erlaubt: Zuweisen von Debugger-Rechten	26.03.2013 16:28:57	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	26.03.2013 16:29:31	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	26.03.2013 16:29:31	
OTL.exe	Parameters	Erlaubt: Veränderung von Rechten für Objekte	26.03.2013 16:30:02	
OTL.exe	Betriebssystem	Erlaubt: Dienst für Änderung öffnen	26.03.2013 16:42:05	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 17:14:02	
Firefox	9F94Fd01	Gepackt: Swf2Swc	26.03.2013 17:14:28	
Firefox	596AEd01	Gepackt: Swf2Swc	26.03.2013 17:14:48	
Firefox	56338d01	Gepackt: Swf2Swc	26.03.2013 17:14:48	
Notepad	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 17:17:16	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 17:17:51	
Client Server Runtime Process	avp.exe	Verboten	26.03.2013 17:18:54	
Client Server Runtime Process	avp.exe	Verboten	26.03.2013 17:19:23	
Kaspersky Internet Security		Der Schutz wurde aktiviert	26.03.2013 17:20:04	
Kaspersky Internet Security		Der Schutz wurde aktiviert	26.03.2013 17:20:04	
Kaspersky Internet Security		Der Schutz funktioniert nicht	26.03.2013 17:20:05	
Unbekanntes Programm	file_cache	Verboten	26.03.2013 17:26:24	
Kaspersky Internet Security		Es gibt unverarbeitete Objekte	26.03.2013 17:26:34	
Kaspersky Internet Security	Anti-Spam	Aufgabe wurde gestartet	26.03.2013 17:26:34	
Kaspersky Internet Security	Programmkontrolle	Aufgabe wurde gestartet	26.03.2013 17:26:34	
Kaspersky Internet Security	Firewall	Aufgabe wurde gestartet	26.03.2013 17:26:34	
Kaspersky Internet Security		Der Schutz wurde aktiviert	26.03.2013 17:26:34	
Kaspersky Internet Security	IM-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 17:26:34	
Kaspersky Internet Security	Datei-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 17:26:34	
Kaspersky Internet Security	Schutz vor Netzwerkangriffen	Aufgabe wurde gestartet	26.03.2013 17:26:34	
Kaspersky Internet Security		Der Schutz funktioniert nicht	26.03.2013 17:26:34	
Kaspersky Internet Security	Mail-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 17:26:34	
Kaspersky Internet Security		Der Schutz wurde aktiviert	26.03.2013 17:26:34	
Kaspersky Internet Security	Proaktiver Schutz	Aufgabe wurde gestartet	26.03.2013 17:26:34	
Kaspersky Internet Security	Aktivitätsmonitor	Aufgabe wurde gestartet	26.03.2013 17:26:34	
Kaspersky Internet Security			26.03.2013 17:26:34	
Kaspersky Internet Security			26.03.2013 17:26:34	
Kaspersky Internet Security	Web-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 17:26:34	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	26.03.2013 17:41:23	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	26.03.2013 17:43:18	
Host Process for Windows Services	OTL.exe	Gepackt: PE_Patch.PECompact	26.03.2013 17:45:44	
Host Process for Windows Services	PE_Patch.PECompact	Gepackt: PecBundle	26.03.2013 17:45:44	
Host Process for Windows Services	PecBundle	Gepackt: PECompact	26.03.2013 17:45:44	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde gestartet	26.03.2013 17:56:34	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde abgeschlossen	26.03.2013 18:10:22	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 18:57:35	
Windows Explorer	avp.exe	Verboten	26.03.2013 18:58:33	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 19:00:22	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 19:00:25	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 19:11:54	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 19:12:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 19:12:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 19:12:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	26.03.2013 19:12:20	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	26.03.2013 19:13:56	
Firefox	8FD5Ad01	Gepackt: Swf2Swc	26.03.2013 19:14:10	
Firefox	gmer_2.1.19155.exe	Gepackt: UPX	26.03.2013 19:17:10	
Kaspersky Internet Security		Der Schutz funktioniert nicht	26.03.2013 19:18:11	
Unbekanntes Programm	file_cache	Verboten	26.03.2013 09:05:04	
Kaspersky Internet Security		Es gibt unverarbeitete Objekte	26.03.2013 09:05:44	
Kaspersky Internet Security	Anti-Spam	Aufgabe wurde gestartet	26.03.2013 09:05:45	
Kaspersky Internet Security	Programmkontrolle	Aufgabe wurde gestartet	26.03.2013 09:05:45	
Kaspersky Internet Security	Schutz vor Netzwerkangriffen	Aufgabe wurde gestartet	26.03.2013 09:05:45	
Kaspersky Internet Security	IM-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 09:05:45	
Kaspersky Internet Security	Mail-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 09:05:45	
Kaspersky Internet Security	Proaktiver Schutz	Aufgabe wurde gestartet	26.03.2013 09:05:45	
Kaspersky Internet Security	Aktivitätsmonitor	Aufgabe wurde gestartet	26.03.2013 09:05:45	
Kaspersky Internet Security			26.03.2013 09:05:45	
Kaspersky Internet Security			26.03.2013 09:05:45	
Kaspersky Internet Security	Firewall	Aufgabe wurde gestartet	26.03.2013 09:05:45	
Kaspersky Internet Security	Datei-Anti-Virus	Aufgabe wurde gestartet	26.03.2013 09:05:45	
Datum: Montag (237)	
Unbekanntes Programm	file_cache	Verboten	25.03.2013 08:43:26	
Kaspersky Internet Security	Anti-Spam	Aufgabe wurde gestartet	25.03.2013 08:43:34	
Kaspersky Internet Security	Programmkontrolle	Aufgabe wurde gestartet	25.03.2013 08:43:34	
Kaspersky Internet Security	IM-Anti-Virus	Aufgabe wurde gestartet	25.03.2013 08:43:34	
Kaspersky Internet Security	Mail-Anti-Virus	Aufgabe wurde gestartet	25.03.2013 08:43:34	
Kaspersky Internet Security	Aktivitätsmonitor	Aufgabe wurde gestartet	25.03.2013 08:43:34	
Kaspersky Internet Security	Proaktiver Schutz	Aufgabe wurde gestartet	25.03.2013 08:43:34	
Kaspersky Internet Security			25.03.2013 08:43:34	
Kaspersky Internet Security			25.03.2013 08:43:34	
Kaspersky Internet Security	Web-Anti-Virus	Aufgabe wurde gestartet	25.03.2013 08:43:34	
Kaspersky Internet Security	Firewall	Aufgabe wurde gestartet	25.03.2013 08:43:34	
Kaspersky Internet Security	Datei-Anti-Virus	Aufgabe wurde gestartet	25.03.2013 08:43:34	
Kaspersky Internet Security	Schutz vor Netzwerkangriffen	Aufgabe wurde gestartet	25.03.2013 08:43:34	
Kaspersky Internet Security		Der Schutz wurde aktiviert	25.03.2013 08:43:45	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 08:46:28	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:46:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:47:30	
Task Scheduler Engine	avp.exe	Verboten	25.03.2013 08:48:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:48:37	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:48:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:48:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:48:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:48:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:49:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:49:01	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:51:35	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:51:39	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 08:52:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:55:10	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:55:11	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 08:55:15	
Host Process for Windows Services	avp.exe	Verboten	25.03.2013 08:58:21	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	25.03.2013 08:58:21	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	25.03.2013 08:59:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 09:10:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 09:10:50	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 09:15:19	
Windows Explorer	igfxress.dll	Bearbeitungsfehler	25.03.2013 09:20:46	
Client Server Runtime Process	avp.exe	Verboten	25.03.2013 09:20:49	
Client Server Runtime Process	avp.exe	Verboten	25.03.2013 09:21:09	
Kaspersky Internet Security		Der Schutz wurde aktiviert	25.03.2013 09:21:43	
Kaspersky Internet Security		Der Schutz wurde aktiviert	25.03.2013 09:21:43	
Kaspersky Internet Security		Der Schutz funktioniert nicht	25.03.2013 09:21:44	
Unbekanntes Programm	file_cache	Verboten	25.03.2013 16:36:57	
Kaspersky Internet Security	Anti-Spam	Aufgabe wurde gestartet	25.03.2013 16:37:06	
Kaspersky Internet Security	Programmkontrolle	Aufgabe wurde gestartet	25.03.2013 16:37:06	
Kaspersky Internet Security	Schutz vor Netzwerkangriffen	Aufgabe wurde gestartet	25.03.2013 16:37:06	
Kaspersky Internet Security	IM-Anti-Virus	Aufgabe wurde gestartet	25.03.2013 16:37:06	
Kaspersky Internet Security	Mail-Anti-Virus	Aufgabe wurde gestartet	25.03.2013 16:37:06	
Kaspersky Internet Security	Proaktiver Schutz	Aufgabe wurde gestartet	25.03.2013 16:37:06	
Kaspersky Internet Security	Aktivitätsmonitor	Aufgabe wurde gestartet	25.03.2013 16:37:06	
Kaspersky Internet Security			25.03.2013 16:37:06	
Kaspersky Internet Security			25.03.2013 16:37:06	
Kaspersky Internet Security	Web-Anti-Virus	Aufgabe wurde gestartet	25.03.2013 16:37:06	
Kaspersky Internet Security	Firewall	Aufgabe wurde gestartet	25.03.2013 16:37:06	
Kaspersky Internet Security	Datei-Anti-Virus	Aufgabe wurde gestartet	25.03.2013 16:37:06	
Kaspersky Internet Security		Der Schutz wurde aktiviert	25.03.2013 16:37:15	
Microsoft Office Outlook	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 16:38:51	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 16:39:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:13	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:28	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:28	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:29	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:30	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:30	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:30	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:32	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:32	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:33	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:33	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:34	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:35	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:44	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:40:55	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:05	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:13	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:13	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:14	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:18	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:23	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:26	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:30	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:31	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:37	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:38	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:41	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:43	
Windows Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 16:41:43	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:41:49	
Microsoft Office Word	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 16:42:13	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:43:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:43:49	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 16:46:30	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:49:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:49:13	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:51:21	
Host Process for Windows Services	avp.exe	Verboten	25.03.2013 16:51:50	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	25.03.2013 16:52:12	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	25.03.2013 16:54:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:55:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:55:47	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 16:55:48	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:07:04	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde gestartet	25.03.2013 17:07:06	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:09:03	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:09:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:09:55	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:09:57	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:10:00	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:10:28	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:10:34	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:10:39	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:10:41	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:14:26	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:14:37	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:14:40	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:14:41	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:14:43	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 17:15:03	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:16:40	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:17:24	
Kaspersky Internet Security	Rootkit-Suche	Aufgabe wurde abgeschlossen	25.03.2013 17:23:05	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:25:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:28:12	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:28:22	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:28:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:28:55	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:29:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:30:03	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:31:09	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:32:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:32:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:32:53	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:33:20	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:33:56	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:37:51	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:38:02	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:38:22	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:38:26	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:38:30	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:52:34	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:52:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:53:05	
Firefox	8FA41d01	Gepackt: Swf2Swc	25.03.2013 17:55:06	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 17:56:49	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:59:11	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 17:59:14	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	25.03.2013 18:22:31	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	25.03.2013 18:22:42	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	25.03.2013 18:22:43	
Kaspersky Internet Security	Update	Störung in Aufgabe	25.03.2013 18:22:57	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 18:31:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 18:38:17	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 18:40:02	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 18:40:13	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 18:40:21	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 18:40:24	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 18:41:06	
Host Process for Windows Services	$ObjId:$O:$INDEX_ALLOCATION	Bearbeitungsfehler	25.03.2013 18:44:58	
Host Process for Windows Services	$ObjId	Bearbeitungsfehler	25.03.2013 18:45:00	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	25.03.2013 18:47:40	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	25.03.2013 18:48:37	
Kaspersky Internet Security	Untersuchung bei Computerleerlauf	Aufgabe wurde gestartet	25.03.2013 18:48:38	
Kaspersky Internet Security		Es gibt unverarbeitete Objekte	25.03.2013 19:10:51	
Kaspersky Internet Security	Untersuchung bei Computerleerlauf	Aufgabe wurde beendet	25.03.2013 19:19:57	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 19:20:04	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 19:20:10	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 19:20:23	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 19:21:17	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 19:23:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 19:23:35	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 19:23:57	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 19:24:02	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 19:24:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 19:24:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 20:14:53	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 20:15:01	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	25.03.2013 20:48:49	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	25.03.2013 20:49:33	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 21:29:54	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 21:30:01	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 21:36:59	
Internet Explorer	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 21:37:08	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 21:41:42	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 21:41:50	
Firefox	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 21:42:00	
Firefox	15691d01	Gepackt: Swf2Swc	25.03.2013 21:42:45	
Firefox	8CBC6d01	Gepackt: Swf2Swc	25.03.2013 21:42:45	
Firefox	5193Bd01	Gepackt: Swf2Swc	25.03.2013 21:43:07	
Firefox	FCFE6d01	Gepackt: Swf2Swc	25.03.2013 21:43:07	
Firefox	0B81Fd01	Gepackt: Swf2Swc	25.03.2013 21:44:19	
Firefox	E2738d01	Gepackt: Swf2Swc	25.03.2013 21:45:27	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 21:48:00	
Firefox	2B84Ed01	Gepackt: Swf2Swc	25.03.2013 21:48:57	
Firefox	05692d01	Gepackt: Swf2Swc	25.03.2013 21:48:57	
Firefox	65A35d01	Gepackt: Swf2Swc	25.03.2013 21:49:29	
Firefox	2F710d01	Gepackt: Swf2Swc	25.03.2013 21:49:49	
Firefox	43B02d01	Gepackt: Swf2Swc	25.03.2013 21:50:27	
Firefox	43B02d01	Gepackt: Swf2Swc	25.03.2013 21:50:43	
Firefox	3708Bd01	Gepackt: Swf2Swc	25.03.2013 21:50:50	
Firefox	ECBBEd01	Gepackt: Swf2Swc	25.03.2013 21:50:51	
Firefox	E3750d01	Gepackt: Swf2Swc	25.03.2013 21:50:51	
Firefox	E660Fd01	Gepackt: Swf2Swc	25.03.2013 21:51:49	
Firefox	05CBCd01	Gepackt: Swf2Swc	25.03.2013 21:53:10	
Firefox	EDDF3d01	Gepackt: Swf2Swc	25.03.2013 21:57:57	
Firefox	ED33Bd01	Gepackt: Swf2Swc	25.03.2013 21:58:11	
Firefox	ED33Bd01	Gepackt: Swf2Swc	25.03.2013 21:58:27	
Firefox	BEE82d01	Gepackt: Swf2Swc	25.03.2013 22:00:48	
Firefox	E2A32d01	Gepackt: Swf2Swc	25.03.2013 22:01:58	
Firefox	22508d01	Gepackt: Swf2Swc	25.03.2013 22:02:13	
Firefox	6EBDBd01	Gepackt: Swf2Swc	25.03.2013 22:02:52	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 22:03:46	
Kaspersky Internet Security	Update	Aufgabe wurde gestartet	25.03.2013 22:49:52	
Kaspersky Internet Security	Update	Aufgabe wurde abgeschlossen	25.03.2013 22:50:50	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 22:55:23	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 22:55:51	
Microsoft Office Excel	dwmapi.dll	Erlaubt: Installation von Hooks	25.03.2013 22:56:25	
Microsoft Office Outlook		Gepackt: Html2Rtf	25.03.2013 22:57:16	
Client Server Runtime Process	avp.exe	Verboten	25.03.2013 22:57:49	
Client Server Runtime Process	avp.exe	Verboten	25.03.2013 22:58:19	
Kaspersky Internet Security		Der Schutz wurde aktiviert	25.03.2013 22:59:08	
Kaspersky Internet Security		Der Schutz wurde aktiviert	25.03.2013 22:59:08	
Kaspersky Internet Security		Der Schutz funktioniert nicht	25.03.2013 22:59:12

cosinus · 01.04.2013, 13:36

Bevor wir uns an die weitere Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten

MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

aswMBR

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

hrbg · 01.04.2013, 20:14

Hier die gewünschten Logs:
MBAR (Malwarebytes Anti-Rootkit)

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org

Database version: v2013.04.01.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
HBG :: HBG-MOBIL [administrator]

01.04.2013 17:35:28
mbar-log-2013-04-01 (17-35-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30014
Time elapsed: 22 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

aswMBR

Code:

ATTFilter

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-01 18:33:44
-----------------------------
18:33:44.646    OS Version: Windows 6.0.6002 Service Pack 2
18:33:44.646    Number of processors: 2 586 0xE0C
18:33:44.646    ComputerName: HBG-MOBIL  UserName: HBG
18:33:45.941    Initialize success
18:45:28.182    AVAST engine defs: 13040100
18:48:56.520    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:48:56.520    Disk 0 Vendor: Hitachi_HTS541616J9SA00 SB4OC70P Size: 152627MB BusType: 3
18:48:56.661    Disk 0 MBR read successfully
18:48:56.676    Disk 0 MBR scan
18:48:56.692    Disk 0 unknown MBR code
18:48:56.692    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0     7000 MB offset 2048
18:48:56.723    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        91576 MB offset 14338048
18:48:56.723    Disk 0 Partition - 00     05     Extended             54050 MB offset 201885696
18:48:56.754    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        54047 MB offset 201887744
18:48:56.770    Disk 0 scanning sectors +312581808
18:48:57.051    Disk 0 scanning C:\Windows\system32\drivers
18:49:12.635    Service scanning
18:49:31.137    Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
18:49:31.215    Service kl2 C:\Windows\system32\DRIVERS\kl2.sys **LOCKED** 5
18:49:31.573    Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
18:49:31.698    Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
18:49:58.499    Modules scanning
18:50:32.211    Disk 0 trace - called modules:
18:50:32.242    ntkrnlpa.exe fltsrv.sys hal.dll tdrpman.sys CLASSPNP.SYS disk.sys vsflt67.sys acpi.sys ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys 
18:50:32.257    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a5a8278]
18:50:32.257    3 CLASSPNP.SYS[8d3538b3] -> nt!IofCallDriver -> [0x8a5a8ee8]
18:50:32.273    5 vsflt67.sys[877194bb] -> nt!IofCallDriver -> [0x899e8c48]
18:50:32.273    7 acpi.sys[876976bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x899cf7d8]
18:50:32.913    AVAST engine scan C:\Windows
18:50:40.057    AVAST engine scan C:\Windows\system32
18:55:01.357    AVAST engine scan C:\Windows\system32\drivers
18:55:21.481    AVAST engine scan C:\Users\HBG
19:26:38.099    AVAST engine scan C:\ProgramData
19:45:49.863    Scan finished successfully
19:55:37.078    Disk 0 MBR has been saved successfully to "C:\Users\HBG\Downloads\MBR.dat"
19:55:37.093    The log file has been saved successfully to "C:\Users\HBG\Downloads\aswMBR.txt"

TDSS-Killer

Code:

ATTFilter

21:02:17.0132 5024  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:02:17.0475 5024  ============================================================
21:02:17.0475 5024  Current date / time: 2013/04/01 21:02:17.0475
21:02:17.0475 5024  SystemInfo:
21:02:17.0475 5024  
21:02:17.0475 5024  OS Version: 6.0.6002 ServicePack: 2.0
21:02:17.0475 5024  Product type: Workstation
21:02:17.0475 5024  ComputerName: HBG-MOBIL
21:02:17.0475 5024  UserName: HBG
21:02:17.0475 5024  Windows directory: C:\Windows
21:02:17.0475 5024  System windows directory: C:\Windows
21:02:17.0475 5024  Processor architecture: Intel x86
21:02:17.0475 5024  Number of processors: 2
21:02:17.0475 5024  Page size: 0x1000
21:02:17.0475 5024  Boot type: Normal boot
21:02:17.0475 5024  ============================================================
21:02:19.0550 5024  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x93E52, SectorsPerTrack: 0x4, TracksPerCylinder: 0x81, Type 'K0', Flags 0x00000050
21:02:19.0550 5024  ============================================================
21:02:19.0550 5024  \Device\Harddisk0\DR0:
21:02:19.0550 5024  MBR partitions:
21:02:19.0550 5024  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xDAC800, BlocksNum 0xB2DC000
21:02:19.0565 5024  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC089000, BlocksNum 0x698F800
21:02:19.0565 5024  ============================================================
21:02:19.0612 5024  C: <-> \Device\Harddisk0\DR0\Partition1
21:02:19.0643 5024  D: <-> \Device\Harddisk0\DR0\Partition2
21:02:19.0643 5024  ============================================================
21:02:19.0643 5024  Initialize success
21:02:19.0643 5024  ============================================================
21:02:46.0725 4900  ============================================================
21:02:46.0725 4900  Scan started
21:02:46.0725 4900  Mode: Manual; SigCheck; TDLFS; 
21:02:46.0725 4900  ============================================================
21:02:47.0723 4900  ================ Scan system memory ========================
21:02:47.0723 4900  System memory - ok
21:02:47.0723 4900  ================ Scan services =============================
21:02:47.0895 4900  [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
21:02:48.0160 4900  AAV UpdateService - ok
21:02:48.0301 4900  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
21:02:48.0332 4900  ACPI - ok
21:02:48.0441 4900  [ D13C68CD5776C900A73C609422191BAF ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
21:02:48.0488 4900  AcrSch2Svc - ok
21:02:48.0597 4900  [ 4451CC2275B04043EC2BCC757AF97291 ] AdobeActiveFileMonitor8.0 C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
21:02:48.0628 4900  AdobeActiveFileMonitor8.0 - ok
21:02:48.0722 4900  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:02:48.0753 4900  AdobeARMservice - ok
21:02:48.0831 4900  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:02:48.0862 4900  AdobeFlashPlayerUpdateSvc - ok
21:02:48.0925 4900  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:02:48.0971 4900  adp94xx - ok
21:02:49.0003 4900  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:02:49.0034 4900  adpahci - ok
21:02:49.0049 4900  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
21:02:49.0081 4900  adpu160m - ok
21:02:49.0112 4900  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:02:49.0143 4900  adpu320 - ok
21:02:49.0205 4900  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:02:50.0048 4900  AeLookupSvc - ok
21:02:50.0110 4900  [ 158ED54CE49CF828C1E46A811FFF8804 ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
21:02:50.0204 4900  afcdp - ok
21:02:50.0375 4900  [ 50BD54F16710AE4AEF88D57E63ECFEF8 ] afcdpsrv        C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
21:02:50.0687 4900  afcdpsrv - ok
21:02:50.0750 4900  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
21:02:50.0843 4900  AFD - ok
21:02:50.0906 4900  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:02:50.0937 4900  agp440 - ok
21:02:50.0984 4900  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:02:51.0031 4900  aic78xx - ok
21:02:51.0171 4900  [ 7067AC22EB74C2E3D4C950050CBB1AC0 ] ALDITALKVerbindungsassistent_Service C:\Users\HBG\ALDITALKVerbindungsassistent_Service.exe
21:02:51.0218 4900  ALDITALKVerbindungsassistent_Service - ok
21:02:51.0280 4900  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
21:02:51.0483 4900  ALG - ok
21:02:51.0514 4900  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:02:51.0530 4900  aliide - ok
21:02:51.0577 4900  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:02:51.0592 4900  amdagp - ok
21:02:51.0608 4900  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
21:02:51.0623 4900  amdide - ok
21:02:51.0670 4900  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
21:02:51.0889 4900  AmdK7 - ok
21:02:51.0920 4900  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:02:51.0998 4900  AmdK8 - ok
21:02:52.0060 4900  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
21:02:52.0138 4900  Appinfo - ok
21:02:52.0169 4900  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
21:02:52.0201 4900  arc - ok
21:02:52.0232 4900  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:02:52.0263 4900  arcsas - ok
21:02:52.0341 4900  [ 66597AD6098352D11239C0C42100B176 ] ASLDRService    C:\Program Files\ATK Hotkey\ASLDRSrv.exe
21:02:52.0372 4900  ASLDRService ( UnsignedFile.Multi.Generic ) - warning
21:02:52.0372 4900  ASLDRService - detected UnsignedFile.Multi.Generic (1)
21:02:52.0466 4900  [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:02:52.0497 4900  aspnet_state - ok
21:02:52.0544 4900  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:02:52.0653 4900  AsyncMac - ok
21:02:52.0700 4900  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:02:52.0731 4900  atapi - ok
21:02:52.0809 4900  [ 2846F5EE802889D500FCF5CC48B28381 ] athr            C:\Windows\system32\DRIVERS\athr.sys
21:02:52.0949 4900  athr - ok
21:02:53.0027 4900  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:02:53.0121 4900  AudioEndpointBuilder - ok
21:02:53.0137 4900  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:02:53.0183 4900  Audiosrv - ok
21:02:53.0277 4900  [ 6C9D5BADC8F83D410A278717C2EEA6F6 ] AVP             C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
21:02:53.0293 4900  AVP - ok
21:02:53.0355 4900  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:02:53.0417 4900  Beep - ok
21:02:53.0480 4900  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
21:02:53.0527 4900  BFE - ok
21:02:53.0620 4900  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
21:02:53.0683 4900  BITS - ok
21:02:53.0683 4900  blbdrive - ok
21:02:53.0761 4900  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:02:53.0807 4900  bowser - ok
21:02:53.0870 4900  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
21:02:53.0885 4900  BrFiltLo - ok
21:02:53.0948 4900  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
21:02:53.0995 4900  BrFiltUp - ok
21:02:54.0026 4900  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
21:02:54.0073 4900  Browser - ok
21:02:54.0119 4900  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
21:02:54.0197 4900  Brserid - ok
21:02:54.0229 4900  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
21:02:54.0322 4900  BrSerWdm - ok
21:02:54.0338 4900  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
21:02:54.0431 4900  BrUsbMdm - ok
21:02:54.0447 4900  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
21:02:54.0541 4900  BrUsbSer - ok
21:02:54.0572 4900  [ A820438255F37AB8BAA2BD59753A8D81 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
21:02:54.0650 4900  BthEnum - ok
21:02:54.0697 4900  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:02:54.0775 4900  BTHMODEM - ok
21:02:54.0806 4900  [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:02:54.0899 4900  BthPan - ok
21:02:54.0931 4900  [ 4A74BBB2B6761789F42A6613479BDB1D ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
21:02:55.0009 4900  BTHPORT - ok
21:02:55.0040 4900  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
21:02:55.0102 4900  BthServ - ok
21:02:55.0133 4900  [ 1A407F9B707A06F55AA150F9AA072B09 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
21:02:55.0227 4900  BTHUSB - ok
21:02:55.0258 4900  ccEvtMgr - ok
21:02:55.0258 4900  ccSetMgr - ok
21:02:55.0305 4900  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:02:55.0367 4900  cdfs - ok
21:02:55.0399 4900  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:02:55.0445 4900  cdrom - ok
21:02:55.0508 4900  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:02:55.0539 4900  CertPropSvc - ok
21:02:55.0570 4900  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:02:55.0633 4900  circlass - ok
21:02:55.0664 4900  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
21:02:55.0695 4900  CLFS - ok
21:02:55.0726 4900  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:02:55.0773 4900  clr_optimization_v2.0.50727_32 - ok
21:02:55.0882 4900  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:02:55.0913 4900  clr_optimization_v4.0.30319_32 - ok
21:02:55.0945 4900  CLTNetCnService - ok
21:02:55.0976 4900  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:02:56.0038 4900  CmBatt - ok
21:02:56.0069 4900  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:02:56.0085 4900  cmdide - ok
21:02:56.0116 4900  comHost - ok
21:02:56.0147 4900  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:02:56.0163 4900  Compbatt - ok
21:02:56.0163 4900  COMSysApp - ok
21:02:56.0179 4900  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:02:56.0210 4900  crcdisk - ok
21:02:56.0225 4900  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
21:02:56.0319 4900  Crusoe - ok
21:02:56.0366 4900  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:02:56.0413 4900  CryptSvc - ok
21:02:56.0459 4900  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:02:56.0537 4900  DcomLaunch - ok
21:02:56.0569 4900  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:02:56.0615 4900  DfsC - ok
21:02:56.0756 4900  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
21:02:57.0224 4900  DFSR - ok
21:02:57.0302 4900  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
21:02:57.0395 4900  Dhcp - ok
21:02:57.0442 4900  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
21:02:57.0489 4900  disk - ok
21:02:57.0551 4900  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:02:57.0614 4900  Dnscache - ok
21:02:57.0661 4900  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:02:57.0739 4900  dot3svc - ok
21:02:57.0801 4900  [ 4F59C172C094E1A1D46463A8DC061CBD ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:02:57.0895 4900  dot4 - ok
21:02:57.0926 4900  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:02:58.0035 4900  Dot4Print - ok
21:02:58.0066 4900  [ C55004CA6B419B6695970DFE849B122F ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:02:58.0113 4900  dot4usb - ok
21:02:58.0160 4900  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
21:02:58.0207 4900  DPS - ok
21:02:58.0253 4900  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:02:58.0285 4900  drmkaud - ok
21:02:58.0331 4900  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:02:58.0363 4900  DXGKrnl - ok
21:02:58.0409 4900  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
21:02:58.0487 4900  E1G60 - ok
21:02:58.0550 4900  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
21:02:58.0597 4900  EapHost - ok
21:02:58.0659 4900  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
21:02:58.0690 4900  Ecache - ok
21:02:58.0768 4900  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:02:58.0784 4900  ehRecvr - ok
21:02:58.0815 4900  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
21:02:58.0909 4900  ehSched - ok
21:02:58.0924 4900  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
21:02:58.0955 4900  ehstart - ok
21:02:59.0033 4900  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:02:59.0065 4900  elxstor - ok
21:02:59.0111 4900  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
21:02:59.0205 4900  EMDMgmt - ok
21:02:59.0252 4900  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
21:02:59.0314 4900  EventSystem - ok
21:02:59.0377 4900  [ E1556AF3FB0284C32896B9AC8494D9C2 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
21:02:59.0423 4900  ewusbnet - ok
21:02:59.0486 4900  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
21:02:59.0548 4900  exfat - ok
21:02:59.0611 4900  Fabs - ok
21:02:59.0657 4900  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:02:59.0735 4900  fastfat - ok
21:02:59.0813 4900  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:02:59.0923 4900  fdc - ok
21:03:00.0032 4900  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:03:00.0281 4900  fdPHost - ok
21:03:00.0344 4900  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:03:00.0484 4900  FDResPub - ok
21:03:00.0547 4900  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:03:00.0562 4900  FileInfo - ok
21:03:00.0593 4900  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:03:00.0640 4900  Filetrace - ok
21:03:00.0765 4900  [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
21:03:01.0030 4900  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
21:03:01.0030 4900  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
21:03:01.0093 4900  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:03:01.0139 4900  FLEXnet Licensing Service - ok
21:03:01.0217 4900  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:03:01.0311 4900  flpydisk - ok
21:03:01.0342 4900  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:03:01.0373 4900  FltMgr - ok
21:03:01.0436 4900  [ 17119D86FB4A43A99BF5242DD3038394 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
21:03:01.0451 4900  fltsrv - ok
21:03:01.0529 4900  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
21:03:01.0576 4900  FontCache - ok
21:03:01.0654 4900  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:03:01.0670 4900  FontCache3.0.0.0 - ok
21:03:01.0701 4900  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:03:01.0748 4900  Fs_Rec - ok
21:03:01.0779 4900  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:03:01.0810 4900  gagp30kx - ok
21:03:01.0873 4900  [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio           C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
21:03:01.0888 4900  ghaio - ok
21:03:01.0935 4900  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:03:01.0997 4900  gpsvc - ok
21:03:02.0091 4900  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
21:03:02.0107 4900  gupdate - ok
21:03:02.0138 4900  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:03:02.0169 4900  gupdatem - ok
21:03:02.0200 4900  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:03:02.0216 4900  gusvc - ok
21:03:02.0278 4900  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:03:02.0325 4900  HdAudAddService - ok
21:03:02.0356 4900  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:03:02.0434 4900  HDAudBus - ok
21:03:02.0481 4900  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:03:02.0590 4900  HidBth - ok
21:03:02.0606 4900  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:03:02.0715 4900  HidIr - ok
21:03:02.0746 4900  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
21:03:02.0809 4900  hidserv - ok
21:03:02.0840 4900  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:03:02.0902 4900  HidUsb - ok
21:03:02.0933 4900  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:03:03.0027 4900  hkmsvc - ok
21:03:03.0058 4900  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
21:03:03.0089 4900  HpCISSs - ok
21:03:03.0136 4900  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:03:03.0199 4900  HTTP - ok
21:03:03.0277 4900  [ A89423D0132C8AB69BA621B6CE191714 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:03:03.0308 4900  hwdatacard - ok
21:03:03.0355 4900  [ 460B1945C3E6B0419A76E1B507B90B71 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
21:03:03.0401 4900  hwusbdev - ok
21:03:03.0433 4900  hwusbfake - ok
21:03:03.0479 4900  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
21:03:03.0511 4900  i2omp - ok
21:03:03.0573 4900  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:03:03.0635 4900  i8042prt - ok
21:03:03.0776 4900  [ 9378D57E2B96C0A185D844770AD49948 ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
21:03:04.0041 4900  ialm - ok
21:03:04.0088 4900  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
21:03:04.0150 4900  iaStorV - ok
21:03:04.0244 4900  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:03:04.0337 4900  idsvc - ok
21:03:04.0447 4900  [ 78432A57D085328CF8BAF125985425D2 ] IDSvix86        C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20061025.029\IDSvix86.sys
21:03:04.0509 4900  IDSvix86 - ok
21:03:04.0634 4900  [ 9378D57E2B96C0A185D844770AD49948 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
21:03:04.0759 4900  igfx - ok
21:03:04.0805 4900  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:03:04.0837 4900  iirsp - ok
21:03:04.0930 4900  [ 755519F49906B73C1FE9CBBF75E347EA ] IJPLMSVC        C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
21:03:04.0961 4900  IJPLMSVC - ok
21:03:05.0039 4900  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:03:05.0133 4900  IKEEXT - ok
21:03:05.0164 4900  [ AEA4C9BB21C12E8BE4078D836DD98F86 ] InCDfs          C:\Windows\system32\drivers\InCDFs.sys
21:03:05.0195 4900  InCDfs - ok
21:03:05.0258 4900  [ 507CA5B34CCEE17FE5AF5B14A718775B ] InCDPass        C:\Windows\system32\drivers\InCDPass.sys
21:03:05.0367 4900  InCDPass - ok
21:03:05.0398 4900  [ 2E977F77A1D479CF12950FC1ED70B415 ] InCDrec         C:\Windows\system32\drivers\InCDrec.sys
21:03:05.0461 4900  InCDrec - ok
21:03:05.0492 4900  [ 3B98D9EB9E63F5AFFB532F977C09162F ] incdrm          C:\Windows\system32\drivers\InCDRm.sys
21:03:05.0523 4900  incdrm - ok
21:03:05.0617 4900  [ 219CD67AC3547B0B29B7CDA0513E50BA ] InCDsrv         C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
21:03:05.0710 4900  InCDsrv - ok
21:03:05.0757 4900  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:03:05.0773 4900  intelide - ok
21:03:05.0819 4900  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:03:05.0866 4900  intelppm - ok
21:03:05.0897 4900  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:03:05.0960 4900  IPBusEnum - ok
21:03:05.0991 4900  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:03:06.0038 4900  IpFilterDriver - ok
21:03:06.0069 4900  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:03:06.0163 4900  iphlpsvc - ok
21:03:06.0163 4900  IpInIp - ok
21:03:06.0194 4900  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
21:03:06.0272 4900  IPMIDRV - ok
21:03:06.0303 4900  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
21:03:06.0334 4900  IPNAT - ok
21:03:06.0350 4900  ipswuio - ok
21:03:06.0381 4900  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:03:06.0412 4900  IRENUM - ok
21:03:06.0443 4900  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:03:06.0459 4900  isapnp - ok
21:03:06.0521 4900  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:03:06.0537 4900  iScsiPrt - ok
21:03:06.0568 4900  ISPwdSvc - ok
21:03:06.0584 4900  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
21:03:06.0599 4900  iteatapi - ok
21:03:06.0646 4900  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
21:03:06.0662 4900  iteraid - ok
21:03:06.0693 4900  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:03:06.0709 4900  kbdclass - ok
21:03:06.0755 4900  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:03:06.0787 4900  kbdhid - ok
21:03:06.0818 4900  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
21:03:06.0865 4900  KeyIso - ok
21:03:06.0943 4900  [ 186B54479D98E48AEE0E9ADA4B3C4D31 ] KL1             C:\Windows\system32\DRIVERS\kl1.sys
21:03:06.0958 4900  KL1 - ok
21:03:06.0974 4900  [ BF485BFBA13C0AB116701FD9C55324D0 ] kl2             C:\Windows\system32\DRIVERS\kl2.sys
21:03:06.0989 4900  kl2 - ok
21:03:07.0067 4900  [ AF04D0CE7939324E9A605B159295706C ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
21:03:07.0114 4900  KLIF - ok
21:03:07.0161 4900  [ 6295A19003F935ECC6CCBE9E2376427B ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
21:03:07.0192 4900  KLIM6 - ok
21:03:07.0239 4900  [ 3DE1771C135328420315E21DDE229BBA ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
21:03:07.0255 4900  klmouflt - ok
21:03:07.0301 4900  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:03:07.0348 4900  KSecDD - ok
21:03:07.0411 4900  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:03:07.0504 4900  KtmRm - ok
21:03:07.0551 4900  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:03:07.0598 4900  LanmanServer - ok
21:03:07.0660 4900  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:03:07.0707 4900  LanmanWorkstation - ok
21:03:07.0769 4900  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
21:03:07.0785 4900  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
21:03:07.0785 4900  LightScribeService - detected UnsignedFile.Multi.Generic (1)
21:03:07.0816 4900  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:03:07.0910 4900  lltdio - ok
21:03:07.0957 4900  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:03:08.0066 4900  lltdsvc - ok
21:03:08.0128 4900  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:03:08.0237 4900  lmhosts - ok
21:03:08.0331 4900  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:03:08.0347 4900  LSI_FC - ok
21:03:08.0362 4900  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:03:08.0378 4900  LSI_SAS - ok
21:03:08.0440 4900  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:03:08.0456 4900  LSI_SCSI - ok
21:03:08.0487 4900  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
21:03:08.0534 4900  luafv - ok
21:03:08.0565 4900  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:03:08.0596 4900  Mcx2Svc - ok
21:03:08.0643 4900  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
21:03:08.0659 4900  megasas - ok
21:03:08.0690 4900  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
21:03:08.0737 4900  MMCSS - ok
21:03:08.0768 4900  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
21:03:08.0815 4900  Modem - ok
21:03:08.0861 4900  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:03:08.0908 4900  monitor - ok
21:03:08.0939 4900  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:03:08.0971 4900  mouclass - ok
21:03:08.0986 4900  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:03:09.0049 4900  mouhid - ok
21:03:09.0080 4900  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
21:03:09.0095 4900  MountMgr - ok
21:03:09.0158 4900  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:03:09.0189 4900  MozillaMaintenance - ok
21:03:09.0236 4900  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:03:09.0267 4900  mpio - ok
21:03:09.0298 4900  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:03:09.0345 4900  mpsdrv - ok
21:03:09.0392 4900  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:03:09.0454 4900  MpsSvc - ok
21:03:09.0485 4900  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
21:03:09.0517 4900  Mraid35x - ok
21:03:09.0548 4900  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:03:09.0579 4900  MRxDAV - ok
21:03:09.0626 4900  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:03:09.0704 4900  mrxsmb - ok
21:03:09.0751 4900  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:03:09.0782 4900  mrxsmb10 - ok
21:03:09.0813 4900  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:03:09.0860 4900  mrxsmb20 - ok
21:03:09.0907 4900  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:03:09.0922 4900  msahci - ok
21:03:09.0953 4900  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:03:09.0985 4900  msdsm - ok
21:03:10.0016 4900  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
21:03:10.0078 4900  MSDTC - ok
21:03:10.0109 4900  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:03:10.0156 4900  Msfs - ok
21:03:10.0203 4900  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:03:10.0219 4900  msisadrv - ok
21:03:10.0265 4900  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:03:10.0312 4900  MSiSCSI - ok
21:03:10.0312 4900  msiserver - ok
21:03:10.0343 4900  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:03:10.0406 4900  MSKSSRV - ok
21:03:10.0453 4900  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:03:10.0546 4900  MSPCLOCK - ok
21:03:10.0577 4900  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:03:10.0640 4900  MSPQM - ok
21:03:10.0687 4900  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:03:10.0702 4900  MsRPC - ok
21:03:10.0733 4900  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:03:10.0749 4900  mssmbios - ok
21:03:10.0765 4900  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:03:10.0811 4900  MSTEE - ok
21:03:10.0858 4900  [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor        C:\Windows\system32\DRIVERS\ATKACPI.sys
21:03:10.0905 4900  MTsensor - ok
21:03:10.0936 4900  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
21:03:10.0967 4900  Mup - ok
21:03:10.0999 4900  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
21:03:11.0045 4900  napagent - ok
21:03:11.0108 4900  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:03:11.0186 4900  NativeWifiP - ok
21:03:11.0264 4900  [ EF04748A7A7266EDBDBE02B161A0685D ] NAVENG          C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVENG.SYS
21:03:11.0279 4900  NAVENG - ok
21:03:11.0326 4900  [ 09F3BFDC47718459B42D696CB671F65F ] NAVEX15         C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVEX15.SYS
21:03:11.0404 4900  NAVEX15 - ok
21:03:11.0482 4900  [ 8F3357621D24ED31D98F96E18147FDAF ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
21:03:11.0545 4900  NBService - ok
21:03:11.0623 4900  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:03:11.0685 4900  NDIS - ok
21:03:11.0732 4900  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:03:11.0794 4900  NdisTapi - ok
21:03:11.0825 4900  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:03:11.0903 4900  Ndisuio - ok
21:03:11.0935 4900  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:03:11.0997 4900  NdisWan - ok
21:03:12.0028 4900  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:03:12.0059 4900  NDProxy - ok
21:03:12.0091 4900  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:03:12.0137 4900  NetBIOS - ok
21:03:12.0184 4900  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
21:03:12.0215 4900  netbt - ok
21:03:12.0231 4900  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
21:03:12.0247 4900  Netlogon - ok
21:03:12.0293 4900  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
21:03:12.0340 4900  Netman - ok
21:03:12.0371 4900  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
21:03:12.0434 4900  netprofm - ok
21:03:12.0465 4900  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:03:12.0481 4900  NetTcpPortSharing - ok
21:03:12.0574 4900  [ A15F219208843A5A210C8CB391384453 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
21:03:12.0761 4900  NETw3v32 - ok
21:03:12.0777 4900  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:03:12.0793 4900  nfrd960 - ok
21:03:12.0839 4900  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:03:12.0886 4900  NlaSvc - ok
21:03:12.0964 4900  [ FFD209EA219A2599F2F551B80AE6B0BF ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
21:03:12.0995 4900  NMIndexingService - ok
21:03:13.0027 4900  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:03:13.0073 4900  Npfs - ok
21:03:13.0089 4900  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
21:03:13.0151 4900  nsi - ok
21:03:13.0198 4900  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:03:13.0245 4900  nsiproxy - ok
21:03:13.0323 4900  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:03:13.0385 4900  Ntfs - ok
21:03:13.0432 4900  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
21:03:13.0526 4900  ntrigdigi - ok
21:03:13.0573 4900  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
21:03:13.0635 4900  Null - ok
21:03:13.0807 4900  [ CFDDEDC1151839DD71F78472645214A5 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:03:14.0165 4900  nvlddmkm - ok
21:03:14.0212 4900  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:03:14.0243 4900  nvraid - ok
21:03:14.0259 4900  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:03:14.0290 4900  nvstor - ok
21:03:14.0321 4900  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:03:14.0353 4900  nv_agp - ok
21:03:14.0368 4900  NwlnkFlt - ok
21:03:14.0384 4900  NwlnkFwd - ok
21:03:14.0477 4900  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:03:14.0524 4900  odserv - ok
21:03:14.0571 4900  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
21:03:14.0665 4900  ohci1394 - ok
21:03:14.0727 4900  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:03:14.0758 4900  ose - ok
21:03:14.0789 4900  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
21:03:14.0852 4900  p2pimsvc - ok
21:03:14.0867 4900  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:03:14.0899 4900  p2psvc - ok
21:03:14.0930 4900  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
21:03:14.0992 4900  Parport - ok
21:03:15.0023 4900  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:03:15.0055 4900  partmgr - ok
21:03:15.0055 4900  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
21:03:15.0133 4900  Parvdm - ok
21:03:15.0179 4900  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:03:15.0211 4900  PcaSvc - ok
21:03:15.0257 4900  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
21:03:15.0273 4900  pci - ok
21:03:15.0304 4900  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:03:15.0320 4900  pciide - ok
21:03:15.0382 4900  [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:03:15.0413 4900  pcmcia - ok
21:03:15.0445 4900  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:03:15.0554 4900  PEAUTH - ok
21:03:15.0913 4900  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
21:03:16.0131 4900  pla - ok
21:03:16.0193 4900  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:03:16.0256 4900  PlugPlay - ok
21:03:16.0318 4900  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
21:03:16.0396 4900  PNRPAutoReg - ok
21:03:16.0427 4900  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
21:03:16.0459 4900  PNRPsvc - ok
21:03:16.0505 4900  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:03:16.0552 4900  PolicyAgent - ok
21:03:16.0583 4900  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:03:16.0630 4900  PptpMiniport - ok
21:03:16.0646 4900  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
21:03:16.0724 4900  Processor - ok
21:03:16.0755 4900  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:03:16.0786 4900  ProfSvc - ok
21:03:16.0802 4900  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:03:16.0817 4900  ProtectedStorage - ok
21:03:16.0849 4900  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
21:03:16.0895 4900  PSched - ok
21:03:16.0973 4900  [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
21:03:16.0989 4900  PxHelp20 - ok
21:03:17.0067 4900  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:03:17.0114 4900  ql2300 - ok
21:03:17.0129 4900  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:03:17.0145 4900  ql40xx - ok
21:03:17.0207 4900  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
21:03:17.0239 4900  QWAVE - ok
21:03:17.0285 4900  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:03:17.0332 4900  QWAVEdrv - ok
21:03:17.0363 4900  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:03:17.0395 4900  RasAcd - ok
21:03:17.0441 4900  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
21:03:17.0504 4900  RasAuto - ok
21:03:17.0535 4900  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:03:17.0566 4900  Rasl2tp - ok
21:03:17.0629 4900  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
21:03:17.0691 4900  RasMan - ok
21:03:17.0722 4900  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:03:17.0769 4900  RasPppoe - ok
21:03:17.0800 4900  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:03:17.0816 4900  RasSstp - ok
21:03:17.0847 4900  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:03:17.0878 4900  rdbss - ok
21:03:17.0909 4900  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:03:17.0956 4900  RDPCDD - ok
21:03:18.0019 4900  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
21:03:18.0097 4900  rdpdr - ok
21:03:18.0112 4900  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:03:18.0143 4900  RDPENCDD - ok
21:03:18.0175 4900  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:03:18.0206 4900  RDPWD - ok
21:03:18.0268 4900  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:03:18.0315 4900  RemoteAccess - ok
21:03:18.0346 4900  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:03:18.0393 4900  RemoteRegistry - ok
21:03:18.0424 4900  [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:03:18.0502 4900  RFCOMM - ok
21:03:18.0533 4900  [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
21:03:18.0580 4900  rimsptsk - ok
21:03:18.0627 4900  [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
21:03:18.0689 4900  ROOTMODEM - ok
21:03:18.0705 4900  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
21:03:18.0736 4900  RpcLocator - ok
21:03:18.0767 4900  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
21:03:18.0830 4900  RpcSs - ok
21:03:18.0877 4900  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:03:18.0939 4900  rspndr - ok
21:03:19.0033 4900  [ 13E14D517E0F90A216346D5F7F2783E8 ] rt2870          C:\Windows\system32\DRIVERS\rt2870.sys
21:03:19.0142 4900  rt2870 - ok
21:03:19.0189 4900  [ 8DE22FB05E4A0F797B1E442EB4B3B51C ] RTL8023xp       C:\Windows\system32\DRIVERS\Rtnicxp.sys
21:03:19.0267 4900  RTL8023xp - ok
21:03:19.0298 4900  [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
21:03:19.0407 4900  RTL8169 - ok
21:03:19.0501 4900  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
21:03:19.0532 4900  SamSs - ok
21:03:19.0547 4900  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:03:19.0579 4900  sbp2port - ok
21:03:19.0703 4900  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
21:03:19.0813 4900  SBSDWSCService - ok
21:03:19.0859 4900  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:03:19.0922 4900  SCardSvr - ok
21:03:19.0969 4900  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
21:03:20.0047 4900  Schedule - ok
21:03:20.0109 4900  [ 87E1F99C82208238F40BB1079D1CE4AC ] SCPDFReadSpool  C:\Windows\Installer\MSIB24E.tmp
21:03:20.0156 4900  SCPDFReadSpool - ok
21:03:20.0187 4900  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:03:20.0234 4900  SCPolicySvc - ok
21:03:20.0265 4900  [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
21:03:20.0312 4900  sdbus - ok
21:03:20.0359 4900  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:03:20.0421 4900  SDRSVC - ok
21:03:20.0452 4900  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:03:20.0577 4900  secdrv - ok
21:03:20.0608 4900  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
21:03:20.0655 4900  seclogon - ok
21:03:20.0671 4900  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
21:03:20.0717 4900  SENS - ok
21:03:20.0733 4900  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:03:20.0795 4900  Serenum - ok
21:03:20.0811 4900  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
21:03:20.0889 4900  Serial - ok
21:03:20.0905 4900  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:03:20.0951 4900  sermouse - ok
21:03:20.0998 4900  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:03:21.0029 4900  SessionEnv - ok
21:03:21.0061 4900  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
21:03:21.0092 4900  sffdisk - ok
21:03:21.0107 4900  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:03:21.0170 4900  sffp_mmc - ok
21:03:21.0185 4900  [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
21:03:21.0232 4900  sffp_sd - ok
21:03:21.0248 4900  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:03:21.0310 4900  sfloppy - ok
21:03:21.0341 4900  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:03:21.0404 4900  SharedAccess - ok
21:03:21.0451 4900  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:03:21.0482 4900  ShellHWDetection - ok
21:03:21.0513 4900  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:03:21.0529 4900  sisagp - ok
21:03:21.0560 4900  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
21:03:21.0575 4900  SiSRaid2 - ok
21:03:21.0591 4900  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:03:21.0622 4900  SiSRaid4 - ok
21:03:21.0747 4900  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
21:03:22.0433 4900  slsvc - ok
21:03:22.0511 4900  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
21:03:22.0574 4900  SLUINotify - ok
21:03:22.0605 4900  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:03:22.0652 4900  Smb - ok
21:03:22.0699 4900  [ 34D634366FC57524F5932EAEC40E4FCB ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
21:03:22.0777 4900  smserial - ok
21:03:22.0823 4900  [ 1BC68A9A70F92D5EFFBF0700AE2D7432 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
21:03:22.0839 4900  snapman - ok
21:03:22.0870 4900  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:03:22.0886 4900  SNMPTRAP - ok
21:03:22.0901 4900  SPBBCDrv - ok
21:03:22.0948 4900  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
21:03:22.0964 4900  spldr - ok
21:03:23.0026 4900  [ 739DB668DBD812285ECC553E64A5E212 ] spmgr           C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
21:03:23.0042 4900  spmgr - ok
21:03:23.0073 4900  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
21:03:23.0120 4900  Spooler - ok
21:03:23.0167 4900  [ 15E29EB26DD53EB6385629F4622B5519 ] SRTSP           C:\Windows\system32\Drivers\SRTSP.SYS
21:03:23.0198 4900  SRTSP - ok
21:03:23.0213 4900  [ FD0C0333FAE09DBD1170E0D607ECA5C8 ] SRTSPL          C:\Windows\system32\Drivers\SRTSPL.SYS
21:03:23.0245 4900  SRTSPL - ok
21:03:23.0260 4900  [ 7E60A4A4035BE470F47C6806DA57DB99 ] SRTSPX          C:\Windows\system32\Drivers\SRTSPX.SYS
21:03:23.0276 4900  SRTSPX - ok
21:03:23.0323 4900  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:03:23.0369 4900  srv - ok
21:03:23.0401 4900  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:03:23.0463 4900  srv2 - ok
21:03:23.0494 4900  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:03:23.0541 4900  srvnet - ok
21:03:23.0588 4900  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:03:23.0650 4900  SSDPSRV - ok
21:03:23.0728 4900  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:03:23.0775 4900  SstpSvc - ok
21:03:23.0806 4900  [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
21:03:23.0853 4900  StillCam - ok
21:03:23.0900 4900  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
21:03:23.0947 4900  stisvc - ok
21:03:23.0947 4900  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:03:23.0962 4900  swenum - ok
21:03:24.0009 4900  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
21:03:24.0056 4900  swprv - ok
21:03:24.0056 4900  SymAppCore - ok
21:03:24.0103 4900  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
21:03:24.0118 4900  Symc8xx - ok
21:03:24.0134 4900  [ 9D98270B5F10A4C84E8DA417C30756E1 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
21:03:24.0149 4900  SymEvent - ok
21:03:24.0196 4900  [ 7F4011A719BF30E3DBD84D3A0A45C91C ] SYMREDRV        C:\Windows\System32\Drivers\SYMREDRV.SYS
21:03:24.0212 4900  SYMREDRV - ok
21:03:24.0227 4900  [ 2F03CBDB0F22278D05D5D616C993AB58 ] SYMTDI          C:\Windows\System32\Drivers\SYMTDI.SYS
21:03:24.0259 4900  SYMTDI - ok
21:03:24.0274 4900  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
21:03:24.0290 4900  Sym_hi - ok
21:03:24.0305 4900  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
21:03:24.0321 4900  Sym_u3 - ok
21:03:24.0571 4900  [ 10196D1696B0B18168AD7FCDB8488F60 ] syncagentsrv    C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
21:03:24.0976 4900  syncagentsrv - ok
21:03:25.0039 4900  [ 24B43E9A3E6CACF9AFC69F48E9DEB690 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:03:25.0070 4900  SynTP - ok
21:03:25.0117 4900  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
21:03:25.0179 4900  SysMain - ok
21:03:25.0210 4900  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:03:25.0257 4900  TabletInputService - ok
21:03:25.0288 4900  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:03:25.0351 4900  TapiSrv - ok
21:03:25.0397 4900  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
21:03:25.0460 4900  TBS - ok
21:03:25.0538 4900  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:03:25.0616 4900  Tcpip - ok
21:03:25.0647 4900  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
21:03:25.0709 4900  Tcpip6 - ok
21:03:25.0741 4900  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:03:25.0819 4900  tcpipreg - ok
21:03:25.0850 4900  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:03:25.0897 4900  TDPIPE - ok
21:03:25.0943 4900  [ E04AB70501B2AD59DA3612C175AFD5D7 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
21:03:25.0990 4900  tdrpman - ok
21:03:26.0037 4900  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:03:26.0146 4900  TDTCP - ok
21:03:26.0193 4900  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:03:26.0302 4900  tdx - ok
21:03:26.0427 4900  [ 2A64C802F4C8AA00AC8472C771688E00 ] TeamViewer5     C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
21:03:26.0536 4900  TeamViewer5 - ok
21:03:26.0645 4900  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:03:26.0661 4900  TermDD - ok
21:03:26.0708 4900  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
21:03:26.0801 4900  TermService - ok
21:03:26.0833 4900  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
21:03:26.0879 4900  Themes - ok
21:03:26.0895 4900  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:03:26.0942 4900  THREADORDER - ok
21:03:27.0020 4900  [ 4E4BA74565E8300596025FDF8B271CD1 ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
21:03:27.0082 4900  timounter - ok
21:03:27.0113 4900  [ 6D9AD3534A9CF7E4B86C6EAE8BC335F6 ] TPM             C:\Windows\system32\drivers\tpm.sys
21:03:27.0145 4900  TPM - ok
21:03:27.0176 4900  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
21:03:27.0269 4900  TrkWks - ok
21:03:27.0316 4900  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:03:27.0379 4900  TrustedInstaller - ok
21:03:27.0425 4900  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:03:27.0503 4900  tssecsrv - ok
21:03:27.0535 4900  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
21:03:27.0581 4900  tunmp - ok
21:03:27.0613 4900  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:03:27.0644 4900  tunnel - ok
21:03:27.0675 4900  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:03:27.0706 4900  uagp35 - ok
21:03:27.0753 4900  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:03:27.0815 4900  udfs - ok
21:03:27.0893 4900  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:03:27.0971 4900  UI0Detect - ok
21:03:27.0987 4900  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:03:28.0018 4900  uliagpkx - ok
21:03:28.0049 4900  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
21:03:28.0081 4900  uliahci - ok
21:03:28.0112 4900  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
21:03:28.0143 4900  UlSata - ok
21:03:28.0174 4900  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
21:03:28.0205 4900  ulsata2 - ok
21:03:28.0237 4900  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:03:28.0283 4900  umbus - ok
21:03:28.0330 4900  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
21:03:28.0377 4900  upnphost - ok
21:03:28.0439 4900  [ AF9388E736AF0C325067F05EDC350010 ] usbbus          C:\Windows\system32\DRIVERS\lgusbbus.sys
21:03:28.0471 4900  usbbus - ok
21:03:28.0533 4900  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:03:28.0580 4900  usbccgp - ok
21:03:28.0595 4900  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:03:28.0673 4900  usbcir - ok
21:03:28.0705 4900  [ AE30EA96E60E823C7B525DA356283AE8 ] UsbDiag         C:\Windows\system32\DRIVERS\lgusbdiag.sys
21:03:28.0720 4900  UsbDiag - ok
21:03:28.0767 4900  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:03:28.0798 4900  usbehci - ok
21:03:28.0829 4900  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:03:28.0876 4900  usbhub - ok
21:03:28.0907 4900  [ 46AC66DF3D6EFE81F69BEA823A53AAB5 ] USBModem        C:\Windows\system32\DRIVERS\lgusbmodem.sys
21:03:28.0939 4900  USBModem - ok
21:03:28.0954 4900  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:03:29.0017 4900  usbohci - ok
21:03:29.0048 4900  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:03:29.0079 4900  usbprint - ok
21:03:29.0095 4900  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:03:29.0141 4900  USBSTOR - ok
21:03:29.0157 4900  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:03:29.0188 4900  usbuhci - ok
21:03:29.0219 4900  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
21:03:29.0266 4900  UxSms - ok
21:03:29.0313 4900  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
21:03:29.0360 4900  vds - ok
21:03:29.0407 4900  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:03:29.0485 4900  vga - ok
21:03:29.0516 4900  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:03:29.0563 4900  VgaSave - ok
21:03:29.0578 4900  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:03:29.0594 4900  viaagp - ok
21:03:29.0609 4900  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
21:03:29.0703 4900  ViaC7 - ok
21:03:29.0719 4900  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
21:03:29.0750 4900  viaide - ok
21:03:29.0781 4900  [ 9D71C424898E029E316FA93AD494950E ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
21:03:29.0797 4900  vididr - ok
21:03:29.0859 4900  [ 47AB6AC7635E40F3C55C5A32CC4B86A8 ] vidsflt67       C:\Windows\system32\DRIVERS\vsflt67.sys
21:03:29.0875 4900  vidsflt67 - ok
21:03:29.0906 4900  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:03:29.0921 4900  volmgr - ok
21:03:29.0953 4900  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:03:29.0984 4900  volmgrx - ok
21:03:30.0015 4900  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:03:30.0046 4900  volsnap - ok
21:03:30.0077 4900  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:03:30.0093 4900  vsmraid - ok
21:03:30.0171 4900  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
21:03:30.0249 4900  VSS - ok
21:03:30.0311 4900  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
21:03:30.0358 4900  W32Time - ok
21:03:30.0389 4900  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:03:30.0467 4900  WacomPen - ok
21:03:30.0514 4900  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:03:30.0561 4900  Wanarp - ok
21:03:30.0577 4900  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:03:30.0608 4900  Wanarpv6 - ok
21:03:30.0639 4900  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:03:30.0686 4900  wcncsvc - ok
21:03:30.0733 4900  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:03:30.0779 4900  WcsPlugInService - ok
21:03:30.0811 4900  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
21:03:30.0826 4900  Wd - ok
21:03:30.0873 4900  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:03:30.0920 4900  Wdf01000 - ok
21:03:30.0967 4900  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:03:31.0013 4900  WdiServiceHost - ok
21:03:31.0013 4900  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:03:31.0060 4900  WdiSystemHost - ok
21:03:31.0091 4900  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
21:03:31.0123 4900  WebClient - ok
21:03:31.0169 4900  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:03:31.0201 4900  Wecsvc - ok
21:03:31.0232 4900  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:03:31.0263 4900  wercplsupport - ok
21:03:31.0294 4900  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:03:31.0325 4900  WerSvc - ok
21:03:31.0419 4900  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:03:31.0450 4900  WinDefend - ok
21:03:31.0466 4900  WinHttpAutoProxySvc - ok
21:03:31.0528 4900  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:03:31.0559 4900  Winmgmt - ok
21:03:31.0637 4900  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:03:31.0747 4900  WinRM - ok
21:03:31.0809 4900  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:03:31.0871 4900  Wlansvc - ok
21:03:31.0903 4900  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:03:32.0012 4900  WmiAcpi - ok
21:03:32.0043 4900  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:03:32.0090 4900  wmiApSrv - ok
21:03:32.0183 4900  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:03:32.0246 4900  WMPNetworkSvc - ok
21:03:32.0308 4900  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:03:32.0355 4900  WPCSvc - ok
21:03:32.0386 4900  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:03:32.0464 4900  WPDBusEnum - ok
21:03:32.0495 4900  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
21:03:32.0542 4900  WpdUsb - ok
21:03:32.0667 4900  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:03:32.0745 4900  WPFFontCache_v0400 - ok
21:03:32.0776 4900  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:03:32.0885 4900  ws2ifsl - ok
21:03:32.0917 4900  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
21:03:32.0948 4900  wscsvc - ok
21:03:32.0948 4900  WSearch - ok
21:03:33.0041 4900  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
21:03:33.0135 4900  wuauserv - ok
21:03:33.0213 4900  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:03:33.0229 4900  WudfPf - ok
21:03:33.0275 4900  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:03:33.0307 4900  WUDFRd - ok
21:03:33.0353 4900  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:03:33.0400 4900  wudfsvc - ok
21:03:33.0416 4900  ================ Scan global ===============================
21:03:33.0447 4900  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
21:03:33.0494 4900  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:03:33.0525 4900  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:03:33.0556 4900  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
21:03:33.0572 4900  [Global] - ok
21:03:33.0572 4900  ================ Scan MBR ==================================
21:03:33.0587 4900  [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0
21:03:33.0868 4900  \Device\Harddisk0\DR0 - ok
21:03:33.0868 4900  ================ Scan VBR ==================================
21:03:33.0868 4900  [ 84D1C35AEB5FFA55B51180809047A935 ] \Device\Harddisk0\DR0\Partition1
21:03:33.0868 4900  \Device\Harddisk0\DR0\Partition1 - ok
21:03:33.0899 4900  [ DF1D232204E53351A7D8D44EDF3E11A9 ] \Device\Harddisk0\DR0\Partition2
21:03:33.0899 4900  \Device\Harddisk0\DR0\Partition2 - ok
21:03:33.0899 4900  ============================================================
21:03:33.0899 4900  Scan finished
21:03:33.0899 4900  ============================================================
21:03:33.0915 1088  Detected object count: 3
21:03:33.0915 1088  Actual detected object count: 3
21:04:02.0026 1088  ASLDRService ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:02.0026 1088  ASLDRService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:04:02.0042 1088  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:02.0042 1088  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:04:02.0042 1088  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:02.0042 1088  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:04:15.0473 5212  Deinitialize success

hrbg · 01.04.2013, 20:16

Hier die gewünschten Logs:
MBAR (Malwarebytes Anti-Rootkit)

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org

Database version: v2013.04.01.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
HBG :: HBG-MOBIL [administrator]

01.04.2013 17:35:28
mbar-log-2013-04-01 (17-35-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30014
Time elapsed: 22 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

aswMBR

Code:

ATTFilter

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-01 18:33:44
-----------------------------
18:33:44.646    OS Version: Windows 6.0.6002 Service Pack 2
18:33:44.646    Number of processors: 2 586 0xE0C
18:33:44.646    ComputerName: HBG-MOBIL  UserName: HBG
18:33:45.941    Initialize success
18:45:28.182    AVAST engine defs: 13040100
18:48:56.520    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:48:56.520    Disk 0 Vendor: Hitachi_HTS541616J9SA00 SB4OC70P Size: 152627MB BusType: 3
18:48:56.661    Disk 0 MBR read successfully
18:48:56.676    Disk 0 MBR scan
18:48:56.692    Disk 0 unknown MBR code
18:48:56.692    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0     7000 MB offset 2048
18:48:56.723    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        91576 MB offset 14338048
18:48:56.723    Disk 0 Partition - 00     05     Extended             54050 MB offset 201885696
18:48:56.754    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        54047 MB offset 201887744
18:48:56.770    Disk 0 scanning sectors +312581808
18:48:57.051    Disk 0 scanning C:\Windows\system32\drivers
18:49:12.635    Service scanning
18:49:31.137    Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
18:49:31.215    Service kl2 C:\Windows\system32\DRIVERS\kl2.sys **LOCKED** 5
18:49:31.573    Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
18:49:31.698    Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
18:49:58.499    Modules scanning
18:50:32.211    Disk 0 trace - called modules:
18:50:32.242    ntkrnlpa.exe fltsrv.sys hal.dll tdrpman.sys CLASSPNP.SYS disk.sys vsflt67.sys acpi.sys ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys 
18:50:32.257    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a5a8278]
18:50:32.257    3 CLASSPNP.SYS[8d3538b3] -> nt!IofCallDriver -> [0x8a5a8ee8]
18:50:32.273    5 vsflt67.sys[877194bb] -> nt!IofCallDriver -> [0x899e8c48]
18:50:32.273    7 acpi.sys[876976bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x899cf7d8]
18:50:32.913    AVAST engine scan C:\Windows
18:50:40.057    AVAST engine scan C:\Windows\system32
18:55:01.357    AVAST engine scan C:\Windows\system32\drivers
18:55:21.481    AVAST engine scan C:\Users\HBG
19:26:38.099    AVAST engine scan C:\ProgramData
19:45:49.863    Scan finished successfully
19:55:37.078    Disk 0 MBR has been saved successfully to "C:\Users\HBG\Downloads\MBR.dat"
19:55:37.093    The log file has been saved successfully to "C:\Users\HBG\Downloads\aswMBR.txt"

TDSS-Killer

Code:

ATTFilter

21:02:17.0132 5024  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:02:17.0475 5024  ============================================================
21:02:17.0475 5024  Current date / time: 2013/04/01 21:02:17.0475
21:02:17.0475 5024  SystemInfo:
21:02:17.0475 5024  
21:02:17.0475 5024  OS Version: 6.0.6002 ServicePack: 2.0
21:02:17.0475 5024  Product type: Workstation
21:02:17.0475 5024  ComputerName: HBG-MOBIL
21:02:17.0475 5024  UserName: HBG
21:02:17.0475 5024  Windows directory: C:\Windows
21:02:17.0475 5024  System windows directory: C:\Windows
21:02:17.0475 5024  Processor architecture: Intel x86
21:02:17.0475 5024  Number of processors: 2
21:02:17.0475 5024  Page size: 0x1000
21:02:17.0475 5024  Boot type: Normal boot
21:02:17.0475 5024  ============================================================
21:02:19.0550 5024  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x93E52, SectorsPerTrack: 0x4, TracksPerCylinder: 0x81, Type 'K0', Flags 0x00000050
21:02:19.0550 5024  ============================================================
21:02:19.0550 5024  \Device\Harddisk0\DR0:
21:02:19.0550 5024  MBR partitions:
21:02:19.0550 5024  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xDAC800, BlocksNum 0xB2DC000
21:02:19.0565 5024  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC089000, BlocksNum 0x698F800
21:02:19.0565 5024  ============================================================
21:02:19.0612 5024  C: <-> \Device\Harddisk0\DR0\Partition1
21:02:19.0643 5024  D: <-> \Device\Harddisk0\DR0\Partition2
21:02:19.0643 5024  ============================================================
21:02:19.0643 5024  Initialize success
21:02:19.0643 5024  ============================================================
21:02:46.0725 4900  ============================================================
21:02:46.0725 4900  Scan started
21:02:46.0725 4900  Mode: Manual; SigCheck; TDLFS; 
21:02:46.0725 4900  ============================================================
21:02:47.0723 4900  ================ Scan system memory ========================
21:02:47.0723 4900  System memory - ok
21:02:47.0723 4900  ================ Scan services =============================
21:02:47.0895 4900  [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
21:02:48.0160 4900  AAV UpdateService - ok
21:02:48.0301 4900  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
21:02:48.0332 4900  ACPI - ok
21:02:48.0441 4900  [ D13C68CD5776C900A73C609422191BAF ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
21:02:48.0488 4900  AcrSch2Svc - ok
21:02:48.0597 4900  [ 4451CC2275B04043EC2BCC757AF97291 ] AdobeActiveFileMonitor8.0 C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
21:02:48.0628 4900  AdobeActiveFileMonitor8.0 - ok
21:02:48.0722 4900  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:02:48.0753 4900  AdobeARMservice - ok
21:02:48.0831 4900  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:02:48.0862 4900  AdobeFlashPlayerUpdateSvc - ok
21:02:48.0925 4900  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:02:48.0971 4900  adp94xx - ok
21:02:49.0003 4900  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:02:49.0034 4900  adpahci - ok
21:02:49.0049 4900  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
21:02:49.0081 4900  adpu160m - ok
21:02:49.0112 4900  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:02:49.0143 4900  adpu320 - ok
21:02:49.0205 4900  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:02:50.0048 4900  AeLookupSvc - ok
21:02:50.0110 4900  [ 158ED54CE49CF828C1E46A811FFF8804 ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
21:02:50.0204 4900  afcdp - ok
21:02:50.0375 4900  [ 50BD54F16710AE4AEF88D57E63ECFEF8 ] afcdpsrv        C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
21:02:50.0687 4900  afcdpsrv - ok
21:02:50.0750 4900  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
21:02:50.0843 4900  AFD - ok
21:02:50.0906 4900  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:02:50.0937 4900  agp440 - ok
21:02:50.0984 4900  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:02:51.0031 4900  aic78xx - ok
21:02:51.0171 4900  [ 7067AC22EB74C2E3D4C950050CBB1AC0 ] ALDITALKVerbindungsassistent_Service C:\Users\HBG\ALDITALKVerbindungsassistent_Service.exe
21:02:51.0218 4900  ALDITALKVerbindungsassistent_Service - ok
21:02:51.0280 4900  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
21:02:51.0483 4900  ALG - ok
21:02:51.0514 4900  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:02:51.0530 4900  aliide - ok
21:02:51.0577 4900  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:02:51.0592 4900  amdagp - ok
21:02:51.0608 4900  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
21:02:51.0623 4900  amdide - ok
21:02:51.0670 4900  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
21:02:51.0889 4900  AmdK7 - ok
21:02:51.0920 4900  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:02:51.0998 4900  AmdK8 - ok
21:02:52.0060 4900  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
21:02:52.0138 4900  Appinfo - ok
21:02:52.0169 4900  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
21:02:52.0201 4900  arc - ok
21:02:52.0232 4900  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:02:52.0263 4900  arcsas - ok
21:02:52.0341 4900  [ 66597AD6098352D11239C0C42100B176 ] ASLDRService    C:\Program Files\ATK Hotkey\ASLDRSrv.exe
21:02:52.0372 4900  ASLDRService ( UnsignedFile.Multi.Generic ) - warning
21:02:52.0372 4900  ASLDRService - detected UnsignedFile.Multi.Generic (1)
21:02:52.0466 4900  [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:02:52.0497 4900  aspnet_state - ok
21:02:52.0544 4900  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:02:52.0653 4900  AsyncMac - ok
21:02:52.0700 4900  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:02:52.0731 4900  atapi - ok
21:02:52.0809 4900  [ 2846F5EE802889D500FCF5CC48B28381 ] athr            C:\Windows\system32\DRIVERS\athr.sys
21:02:52.0949 4900  athr - ok
21:02:53.0027 4900  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:02:53.0121 4900  AudioEndpointBuilder - ok
21:02:53.0137 4900  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:02:53.0183 4900  Audiosrv - ok
21:02:53.0277 4900  [ 6C9D5BADC8F83D410A278717C2EEA6F6 ] AVP             C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
21:02:53.0293 4900  AVP - ok
21:02:53.0355 4900  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:02:53.0417 4900  Beep - ok
21:02:53.0480 4900  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
21:02:53.0527 4900  BFE - ok
21:02:53.0620 4900  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
21:02:53.0683 4900  BITS - ok
21:02:53.0683 4900  blbdrive - ok
21:02:53.0761 4900  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:02:53.0807 4900  bowser - ok
21:02:53.0870 4900  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
21:02:53.0885 4900  BrFiltLo - ok
21:02:53.0948 4900  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
21:02:53.0995 4900  BrFiltUp - ok
21:02:54.0026 4900  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
21:02:54.0073 4900  Browser - ok
21:02:54.0119 4900  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
21:02:54.0197 4900  Brserid - ok
21:02:54.0229 4900  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
21:02:54.0322 4900  BrSerWdm - ok
21:02:54.0338 4900  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
21:02:54.0431 4900  BrUsbMdm - ok
21:02:54.0447 4900  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
21:02:54.0541 4900  BrUsbSer - ok
21:02:54.0572 4900  [ A820438255F37AB8BAA2BD59753A8D81 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
21:02:54.0650 4900  BthEnum - ok
21:02:54.0697 4900  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:02:54.0775 4900  BTHMODEM - ok
21:02:54.0806 4900  [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:02:54.0899 4900  BthPan - ok
21:02:54.0931 4900  [ 4A74BBB2B6761789F42A6613479BDB1D ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
21:02:55.0009 4900  BTHPORT - ok
21:02:55.0040 4900  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
21:02:55.0102 4900  BthServ - ok
21:02:55.0133 4900  [ 1A407F9B707A06F55AA150F9AA072B09 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
21:02:55.0227 4900  BTHUSB - ok
21:02:55.0258 4900  ccEvtMgr - ok
21:02:55.0258 4900  ccSetMgr - ok
21:02:55.0305 4900  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:02:55.0367 4900  cdfs - ok
21:02:55.0399 4900  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:02:55.0445 4900  cdrom - ok
21:02:55.0508 4900  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:02:55.0539 4900  CertPropSvc - ok
21:02:55.0570 4900  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:02:55.0633 4900  circlass - ok
21:02:55.0664 4900  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
21:02:55.0695 4900  CLFS - ok
21:02:55.0726 4900  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:02:55.0773 4900  clr_optimization_v2.0.50727_32 - ok
21:02:55.0882 4900  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:02:55.0913 4900  clr_optimization_v4.0.30319_32 - ok
21:02:55.0945 4900  CLTNetCnService - ok
21:02:55.0976 4900  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:02:56.0038 4900  CmBatt - ok
21:02:56.0069 4900  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:02:56.0085 4900  cmdide - ok
21:02:56.0116 4900  comHost - ok
21:02:56.0147 4900  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:02:56.0163 4900  Compbatt - ok
21:02:56.0163 4900  COMSysApp - ok
21:02:56.0179 4900  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:02:56.0210 4900  crcdisk - ok
21:02:56.0225 4900  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
21:02:56.0319 4900  Crusoe - ok
21:02:56.0366 4900  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:02:56.0413 4900  CryptSvc - ok
21:02:56.0459 4900  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:02:56.0537 4900  DcomLaunch - ok
21:02:56.0569 4900  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:02:56.0615 4900  DfsC - ok
21:02:56.0756 4900  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
21:02:57.0224 4900  DFSR - ok
21:02:57.0302 4900  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
21:02:57.0395 4900  Dhcp - ok
21:02:57.0442 4900  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
21:02:57.0489 4900  disk - ok
21:02:57.0551 4900  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:02:57.0614 4900  Dnscache - ok
21:02:57.0661 4900  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:02:57.0739 4900  dot3svc - ok
21:02:57.0801 4900  [ 4F59C172C094E1A1D46463A8DC061CBD ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:02:57.0895 4900  dot4 - ok
21:02:57.0926 4900  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:02:58.0035 4900  Dot4Print - ok
21:02:58.0066 4900  [ C55004CA6B419B6695970DFE849B122F ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:02:58.0113 4900  dot4usb - ok
21:02:58.0160 4900  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
21:02:58.0207 4900  DPS - ok
21:02:58.0253 4900  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:02:58.0285 4900  drmkaud - ok
21:02:58.0331 4900  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:02:58.0363 4900  DXGKrnl - ok
21:02:58.0409 4900  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
21:02:58.0487 4900  E1G60 - ok
21:02:58.0550 4900  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
21:02:58.0597 4900  EapHost - ok
21:02:58.0659 4900  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
21:02:58.0690 4900  Ecache - ok
21:02:58.0768 4900  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:02:58.0784 4900  ehRecvr - ok
21:02:58.0815 4900  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
21:02:58.0909 4900  ehSched - ok
21:02:58.0924 4900  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
21:02:58.0955 4900  ehstart - ok
21:02:59.0033 4900  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:02:59.0065 4900  elxstor - ok
21:02:59.0111 4900  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
21:02:59.0205 4900  EMDMgmt - ok
21:02:59.0252 4900  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
21:02:59.0314 4900  EventSystem - ok
21:02:59.0377 4900  [ E1556AF3FB0284C32896B9AC8494D9C2 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
21:02:59.0423 4900  ewusbnet - ok
21:02:59.0486 4900  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
21:02:59.0548 4900  exfat - ok
21:02:59.0611 4900  Fabs - ok
21:02:59.0657 4900  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:02:59.0735 4900  fastfat - ok
21:02:59.0813 4900  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:02:59.0923 4900  fdc - ok
21:03:00.0032 4900  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:03:00.0281 4900  fdPHost - ok
21:03:00.0344 4900  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:03:00.0484 4900  FDResPub - ok
21:03:00.0547 4900  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:03:00.0562 4900  FileInfo - ok
21:03:00.0593 4900  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:03:00.0640 4900  Filetrace - ok
21:03:00.0765 4900  [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
21:03:01.0030 4900  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
21:03:01.0030 4900  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
21:03:01.0093 4900  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:03:01.0139 4900  FLEXnet Licensing Service - ok
21:03:01.0217 4900  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:03:01.0311 4900  flpydisk - ok
21:03:01.0342 4900  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:03:01.0373 4900  FltMgr - ok
21:03:01.0436 4900  [ 17119D86FB4A43A99BF5242DD3038394 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
21:03:01.0451 4900  fltsrv - ok
21:03:01.0529 4900  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
21:03:01.0576 4900  FontCache - ok
21:03:01.0654 4900  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:03:01.0670 4900  FontCache3.0.0.0 - ok
21:03:01.0701 4900  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:03:01.0748 4900  Fs_Rec - ok
21:03:01.0779 4900  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:03:01.0810 4900  gagp30kx - ok
21:03:01.0873 4900  [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio           C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
21:03:01.0888 4900  ghaio - ok
21:03:01.0935 4900  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:03:01.0997 4900  gpsvc - ok
21:03:02.0091 4900  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
21:03:02.0107 4900  gupdate - ok
21:03:02.0138 4900  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:03:02.0169 4900  gupdatem - ok
21:03:02.0200 4900  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:03:02.0216 4900  gusvc - ok
21:03:02.0278 4900  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:03:02.0325 4900  HdAudAddService - ok
21:03:02.0356 4900  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:03:02.0434 4900  HDAudBus - ok
21:03:02.0481 4900  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:03:02.0590 4900  HidBth - ok
21:03:02.0606 4900  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:03:02.0715 4900  HidIr - ok
21:03:02.0746 4900  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
21:03:02.0809 4900  hidserv - ok
21:03:02.0840 4900  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:03:02.0902 4900  HidUsb - ok
21:03:02.0933 4900  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:03:03.0027 4900  hkmsvc - ok
21:03:03.0058 4900  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
21:03:03.0089 4900  HpCISSs - ok
21:03:03.0136 4900  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:03:03.0199 4900  HTTP - ok
21:03:03.0277 4900  [ A89423D0132C8AB69BA621B6CE191714 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:03:03.0308 4900  hwdatacard - ok
21:03:03.0355 4900  [ 460B1945C3E6B0419A76E1B507B90B71 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
21:03:03.0401 4900  hwusbdev - ok
21:03:03.0433 4900  hwusbfake - ok
21:03:03.0479 4900  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
21:03:03.0511 4900  i2omp - ok
21:03:03.0573 4900  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:03:03.0635 4900  i8042prt - ok
21:03:03.0776 4900  [ 9378D57E2B96C0A185D844770AD49948 ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
21:03:04.0041 4900  ialm - ok
21:03:04.0088 4900  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
21:03:04.0150 4900  iaStorV - ok
21:03:04.0244 4900  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:03:04.0337 4900  idsvc - ok
21:03:04.0447 4900  [ 78432A57D085328CF8BAF125985425D2 ] IDSvix86        C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20061025.029\IDSvix86.sys
21:03:04.0509 4900  IDSvix86 - ok
21:03:04.0634 4900  [ 9378D57E2B96C0A185D844770AD49948 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
21:03:04.0759 4900  igfx - ok
21:03:04.0805 4900  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:03:04.0837 4900  iirsp - ok
21:03:04.0930 4900  [ 755519F49906B73C1FE9CBBF75E347EA ] IJPLMSVC        C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
21:03:04.0961 4900  IJPLMSVC - ok
21:03:05.0039 4900  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:03:05.0133 4900  IKEEXT - ok
21:03:05.0164 4900  [ AEA4C9BB21C12E8BE4078D836DD98F86 ] InCDfs          C:\Windows\system32\drivers\InCDFs.sys
21:03:05.0195 4900  InCDfs - ok
21:03:05.0258 4900  [ 507CA5B34CCEE17FE5AF5B14A718775B ] InCDPass        C:\Windows\system32\drivers\InCDPass.sys
21:03:05.0367 4900  InCDPass - ok
21:03:05.0398 4900  [ 2E977F77A1D479CF12950FC1ED70B415 ] InCDrec         C:\Windows\system32\drivers\InCDrec.sys
21:03:05.0461 4900  InCDrec - ok
21:03:05.0492 4900  [ 3B98D9EB9E63F5AFFB532F977C09162F ] incdrm          C:\Windows\system32\drivers\InCDRm.sys
21:03:05.0523 4900  incdrm - ok
21:03:05.0617 4900  [ 219CD67AC3547B0B29B7CDA0513E50BA ] InCDsrv         C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
21:03:05.0710 4900  InCDsrv - ok
21:03:05.0757 4900  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:03:05.0773 4900  intelide - ok
21:03:05.0819 4900  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:03:05.0866 4900  intelppm - ok
21:03:05.0897 4900  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:03:05.0960 4900  IPBusEnum - ok
21:03:05.0991 4900  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:03:06.0038 4900  IpFilterDriver - ok
21:03:06.0069 4900  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:03:06.0163 4900  iphlpsvc - ok
21:03:06.0163 4900  IpInIp - ok
21:03:06.0194 4900  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
21:03:06.0272 4900  IPMIDRV - ok
21:03:06.0303 4900  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
21:03:06.0334 4900  IPNAT - ok
21:03:06.0350 4900  ipswuio - ok
21:03:06.0381 4900  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:03:06.0412 4900  IRENUM - ok
21:03:06.0443 4900  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:03:06.0459 4900  isapnp - ok
21:03:06.0521 4900  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:03:06.0537 4900  iScsiPrt - ok
21:03:06.0568 4900  ISPwdSvc - ok
21:03:06.0584 4900  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
21:03:06.0599 4900  iteatapi - ok
21:03:06.0646 4900  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
21:03:06.0662 4900  iteraid - ok
21:03:06.0693 4900  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:03:06.0709 4900  kbdclass - ok
21:03:06.0755 4900  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:03:06.0787 4900  kbdhid - ok
21:03:06.0818 4900  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
21:03:06.0865 4900  KeyIso - ok
21:03:06.0943 4900  [ 186B54479D98E48AEE0E9ADA4B3C4D31 ] KL1             C:\Windows\system32\DRIVERS\kl1.sys
21:03:06.0958 4900  KL1 - ok
21:03:06.0974 4900  [ BF485BFBA13C0AB116701FD9C55324D0 ] kl2             C:\Windows\system32\DRIVERS\kl2.sys
21:03:06.0989 4900  kl2 - ok
21:03:07.0067 4900  [ AF04D0CE7939324E9A605B159295706C ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
21:03:07.0114 4900  KLIF - ok
21:03:07.0161 4900  [ 6295A19003F935ECC6CCBE9E2376427B ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
21:03:07.0192 4900  KLIM6 - ok
21:03:07.0239 4900  [ 3DE1771C135328420315E21DDE229BBA ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
21:03:07.0255 4900  klmouflt - ok
21:03:07.0301 4900  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:03:07.0348 4900  KSecDD - ok
21:03:07.0411 4900  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:03:07.0504 4900  KtmRm - ok
21:03:07.0551 4900  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:03:07.0598 4900  LanmanServer - ok
21:03:07.0660 4900  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:03:07.0707 4900  LanmanWorkstation - ok
21:03:07.0769 4900  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
21:03:07.0785 4900  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
21:03:07.0785 4900  LightScribeService - detected UnsignedFile.Multi.Generic (1)
21:03:07.0816 4900  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:03:07.0910 4900  lltdio - ok
21:03:07.0957 4900  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:03:08.0066 4900  lltdsvc - ok
21:03:08.0128 4900  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:03:08.0237 4900  lmhosts - ok
21:03:08.0331 4900  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:03:08.0347 4900  LSI_FC - ok
21:03:08.0362 4900  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:03:08.0378 4900  LSI_SAS - ok
21:03:08.0440 4900  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:03:08.0456 4900  LSI_SCSI - ok
21:03:08.0487 4900  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
21:03:08.0534 4900  luafv - ok
21:03:08.0565 4900  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:03:08.0596 4900  Mcx2Svc - ok
21:03:08.0643 4900  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
21:03:08.0659 4900  megasas - ok
21:03:08.0690 4900  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
21:03:08.0737 4900  MMCSS - ok
21:03:08.0768 4900  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
21:03:08.0815 4900  Modem - ok
21:03:08.0861 4900  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:03:08.0908 4900  monitor - ok
21:03:08.0939 4900  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:03:08.0971 4900  mouclass - ok
21:03:08.0986 4900  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:03:09.0049 4900  mouhid - ok
21:03:09.0080 4900  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
21:03:09.0095 4900  MountMgr - ok
21:03:09.0158 4900  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:03:09.0189 4900  MozillaMaintenance - ok
21:03:09.0236 4900  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:03:09.0267 4900  mpio - ok
21:03:09.0298 4900  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:03:09.0345 4900  mpsdrv - ok
21:03:09.0392 4900  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:03:09.0454 4900  MpsSvc - ok
21:03:09.0485 4900  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
21:03:09.0517 4900  Mraid35x - ok
21:03:09.0548 4900  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:03:09.0579 4900  MRxDAV - ok
21:03:09.0626 4900  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:03:09.0704 4900  mrxsmb - ok
21:03:09.0751 4900  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:03:09.0782 4900  mrxsmb10 - ok
21:03:09.0813 4900  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:03:09.0860 4900  mrxsmb20 - ok
21:03:09.0907 4900  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:03:09.0922 4900  msahci - ok
21:03:09.0953 4900  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:03:09.0985 4900  msdsm - ok
21:03:10.0016 4900  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
21:03:10.0078 4900  MSDTC - ok
21:03:10.0109 4900  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:03:10.0156 4900  Msfs - ok
21:03:10.0203 4900  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:03:10.0219 4900  msisadrv - ok
21:03:10.0265 4900  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:03:10.0312 4900  MSiSCSI - ok
21:03:10.0312 4900  msiserver - ok
21:03:10.0343 4900  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:03:10.0406 4900  MSKSSRV - ok
21:03:10.0453 4900  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:03:10.0546 4900  MSPCLOCK - ok
21:03:10.0577 4900  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:03:10.0640 4900  MSPQM - ok
21:03:10.0687 4900  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:03:10.0702 4900  MsRPC - ok
21:03:10.0733 4900  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:03:10.0749 4900  mssmbios - ok
21:03:10.0765 4900  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:03:10.0811 4900  MSTEE - ok
21:03:10.0858 4900  [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor        C:\Windows\system32\DRIVERS\ATKACPI.sys
21:03:10.0905 4900  MTsensor - ok
21:03:10.0936 4900  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
21:03:10.0967 4900  Mup - ok
21:03:10.0999 4900  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
21:03:11.0045 4900  napagent - ok
21:03:11.0108 4900  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:03:11.0186 4900  NativeWifiP - ok
21:03:11.0264 4900  [ EF04748A7A7266EDBDBE02B161A0685D ] NAVENG          C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVENG.SYS
21:03:11.0279 4900  NAVENG - ok
21:03:11.0326 4900  [ 09F3BFDC47718459B42D696CB671F65F ] NAVEX15         C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVEX15.SYS
21:03:11.0404 4900  NAVEX15 - ok
21:03:11.0482 4900  [ 8F3357621D24ED31D98F96E18147FDAF ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
21:03:11.0545 4900  NBService - ok
21:03:11.0623 4900  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:03:11.0685 4900  NDIS - ok
21:03:11.0732 4900  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:03:11.0794 4900  NdisTapi - ok
21:03:11.0825 4900  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:03:11.0903 4900  Ndisuio - ok
21:03:11.0935 4900  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:03:11.0997 4900  NdisWan - ok
21:03:12.0028 4900  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:03:12.0059 4900  NDProxy - ok
21:03:12.0091 4900  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:03:12.0137 4900  NetBIOS - ok
21:03:12.0184 4900  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
21:03:12.0215 4900  netbt - ok
21:03:12.0231 4900  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
21:03:12.0247 4900  Netlogon - ok
21:03:12.0293 4900  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
21:03:12.0340 4900  Netman - ok
21:03:12.0371 4900  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
21:03:12.0434 4900  netprofm - ok
21:03:12.0465 4900  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:03:12.0481 4900  NetTcpPortSharing - ok
21:03:12.0574 4900  [ A15F219208843A5A210C8CB391384453 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
21:03:12.0761 4900  NETw3v32 - ok
21:03:12.0777 4900  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:03:12.0793 4900  nfrd960 - ok
21:03:12.0839 4900  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:03:12.0886 4900  NlaSvc - ok
21:03:12.0964 4900  [ FFD209EA219A2599F2F551B80AE6B0BF ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
21:03:12.0995 4900  NMIndexingService - ok
21:03:13.0027 4900  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:03:13.0073 4900  Npfs - ok
21:03:13.0089 4900  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
21:03:13.0151 4900  nsi - ok
21:03:13.0198 4900  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:03:13.0245 4900  nsiproxy - ok
21:03:13.0323 4900  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:03:13.0385 4900  Ntfs - ok
21:03:13.0432 4900  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
21:03:13.0526 4900  ntrigdigi - ok
21:03:13.0573 4900  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
21:03:13.0635 4900  Null - ok
21:03:13.0807 4900  [ CFDDEDC1151839DD71F78472645214A5 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:03:14.0165 4900  nvlddmkm - ok
21:03:14.0212 4900  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:03:14.0243 4900  nvraid - ok
21:03:14.0259 4900  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:03:14.0290 4900  nvstor - ok
21:03:14.0321 4900  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:03:14.0353 4900  nv_agp - ok
21:03:14.0368 4900  NwlnkFlt - ok
21:03:14.0384 4900  NwlnkFwd - ok
21:03:14.0477 4900  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:03:14.0524 4900  odserv - ok
21:03:14.0571 4900  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
21:03:14.0665 4900  ohci1394 - ok
21:03:14.0727 4900  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:03:14.0758 4900  ose - ok
21:03:14.0789 4900  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
21:03:14.0852 4900  p2pimsvc - ok
21:03:14.0867 4900  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:03:14.0899 4900  p2psvc - ok
21:03:14.0930 4900  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
21:03:14.0992 4900  Parport - ok
21:03:15.0023 4900  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:03:15.0055 4900  partmgr - ok
21:03:15.0055 4900  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
21:03:15.0133 4900  Parvdm - ok
21:03:15.0179 4900  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:03:15.0211 4900  PcaSvc - ok
21:03:15.0257 4900  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
21:03:15.0273 4900  pci - ok
21:03:15.0304 4900  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:03:15.0320 4900  pciide - ok
21:03:15.0382 4900  [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:03:15.0413 4900  pcmcia - ok
21:03:15.0445 4900  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:03:15.0554 4900  PEAUTH - ok
21:03:15.0913 4900  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
21:03:16.0131 4900  pla - ok
21:03:16.0193 4900  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:03:16.0256 4900  PlugPlay - ok
21:03:16.0318 4900  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
21:03:16.0396 4900  PNRPAutoReg - ok
21:03:16.0427 4900  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
21:03:16.0459 4900  PNRPsvc - ok
21:03:16.0505 4900  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:03:16.0552 4900  PolicyAgent - ok
21:03:16.0583 4900  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:03:16.0630 4900  PptpMiniport - ok
21:03:16.0646 4900  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
21:03:16.0724 4900  Processor - ok
21:03:16.0755 4900  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:03:16.0786 4900  ProfSvc - ok
21:03:16.0802 4900  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:03:16.0817 4900  ProtectedStorage - ok
21:03:16.0849 4900  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
21:03:16.0895 4900  PSched - ok
21:03:16.0973 4900  [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
21:03:16.0989 4900  PxHelp20 - ok
21:03:17.0067 4900  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:03:17.0114 4900  ql2300 - ok
21:03:17.0129 4900  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:03:17.0145 4900  ql40xx - ok
21:03:17.0207 4900  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
21:03:17.0239 4900  QWAVE - ok
21:03:17.0285 4900  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:03:17.0332 4900  QWAVEdrv - ok
21:03:17.0363 4900  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:03:17.0395 4900  RasAcd - ok
21:03:17.0441 4900  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
21:03:17.0504 4900  RasAuto - ok
21:03:17.0535 4900  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:03:17.0566 4900  Rasl2tp - ok
21:03:17.0629 4900  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
21:03:17.0691 4900  RasMan - ok
21:03:17.0722 4900  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:03:17.0769 4900  RasPppoe - ok
21:03:17.0800 4900  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:03:17.0816 4900  RasSstp - ok
21:03:17.0847 4900  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:03:17.0878 4900  rdbss - ok
21:03:17.0909 4900  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:03:17.0956 4900  RDPCDD - ok
21:03:18.0019 4900  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
21:03:18.0097 4900  rdpdr - ok
21:03:18.0112 4900  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:03:18.0143 4900  RDPENCDD - ok
21:03:18.0175 4900  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:03:18.0206 4900  RDPWD - ok
21:03:18.0268 4900  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:03:18.0315 4900  RemoteAccess - ok
21:03:18.0346 4900  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:03:18.0393 4900  RemoteRegistry - ok
21:03:18.0424 4900  [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:03:18.0502 4900  RFCOMM - ok
21:03:18.0533 4900  [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
21:03:18.0580 4900  rimsptsk - ok
21:03:18.0627 4900  [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
21:03:18.0689 4900  ROOTMODEM - ok
21:03:18.0705 4900  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
21:03:18.0736 4900  RpcLocator - ok
21:03:18.0767 4900  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
21:03:18.0830 4900  RpcSs - ok
21:03:18.0877 4900  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:03:18.0939 4900  rspndr - ok
21:03:19.0033 4900  [ 13E14D517E0F90A216346D5F7F2783E8 ] rt2870          C:\Windows\system32\DRIVERS\rt2870.sys
21:03:19.0142 4900  rt2870 - ok
21:03:19.0189 4900  [ 8DE22FB05E4A0F797B1E442EB4B3B51C ] RTL8023xp       C:\Windows\system32\DRIVERS\Rtnicxp.sys
21:03:19.0267 4900  RTL8023xp - ok
21:03:19.0298 4900  [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
21:03:19.0407 4900  RTL8169 - ok
21:03:19.0501 4900  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
21:03:19.0532 4900  SamSs - ok
21:03:19.0547 4900  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:03:19.0579 4900  sbp2port - ok
21:03:19.0703 4900  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
21:03:19.0813 4900  SBSDWSCService - ok
21:03:19.0859 4900  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:03:19.0922 4900  SCardSvr - ok
21:03:19.0969 4900  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
21:03:20.0047 4900  Schedule - ok
21:03:20.0109 4900  [ 87E1F99C82208238F40BB1079D1CE4AC ] SCPDFReadSpool  C:\Windows\Installer\MSIB24E.tmp
21:03:20.0156 4900  SCPDFReadSpool - ok
21:03:20.0187 4900  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:03:20.0234 4900  SCPolicySvc - ok
21:03:20.0265 4900  [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
21:03:20.0312 4900  sdbus - ok
21:03:20.0359 4900  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:03:20.0421 4900  SDRSVC - ok
21:03:20.0452 4900  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:03:20.0577 4900  secdrv - ok
21:03:20.0608 4900  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
21:03:20.0655 4900  seclogon - ok
21:03:20.0671 4900  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
21:03:20.0717 4900  SENS - ok
21:03:20.0733 4900  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:03:20.0795 4900  Serenum - ok
21:03:20.0811 4900  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
21:03:20.0889 4900  Serial - ok
21:03:20.0905 4900  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:03:20.0951 4900  sermouse - ok
21:03:20.0998 4900  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:03:21.0029 4900  SessionEnv - ok
21:03:21.0061 4900  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
21:03:21.0092 4900  sffdisk - ok
21:03:21.0107 4900  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:03:21.0170 4900  sffp_mmc - ok
21:03:21.0185 4900  [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
21:03:21.0232 4900  sffp_sd - ok
21:03:21.0248 4900  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:03:21.0310 4900  sfloppy - ok
21:03:21.0341 4900  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:03:21.0404 4900  SharedAccess - ok
21:03:21.0451 4900  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:03:21.0482 4900  ShellHWDetection - ok
21:03:21.0513 4900  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:03:21.0529 4900  sisagp - ok
21:03:21.0560 4900  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
21:03:21.0575 4900  SiSRaid2 - ok
21:03:21.0591 4900  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:03:21.0622 4900  SiSRaid4 - ok
21:03:21.0747 4900  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
21:03:22.0433 4900  slsvc - ok
21:03:22.0511 4900  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
21:03:22.0574 4900  SLUINotify - ok
21:03:22.0605 4900  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:03:22.0652 4900  Smb - ok
21:03:22.0699 4900  [ 34D634366FC57524F5932EAEC40E4FCB ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
21:03:22.0777 4900  smserial - ok
21:03:22.0823 4900  [ 1BC68A9A70F92D5EFFBF0700AE2D7432 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
21:03:22.0839 4900  snapman - ok
21:03:22.0870 4900  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:03:22.0886 4900  SNMPTRAP - ok
21:03:22.0901 4900  SPBBCDrv - ok
21:03:22.0948 4900  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
21:03:22.0964 4900  spldr - ok
21:03:23.0026 4900  [ 739DB668DBD812285ECC553E64A5E212 ] spmgr           C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
21:03:23.0042 4900  spmgr - ok
21:03:23.0073 4900  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
21:03:23.0120 4900  Spooler - ok
21:03:23.0167 4900  [ 15E29EB26DD53EB6385629F4622B5519 ] SRTSP           C:\Windows\system32\Drivers\SRTSP.SYS
21:03:23.0198 4900  SRTSP - ok
21:03:23.0213 4900  [ FD0C0333FAE09DBD1170E0D607ECA5C8 ] SRTSPL          C:\Windows\system32\Drivers\SRTSPL.SYS
21:03:23.0245 4900  SRTSPL - ok
21:03:23.0260 4900  [ 7E60A4A4035BE470F47C6806DA57DB99 ] SRTSPX          C:\Windows\system32\Drivers\SRTSPX.SYS
21:03:23.0276 4900  SRTSPX - ok
21:03:23.0323 4900  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:03:23.0369 4900  srv - ok
21:03:23.0401 4900  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:03:23.0463 4900  srv2 - ok
21:03:23.0494 4900  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:03:23.0541 4900  srvnet - ok
21:03:23.0588 4900  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:03:23.0650 4900  SSDPSRV - ok
21:03:23.0728 4900  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:03:23.0775 4900  SstpSvc - ok
21:03:23.0806 4900  [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
21:03:23.0853 4900  StillCam - ok
21:03:23.0900 4900  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
21:03:23.0947 4900  stisvc - ok
21:03:23.0947 4900  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:03:23.0962 4900  swenum - ok
21:03:24.0009 4900  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
21:03:24.0056 4900  swprv - ok
21:03:24.0056 4900  SymAppCore - ok
21:03:24.0103 4900  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
21:03:24.0118 4900  Symc8xx - ok
21:03:24.0134 4900  [ 9D98270B5F10A4C84E8DA417C30756E1 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
21:03:24.0149 4900  SymEvent - ok
21:03:24.0196 4900  [ 7F4011A719BF30E3DBD84D3A0A45C91C ] SYMREDRV        C:\Windows\System32\Drivers\SYMREDRV.SYS
21:03:24.0212 4900  SYMREDRV - ok
21:03:24.0227 4900  [ 2F03CBDB0F22278D05D5D616C993AB58 ] SYMTDI          C:\Windows\System32\Drivers\SYMTDI.SYS
21:03:24.0259 4900  SYMTDI - ok
21:03:24.0274 4900  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
21:03:24.0290 4900  Sym_hi - ok
21:03:24.0305 4900  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
21:03:24.0321 4900  Sym_u3 - ok
21:03:24.0571 4900  [ 10196D1696B0B18168AD7FCDB8488F60 ] syncagentsrv    C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
21:03:24.0976 4900  syncagentsrv - ok
21:03:25.0039 4900  [ 24B43E9A3E6CACF9AFC69F48E9DEB690 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:03:25.0070 4900  SynTP - ok
21:03:25.0117 4900  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
21:03:25.0179 4900  SysMain - ok
21:03:25.0210 4900  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:03:25.0257 4900  TabletInputService - ok
21:03:25.0288 4900  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:03:25.0351 4900  TapiSrv - ok
21:03:25.0397 4900  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
21:03:25.0460 4900  TBS - ok
21:03:25.0538 4900  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:03:25.0616 4900  Tcpip - ok
21:03:25.0647 4900  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
21:03:25.0709 4900  Tcpip6 - ok
21:03:25.0741 4900  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:03:25.0819 4900  tcpipreg - ok
21:03:25.0850 4900  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:03:25.0897 4900  TDPIPE - ok
21:03:25.0943 4900  [ E04AB70501B2AD59DA3612C175AFD5D7 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
21:03:25.0990 4900  tdrpman - ok
21:03:26.0037 4900  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:03:26.0146 4900  TDTCP - ok
21:03:26.0193 4900  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:03:26.0302 4900  tdx - ok
21:03:26.0427 4900  [ 2A64C802F4C8AA00AC8472C771688E00 ] TeamViewer5     C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
21:03:26.0536 4900  TeamViewer5 - ok
21:03:26.0645 4900  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:03:26.0661 4900  TermDD - ok
21:03:26.0708 4900  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
21:03:26.0801 4900  TermService - ok
21:03:26.0833 4900  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
21:03:26.0879 4900  Themes - ok
21:03:26.0895 4900  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:03:26.0942 4900  THREADORDER - ok
21:03:27.0020 4900  [ 4E4BA74565E8300596025FDF8B271CD1 ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
21:03:27.0082 4900  timounter - ok
21:03:27.0113 4900  [ 6D9AD3534A9CF7E4B86C6EAE8BC335F6 ] TPM             C:\Windows\system32\drivers\tpm.sys
21:03:27.0145 4900  TPM - ok
21:03:27.0176 4900  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
21:03:27.0269 4900  TrkWks - ok
21:03:27.0316 4900  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:03:27.0379 4900  TrustedInstaller - ok
21:03:27.0425 4900  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:03:27.0503 4900  tssecsrv - ok
21:03:27.0535 4900  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
21:03:27.0581 4900  tunmp - ok
21:03:27.0613 4900  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:03:27.0644 4900  tunnel - ok
21:03:27.0675 4900  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:03:27.0706 4900  uagp35 - ok
21:03:27.0753 4900  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:03:27.0815 4900  udfs - ok
21:03:27.0893 4900  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:03:27.0971 4900  UI0Detect - ok
21:03:27.0987 4900  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:03:28.0018 4900  uliagpkx - ok
21:03:28.0049 4900  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
21:03:28.0081 4900  uliahci - ok
21:03:28.0112 4900  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
21:03:28.0143 4900  UlSata - ok
21:03:28.0174 4900  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
21:03:28.0205 4900  ulsata2 - ok
21:03:28.0237 4900  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:03:28.0283 4900  umbus - ok
21:03:28.0330 4900  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
21:03:28.0377 4900  upnphost - ok
21:03:28.0439 4900  [ AF9388E736AF0C325067F05EDC350010 ] usbbus          C:\Windows\system32\DRIVERS\lgusbbus.sys
21:03:28.0471 4900  usbbus - ok
21:03:28.0533 4900  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:03:28.0580 4900  usbccgp - ok
21:03:28.0595 4900  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:03:28.0673 4900  usbcir - ok
21:03:28.0705 4900  [ AE30EA96E60E823C7B525DA356283AE8 ] UsbDiag         C:\Windows\system32\DRIVERS\lgusbdiag.sys
21:03:28.0720 4900  UsbDiag - ok
21:03:28.0767 4900  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:03:28.0798 4900  usbehci - ok
21:03:28.0829 4900  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:03:28.0876 4900  usbhub - ok
21:03:28.0907 4900  [ 46AC66DF3D6EFE81F69BEA823A53AAB5 ] USBModem        C:\Windows\system32\DRIVERS\lgusbmodem.sys
21:03:28.0939 4900  USBModem - ok
21:03:28.0954 4900  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:03:29.0017 4900  usbohci - ok
21:03:29.0048 4900  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:03:29.0079 4900  usbprint - ok
21:03:29.0095 4900  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:03:29.0141 4900  USBSTOR - ok
21:03:29.0157 4900  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:03:29.0188 4900  usbuhci - ok
21:03:29.0219 4900  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
21:03:29.0266 4900  UxSms - ok
21:03:29.0313 4900  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
21:03:29.0360 4900  vds - ok
21:03:29.0407 4900  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:03:29.0485 4900  vga - ok
21:03:29.0516 4900  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:03:29.0563 4900  VgaSave - ok
21:03:29.0578 4900  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:03:29.0594 4900  viaagp - ok
21:03:29.0609 4900  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
21:03:29.0703 4900  ViaC7 - ok
21:03:29.0719 4900  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
21:03:29.0750 4900  viaide - ok
21:03:29.0781 4900  [ 9D71C424898E029E316FA93AD494950E ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
21:03:29.0797 4900  vididr - ok
21:03:29.0859 4900  [ 47AB6AC7635E40F3C55C5A32CC4B86A8 ] vidsflt67       C:\Windows\system32\DRIVERS\vsflt67.sys
21:03:29.0875 4900  vidsflt67 - ok
21:03:29.0906 4900  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:03:29.0921 4900  volmgr - ok
21:03:29.0953 4900  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:03:29.0984 4900  volmgrx - ok
21:03:30.0015 4900  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:03:30.0046 4900  volsnap - ok
21:03:30.0077 4900  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:03:30.0093 4900  vsmraid - ok
21:03:30.0171 4900  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
21:03:30.0249 4900  VSS - ok
21:03:30.0311 4900  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
21:03:30.0358 4900  W32Time - ok
21:03:30.0389 4900  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:03:30.0467 4900  WacomPen - ok
21:03:30.0514 4900  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:03:30.0561 4900  Wanarp - ok
21:03:30.0577 4900  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:03:30.0608 4900  Wanarpv6 - ok
21:03:30.0639 4900  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:03:30.0686 4900  wcncsvc - ok
21:03:30.0733 4900  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:03:30.0779 4900  WcsPlugInService - ok
21:03:30.0811 4900  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
21:03:30.0826 4900  Wd - ok
21:03:30.0873 4900  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:03:30.0920 4900  Wdf01000 - ok
21:03:30.0967 4900  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:03:31.0013 4900  WdiServiceHost - ok
21:03:31.0013 4900  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:03:31.0060 4900  WdiSystemHost - ok
21:03:31.0091 4900  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
21:03:31.0123 4900  WebClient - ok
21:03:31.0169 4900  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:03:31.0201 4900  Wecsvc - ok
21:03:31.0232 4900  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:03:31.0263 4900  wercplsupport - ok
21:03:31.0294 4900  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:03:31.0325 4900  WerSvc - ok
21:03:31.0419 4900  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:03:31.0450 4900  WinDefend - ok
21:03:31.0466 4900  WinHttpAutoProxySvc - ok
21:03:31.0528 4900  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:03:31.0559 4900  Winmgmt - ok
21:03:31.0637 4900  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:03:31.0747 4900  WinRM - ok
21:03:31.0809 4900  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:03:31.0871 4900  Wlansvc - ok
21:03:31.0903 4900  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:03:32.0012 4900  WmiAcpi - ok
21:03:32.0043 4900  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:03:32.0090 4900  wmiApSrv - ok
21:03:32.0183 4900  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:03:32.0246 4900  WMPNetworkSvc - ok
21:03:32.0308 4900  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:03:32.0355 4900  WPCSvc - ok
21:03:32.0386 4900  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:03:32.0464 4900  WPDBusEnum - ok
21:03:32.0495 4900  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
21:03:32.0542 4900  WpdUsb - ok
21:03:32.0667 4900  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:03:32.0745 4900  WPFFontCache_v0400 - ok
21:03:32.0776 4900  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:03:32.0885 4900  ws2ifsl - ok
21:03:32.0917 4900  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
21:03:32.0948 4900  wscsvc - ok
21:03:32.0948 4900  WSearch - ok
21:03:33.0041 4900  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
21:03:33.0135 4900  wuauserv - ok
21:03:33.0213 4900  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:03:33.0229 4900  WudfPf - ok
21:03:33.0275 4900  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:03:33.0307 4900  WUDFRd - ok
21:03:33.0353 4900  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:03:33.0400 4900  wudfsvc - ok
21:03:33.0416 4900  ================ Scan global ===============================
21:03:33.0447 4900  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
21:03:33.0494 4900  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:03:33.0525 4900  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:03:33.0556 4900  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
21:03:33.0572 4900  [Global] - ok
21:03:33.0572 4900  ================ Scan MBR ==================================
21:03:33.0587 4900  [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0
21:03:33.0868 4900  \Device\Harddisk0\DR0 - ok
21:03:33.0868 4900  ================ Scan VBR ==================================
21:03:33.0868 4900  [ 84D1C35AEB5FFA55B51180809047A935 ] \Device\Harddisk0\DR0\Partition1
21:03:33.0868 4900  \Device\Harddisk0\DR0\Partition1 - ok
21:03:33.0899 4900  [ DF1D232204E53351A7D8D44EDF3E11A9 ] \Device\Harddisk0\DR0\Partition2
21:03:33.0899 4900  \Device\Harddisk0\DR0\Partition2 - ok
21:03:33.0899 4900  ============================================================
21:03:33.0899 4900  Scan finished
21:03:33.0899 4900  ============================================================
21:03:33.0915 1088  Detected object count: 3
21:03:33.0915 1088  Actual detected object count: 3
21:04:02.0026 1088  ASLDRService ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:02.0026 1088  ASLDRService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:04:02.0042 1088  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:02.0042 1088  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:04:02.0042 1088  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:02.0042 1088  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:04:15.0473 5212  Deinitialize success

cosinus · 01.04.2013, 23:21

JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Danach eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in CODE-Tags hier in den Thread.

hrbg · 02.04.2013, 11:24

Hallo cosinus,

Dankefür die schnelle Reaktion.
Anbei die gewünschten Logs:

JRT
JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.9 (04.01.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by HBG on 02.04.2013 at 10:58:47,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\apnupdater
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\bprotectordefaultscope 
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{00000000-6e41-4fd3-8538-502f5495e5fc} 
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{d4027c7f-154a-4066-a1ad-4243d8127440} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{d4027c7f-154a-4066-a1ad-4243d8127440} 



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Failed to delete: [Registry Key] hkey_current_user\software\datamngr
Failed to delete: [Registry Key] hkey_local_machine\software\datamngr
Failed to delete: [Registry Key] hkey_current_user\software\datamngr_toolbar
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT1351351
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc} 
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440} 
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{d4027c7f-154a-4066-a1ad-4243d8127440} 
Successfully deleted: [Registry Key] "hkey_current_user\software\apn" 
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar" 
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0cfe535c35f99574e8340bfa75bf92c2" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0e12f736682067fde4d1158d5940a82e" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\120dfadeb50841f408f04d2a278f9509" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\1a24b5bb8521b03e0c8d908f5abc0ae6" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\261f213d1f55267499b1f87d0cc3bcf7" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\2b0d56c4f4c46d844a57ffed6f0d2852" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\49d4375fe41653242aea4c969e4e65e0" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6aa0923513360135b272e8289c5f13fa" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6f7467af8f29c134cbbab394eccfde96" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\741b4adf27276464790022c965ab6da8" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\7de196b10195f5647a2b21b761f3de01" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\922525dcc5199162f8935747ca3d8e59" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\9d4f5849367142e4685ed8c25e44c5ed" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a5875b04372c19545beb90d4d606c472" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a876d9e80b896ec44a8620248cc79296" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\b66ffab725b92594c986de826a867888" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\bcda179d619b91648538e3394cac94cc" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\d677b1a9671d4d4004f6f2a4469e86ea" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\dd1402a9dd4215a43abde169a41afa0e" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\e36e114a0ead2ad46b381d23ad69cddf" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\ef8e618db3aedfbb384561b5c548f65e" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\products\a28b4d68debaa244eb686953b7074fef" 
Failed to delete: [Registry Key] "hkey_local_machine\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\scheduled update for ask toolbar" 



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\HBG\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Users\HBG\appdata\locallow\asktoolbar" 
Successfully deleted: [Folder] "C:\Program Files\ask.com" 
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}" 



~~~ FireFox

Successfully deleted: [File] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\yp55qh8v.default\user.js
Successfully deleted: [File] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\user.js
Successfully deleted: [File] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\yp55qh8v.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\yp55qh8v.default\searchplugins\conduit.xml
Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com"
Successfully deleted: [Folder] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\smartbar
Successfully deleted: [Folder] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\extensions\toolbar@ask.com
Successfully deleted the following from C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\yp55qh8v.default\prefs.js

user_pref("browser.search.selectedEngine", "Ask.com");
user_pref("browser.search.order.1", "Ask.com");
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=MGX&o=15359&locale=de_DE&apn_uid=1F133E18-9A44-485B-A608-A3972477F9B8&apn_ptnrs=JQ&apn_sauid=BA
user_pref("extensions.asktb.ff-original-keyword-url", "");
Successfully deleted the following from C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\prefs.js

user_pref("CT3241949.1000082.isDisplayHidden", "true");
user_pref("CT3241949.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
user_pref("CT3241949.1000234.TWC_TMP_city", "BONN");
user_pref("CT3241949.1000234.TWC_TMP_country", "DE");
user_pref("CT3241949.1000234.TWC_locId", "GMXX0010");
user_pref("CT3241949.1000234.TWC_location", "Bonn, The Gambia");
user_pref("CT3241949.1000234.TWC_region", "DE");
user_pref("CT3241949.1000234.TWC_temp_dis", "c");
user_pref("CT3241949.1000234.TWC_wind_dis", "kmh");
user_pref("CT3241949.1000234.weatherData", "{\"icon\":\"33.png\",\"temperature\":\"3°C\",\"temperatureClear\":\"3°C\",\"highTemperature\":\"3°C\",\"lowTemperature\":\"-1°C
user_pref("CT3241949.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3241949.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3241949.FirstTime", "true");
user_pref("CT3241949.FirstTimeFF3", "true");
user_pref("CT3241949.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3241949&SearchSource=2&q=");
user_pref("CT3241949.UserID", "UN00546228509657926");
user_pref("CT3241949.browser.search.defaultthis.engineName", true);
user_pref("CT3241949.embeddedsData", "[{\"appId\":\"129887071061272563\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT3241949.enableAlerts", "always");
user_pref("CT3241949.event_data", "JTVCJTVE");
user_pref("CT3241949.fired_events", "AA==");
user_pref("CT3241949.firstTimeDialogOpened", "true");
user_pref("CT3241949.fixUrls", true);
user_pref("CT3241949.installType", "Unknown");
user_pref("CT3241949.isCheckedStartAsHidden", true);
user_pref("CT3241949.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3241949.isFirstTimeToolbarLoading", "false");
user_pref("CT3241949.isPerformedSmartBarTransition", "true");
user_pref("CT3241949.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3241949.key_date", "Mjg=");
user_pref("CT3241949.keyword", true);
user_pref("CT3241949.migrateAppsAndComponents", true);
user_pref("CT3241949.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about%3Ahome\",\"EB_MAIN_FRAME_TITLE\":\"Mozilla%20Firefox-Startseite\",\"EB_TOO
user_pref("CT3241949.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"BROWSER_COMPONENT\\\"]\"}");
user_pref("CT3241949.search.searchAppId", "129887071061272563");
user_pref("CT3241949.search.searchCount", "0");
user_pref("CT3241949.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3241949\"}");
user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FileConverter13.OurToolbar.com//xpi\"}");
user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"FileConverter 1.3\"}");
user_pref("CT3241949.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3241949.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1351445327417");
user_pref("CT3241949.serviceLayer_services_appsMetadata_lastUpdate", "1351445327207");
user_pref("CT3241949.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1351445328499");
user_pref("CT3241949.serviceLayer_services_menu_769c590835a76d075fe33b9a87a87786_lastUpdate", "1351445328223");
user_pref("CT3241949.serviceLayer_services_menu_d32f45618f5a02bd965c56155a643855_lastUpdate", "1351445327498");
user_pref("CT3241949.serviceLayer_services_optimizer_lastUpdate", "1351445328213");
user_pref("CT3241949.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1351445336517");
user_pref("CT3241949.serviceLayer_services_searchAPI_lastUpdate", "1351445326227");
user_pref("CT3241949.serviceLayer_services_serviceMap_lastUpdate", "1351445325741");
user_pref("CT3241949.serviceLayer_services_toolbarContextMenu_lastUpdate", "1351445336383");
user_pref("CT3241949.serviceLayer_services_toolbarSettings_lastUpdate", "1351445325946");
user_pref("CT3241949.serviceLayer_services_translation_lastUpdate", "1351445327258");
user_pref("CT3241949.settingsINI", true);
user_pref("CT3241949.smartbar.CTID", "CT3241949");
user_pref("CT3241949.smartbar.Uninstall", "0");
user_pref("CT3241949.smartbar.homepage", true);
user_pref("CT3241949.smartbar.toolbarName", "FileConverter 1.3 ");
user_pref("CT3241949_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1351445324473,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3241949&SearchSource=13");
user_pref("Smartbar.ConduitSearchEngineList", "FileConverter 1.3 Customized Web Search");
user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3241949&SearchSource=2&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3241949");
user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3241949&SearchSource=13");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.id", "fa94a7ac0000000000000015af393853");
user_pref("extensions.BabylonToolbar.instlDay", "15641");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=fa94a7ac0000000000000015af393853&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.818:51:34");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3241949&SearchSource=2&q=");
Emptied folder: C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\minidumps [204 files]



~~~ Chrome

Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\pgafcinpmmpklohkojmllohdhomoefph



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.04.2013 at 11:03:27,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

adwCleaner

Code:

ATTFilter

# AdwCleaner v2.115 - Datei am 02/04/2013 um 11:17:58 erstellt
# Aktualisiert am 17/03/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : HBG - HBG-MOBIL
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\HBG\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\HBG\AppData\Roaming\Mozilla\Firefox\Profiles\th4710u9.default-1343061943453\bprotector_prefs.js
Datei Gelöscht : C:\Users\HBG\AppData\Roaming\Mozilla\Firefox\Profiles\th4710u9.default-1343061943453\searchplugins\fileconverter-13-customized-web-search.xml
Datei Gelöscht : C:\Users\HBG\AppData\Roaming\Mozilla\Firefox\Profiles\yp55qh8v.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\HBG\Desktop\eBay.lnk
Ordner Gelöscht : C:\Users\Internet\AppData\LocalLow\AskToolbar

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\d57d7dde53bbd12
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\d57d7dde53bbd12
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v19.0.2 (de)

Datei : C:\Users\HBG\AppData\Roaming\Mozilla\Firefox\Profiles\th4710u9.default-1343061943453\prefs.js

Gelöscht : user_pref("CT3241949.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Gelöscht : user_pref("CT3241949.1000234.weatherData", "{\"icon\":\"33.png\",\"temperature\":\"3°C\",\"temperatu[...]
Gelöscht : user_pref("CT3241949.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT3241949.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gelöscht : user_pref("CT3241949.embeddedsData", "[{\"appId\":\"129887071061272563\",\"apiPermissions\":{\"cross[...]
Gelöscht : user_pref("CT3241949.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT3241949.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gelöscht : user_pref("CT3241949.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Gelöscht : user_pref("CT3241949.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"BROWSER_COMPONENT\\\"][...]
Gelöscht : user_pref("CT3241949.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gelöscht : user_pref("CT3241949_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]

Datei : C:\Users\HBG\AppData\Roaming\Mozilla\Firefox\Profiles\yp55qh8v.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\558fhuvq.default\prefs.js

Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=MGX&o=15359&locale=d[...]
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v26.0.1410.43

Datei : C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.1294] : homepage = "hxxp://search.babylon.com/?affID=109958&tt=4312_7&babsrc=HP_ss&mntrId=fa94a7ac000000[...]
Gelöscht [l.1458] : urls_to_restore_on_startup ="session": {"restore_on_startup": 4,  [ "hxxp://search.babylon.com/?[...]

*************************

AdwCleaner[S1].txt - [341 octets] - [02/04/2013 11:17:14]
AdwCleaner[S2].txt - [6611 octets] - [02/04/2013 11:17:58]

########## EOF - C:\AdwCleaner[S2].txt - [6671 octets] ##########

OTL (OLT)

Code:

ATTFilter

OTL logfile created on: 02.04.2013 11:52:44 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\HBG\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 53,37% Memory free
4,22 Gb Paging File | 3,02 Gb Available in Paging File | 71,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 89,43 Gb Total Space | 7,85 Gb Free Space | 8,78% Space Free | Partition Type: NTFS
Drive D: | 52,78 Gb Total Space | 39,44 Gb Free Space | 74,73% Space Free | Partition Type: NTFS
 
Computer Name: HBG-MOBIL | User Name: HBG | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\HBG\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\HBG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Windows\Installer\MSIB24E.tmp (Solid Documents, LLC)
PRC - C:\Users\HBG\ALDITALKVerbindungsassistent_Launcher.exe ()
PRC - C:\Users\HBG\ALDITALKVerbindungsassistent_Service.exe ()
PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\Net4Switch\Net4Switch.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Acronis\TrueImageHome\Common\ti_managers.dll ()
MOD - C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll ()
MOD - C:\Users\HBG\ALDITALKVerbindungsassistent_Launcher.exe ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswui.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipsw_cfgmgr.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswsysmon.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswresmgr.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswcore.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\iphelper.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswhlp.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswds.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\cxcmrt.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswgblset.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswobj.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\LogonStartup.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ResItf.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (SymAppCore) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe File not found
SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (ISPwdSvc) -- C:\Program Files\Norton Internet Security\isPwdSvc.exe File not found
SRV - (comHost) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe File not found
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (afcdpsrv) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (syncagentsrv) -- C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (SCPDFReadSpool) -- C:\Windows\Installer\MSIB24E.tmp (Solid Documents, LLC)
SRV - (ALDITALKVerbindungsassistent_Service) -- C:\Users\HBG\ALDITALKVerbindungsassistent_Service.exe ()
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeActiveFileMonitor8.0) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (AAV UpdateService) -- C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (InCDsrv) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe (Nero AG)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (ipswuio) -- System32\DRIVERS\ipswuio.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (hwusbfake) -- system32\DRIVERS\ewusbfake.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (rt2870) -- C:\Windows\System32\drivers\rt2870.sys (Ralink Technology, Corp.)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (afcdp) -- C:\Windows\System32\drivers\afcdp.sys (Acronis)
DRV - (tdrpman) -- C:\Windows\System32\drivers\tdrpman.sys (Acronis)
DRV - (timounter) -- C:\Windows\System32\drivers\timntr.sys (Acronis)
DRV - (vididr) -- C:\Windows\System32\drivers\vididr.sys (Acronis)
DRV - (vidsflt67) -- C:\Windows\System32\drivers\vsflt67.sys (Acronis)
DRV - (snapman) -- C:\Windows\System32\drivers\snapman.sys (Acronis)
DRV - (fltsrv) -- C:\Windows\System32\drivers\fltsrv.sys (Acronis)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (hwusbdev) -- C:\Windows\System32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (incdrm) -- C:\Windows\System32\drivers\InCDRm.sys (Nero AG)
DRV - (InCDrec) -- C:\Windows\System32\drivers\InCDrec.sys (Nero AG)
DRV - (InCDPass) -- C:\Windows\System32\drivers\InCDPass.sys (Nero AG)
DRV - (InCDfs) -- C:\Windows\System32\drivers\InCDfs.sys (Nero AG)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (SYMTDI) -- C:\Windows\System32\drivers\symtdi.sys (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\drivers\symredrv.sys (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVENG.SYS (Symantec Corporation)
DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20061025.029\IDSvix86.sys (Symantec Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\HBG\Documents
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.web.de/tb/ie_startpage
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{1F03280F-5D22-4C49-8AC1-48F7928C4988}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=MGX&o=15359&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=JQ&apn_dtid=YYYYYYYYDE&apn_uid=1F133E18-9A44-485B-A608-A3972477F9B8&apn_sauid=BAC84ABF-A12A-4184-A87E-48C15560DDB8
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{424E1B9E-FD14-4112-A912-CA8330CF5A86}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{8990CAE6-534B-402C-92B8-80EB5E51F484}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{8B3AB5A0-D576-44AF-8753-1B6515CE9F60}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{C61671AD-48CD-4BDD-B37B-77D7DA791967}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49354
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.10.31 16:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.10.31 16:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.10.31 16:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 10:32:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.08 10:31:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 10:32:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.08 10:31:58 | 000,000,000 | ---D | M]
 
[2010.03.26 20:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HBG\AppData\Roaming\mozilla\Extensions
[2013.04.02 11:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HBG\AppData\Roaming\mozilla\Firefox\Profiles\th4710u9.default-1343061943453\extensions
[2011.12.28 12:39:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HBG\AppData\Roaming\mozilla\Firefox\Profiles\yp55qh8v.default\extensions
[2013.04.02 11:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013.03.08 10:31:50 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\mozilla firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
[2013.03.08 10:31:51 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak2
[2013.03.08 10:32:14 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.01.23 12:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2013.01.19 14:11:59 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.19 14:11:59 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.01.19 14:11:59 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.19 14:11:59 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.19 14:11:59 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.19 14:11:59 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.6 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: YouTube = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Google Mail = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WEB.DE MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (WEB.DE MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\Toolbar\WebBrowser: (WEB.DE MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3573208741-2431200081-520062559-1000..\Run: [Spotify Web Helper] C:\Users\HBG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-3573208741-2431200081-520062559-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\HBG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Run Context - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O8 - Extra context menu item: Run Word Explorer - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O9 - Extra Button: Run Word Explorer - {26231800-6CE9-43d8-9357-5B4DC8CF4561} - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O9 - Extra 'Tools' menuitem : Run Word Explorer - {26231800-6CE9-43d8-9357-5B4DC8CF4561} - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33C356C5-CCE1-4246-BE34-213C78FA0A21}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F952BDE-BBE5-44EB-9339-036F116C8410}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3573208741-2431200081-520062559-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{07f0cb47-d153-11df-b568-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{07f0cb47-d153-11df-b568-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{0f5af784-83bf-11df-8c66-ebd6765066d3}\Shell - "" = AutoRun
O33 - MountPoints2\{0f5af784-83bf-11df-8c66-ebd6765066d3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{0f5af789-83bf-11df-8c66-ebd6765066d3}\Shell - "" = AutoRun
O33 - MountPoints2\{0f5af789-83bf-11df-8c66-ebd6765066d3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{17e7ea36-abab-11df-95a9-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{17e7ea36-abab-11df-95a9-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{17e7ea38-abab-11df-95a9-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{17e7ea38-abab-11df-95a9-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2433ca01-1b2f-11e1-b7ea-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{2433ca01-1b2f-11e1-b7ea-001d60a340fb}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\index.html
O33 - MountPoints2\{2545fd65-39e7-11df-9983-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{2545fd65-39e7-11df-9983-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2545fd86-39e7-11df-9983-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{2545fd86-39e7-11df-9983-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3af65f3c-6da7-11e1-8a01-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{3af65f3c-6da7-11e1-8a01-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3af65f6a-6da7-11e1-8a01-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{3af65f6a-6da7-11e1-8a01-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{415399cd-4641-11e2-a144-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{415399cd-4641-11e2-a144-001d60a340fb}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{4434fc81-3df6-11df-8ca1-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4434fc81-3df6-11df-8ca1-001d60a340fb}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4434fc83-3df6-11df-8ca1-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4434fc83-3df6-11df-8ca1-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4434fd27-3df6-11df-8ca1-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4434fd27-3df6-11df-8ca1-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4e98ae26-8d11-11e0-9d9d-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4e98ae26-8d11-11e0-9d9d-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4e98ae29-8d11-11e0-9d9d-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4e98ae29-8d11-11e0-9d9d-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{59f07131-65e4-11e1-8f98-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{59f07131-65e4-11e1-8f98-001e101f8924}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6d1fcbe0-7fbd-11e1-9b14-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{6d1fcbe0-7fbd-11e1-9b14-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{780cc5fe-3606-11e1-a299-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{780cc5fe-3606-11e1-a299-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{780cc613-3606-11e1-a299-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{780cc613-3606-11e1-a299-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{7a3f1380-45d0-11e2-a4f8-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{7a3f1380-45d0-11e2-a4f8-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7ca3d0e8-458c-11df-8363-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{7ca3d0e8-458c-11df-8363-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8ddcb8f0-6a2b-11e1-9426-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{8ddcb8f0-6a2b-11e1-9426-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbd9f2-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbd9f2-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbda21-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda21-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbda25-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda25-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbda32-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda32-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{92dbda33-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda33-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9d7bb166-a895-11e1-b9f3-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{9d7bb166-a895-11e1-b9f3-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b478a478-51bc-11e1-85e2-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{b478a478-51bc-11e1-85e2-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b7ca19cb-69f6-11e1-ac62-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{b7ca19cb-69f6-11e1-ac62-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d0f4e335-3c94-11df-9ca7-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{d0f4e335-3c94-11df-9ca7-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d0f4e3ad-3c94-11df-9ca7-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{d0f4e3ad-3c94-11df-9ca7-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e6a0422c-514a-11df-ad24-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{e6a0422c-514a-11df-ad24-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f17ccf21-4689-11e2-b672-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{f17ccf21-4689-11e2-b672-001d60a340fb}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{f17ccf60-4689-11e2-b672-001e101f2b52}\Shell - "" = AutoRun
O33 - MountPoints2\{f17ccf60-4689-11e2-b672-001e101f2b52}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{fa6d3f02-f33c-11e1-8ff6-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{fa6d3f02-f33c-11e1-8ff6-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fd427367-6374-11e1-aeda-001e101f21c1}\Shell - "" = AutoRun
O33 - MountPoints2\{fd427367-6374-11e1-aeda-001e101f21c1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.02 10:58:34 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.04.02 10:57:41 | 000,000,000 | ---D | C] -- C:\JRT
[2013.03.22 23:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.03.16 15:20:45 | 000,000,000 | ---D | C] -- C:\Users\HBG\Documents\Bianka
[2013.03.15 11:21:29 | 000,000,000 | ---D | C] -- C:\Users\HBG\Documents\PAYBACK_gUTSCHEIN-bis1204-Dateien
[2013.03.14 10:18:21 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.03.14 10:18:18 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.03.14 10:18:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.03.14 10:18:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.03.14 10:18:18 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.03.14 10:18:16 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.03.14 10:18:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.03.14 10:18:14 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.03.13 12:43:53 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.03.10 18:44:24 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.10 18:43:35 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.10 18:43:35 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.03.10 18:43:35 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.03.08 19:37:02 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Local\Spotify
[2013.03.08 19:31:58 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Roaming\Spotify
[2013.03.08 18:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\UUdb
[2013.03.08 18:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\1und1Softwareaktualisierung
[2013.03.08 18:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck
[2013.03.08 18:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\1&1 Mail & Media GmbH
[2013.03.08 18:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\WEB.DE MailCheck
[2013.03.08 17:56:55 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Local\Apps
[2013.03.08 17:56:54 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Local\Deployment
[2013.03.08 10:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.03.05 11:48:49 | 000,000,000 | ---D | C] -- C:\Users\HBG\Documents\HausFrechenAnDerVogtei48
[2012.12.15 01:13:17 | 000,535,496 | ---- | C] (WebToGo Mobiles Internet GmbH) -- C:\Users\HBG\ALDITALKVerbindungsassistent_SMSMMS.exe
[2012.12.15 01:13:16 | 000,495,616 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGAlerts.dll
[2012.12.15 01:13:16 | 000,401,462 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcp60.dll
[2012.12.15 01:13:16 | 000,286,773 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcrt.dll
[2012.12.15 01:13:16 | 000,237,568 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGSoapUtil.dll
[2012.12.15 01:13:16 | 000,233,472 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGHandOver.dll
[2012.12.15 01:13:16 | 000,208,896 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGHuaweiNDISUtil.dll
[2012.12.15 01:13:16 | 000,102,400 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Users\HBG\Del_CD_ROM.exe
[2012.12.15 01:13:15 | 000,925,696 | ---- | C] (WebToGo) -- C:\Users\HBG\WtgWiFiCore.dll
[2012.12.15 01:13:15 | 000,780,024 | ---- | C] (QUALCOMM, Inc.) -- C:\Users\HBG\QCWWAN2k.dll
[2012.12.15 01:13:15 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcr71.dll
[2012.12.15 01:13:15 | 000,090,112 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WtgWiFiVista.dll
[2012.12.15 01:13:14 | 001,093,120 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfc80u.dll
[2012.12.15 01:13:14 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcr80.dll
[2012.12.15 01:13:14 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcp80.dll
[2012.12.15 01:13:14 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcm80.dll
[2012.12.15 01:13:14 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfcm80.dll
[2012.12.15 01:13:14 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfcm80u.dll
[2012.12.15 01:13:13 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfc80.dll
[2012.12.15 01:13:13 | 000,057,344 | ---- | C] (WinAbility® Software Corporation) -- C:\Users\HBG\VistaLib32.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.02 11:44:06 | 000,642,970 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.02 11:44:06 | 000,607,918 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.02 11:44:06 | 000,132,284 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.02 11:44:06 | 000,109,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.02 11:37:26 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.02 11:37:10 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.02 11:36:55 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.02 11:36:55 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.02 11:36:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.02 11:36:47 | 2138,365,952 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.02 11:35:49 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.04.02 11:33:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.01 18:22:00 | 000,000,224 | ---- | M] () -- C:\Windows\tasks\ARO 2012.job
[2013.04.01 11:36:15 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.31 16:09:46 | 000,094,320 | ---- | M] () -- C:\Users\HBG\Documents\StornoHotelHamburg.pdf
[2013.03.31 16:09:43 | 000,000,059 | ---- | M] () -- C:\Windows\wpd99.drv
[2013.03.27 13:46:54 | 000,241,610 | ---- | M] () -- C:\Users\HBG\Documents\Malwarebytes.pdf
[2013.03.26 12:11:53 | 000,000,000 | ---- | M] () -- C:\Users\HBG\defogger_reenable
[2013.03.18 20:35:14 | 000,045,312 | ---- | M] () -- C:\Users\HBG\Documents\BBK_2410_1_zusammenstellung_aufwendungen_20130319.pdf
[2013.03.16 18:20:00 | 000,306,313 | ---- | M] () -- C:\Users\HBG\Documents\Vorschlag.PDF
[2013.03.15 21:43:30 | 000,001,750 | ---- | M] () -- C:\Users\HBG\Desktop\Spotify.lnk
[2013.03.15 15:03:33 | 000,089,434 | ---- | M] () -- C:\Users\HBG\Documents\EVA_Terminanfrage_Filmdigitalisieren_Groupon.pdf
[2013.03.15 11:21:29 | 000,008,154 | ---- | M] () -- C:\Users\HBG\Documents\PAYBACK_gUTSCHEIN-bis1204.htm
[2013.03.13 17:37:48 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.13 17:37:48 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.10 18:43:18 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.03.10 18:43:17 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.10 18:43:17 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.10 18:43:16 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.03.10 18:43:16 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.03.10 18:43:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.03.08 18:03:59 | 000,001,906 | ---- | M] () -- C:\Users\HBG\Desktop\Amazon.lnk
[2013.03.08 18:03:59 | 000,001,904 | ---- | M] () -- C:\Users\HBG\Desktop\WEB.DE.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.31 16:09:41 | 000,094,320 | ---- | C] () -- C:\Users\HBG\Documents\StornoHotelHamburg.pdf
[2013.03.27 13:46:44 | 000,241,610 | ---- | C] () -- C:\Users\HBG\Documents\Malwarebytes.pdf
[2013.03.26 12:11:53 | 000,000,000 | ---- | C] () -- C:\Users\HBG\defogger_reenable
[2013.03.18 20:35:11 | 000,045,312 | ---- | C] () -- C:\Users\HBG\Documents\BBK_2410_1_zusammenstellung_aufwendungen_20130319.pdf
[2013.03.16 18:20:00 | 000,306,313 | ---- | C] () -- C:\Users\HBG\Documents\Vorschlag.PDF
[2013.03.15 15:03:30 | 000,089,434 | ---- | C] () -- C:\Users\HBG\Documents\EVA_Terminanfrage_Filmdigitalisieren_Groupon.pdf
[2013.03.15 11:21:27 | 000,008,154 | ---- | C] () -- C:\Users\HBG\Documents\PAYBACK_gUTSCHEIN-bis1204.htm
[2013.03.08 19:37:00 | 000,001,750 | ---- | C] () -- C:\Users\HBG\Desktop\Spotify.lnk
[2013.03.08 19:37:00 | 000,001,694 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2013.03.08 18:03:59 | 000,001,906 | ---- | C] () -- C:\Users\HBG\Desktop\Amazon.lnk
[2013.03.08 18:03:59 | 000,001,904 | ---- | C] () -- C:\Users\HBG\Desktop\WEB.DE.lnk
[2013.02.19 14:37:24 | 000,002,151 | ---- | C] () -- C:\Users\HBG\.recently-used.xbel
[2013.02.12 00:51:54 | 000,042,214 | ---- | C] () -- C:\Users\HBG\20130209_165604.jpg
[2013.01.15 18:49:48 | 000,014,172 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2012.12.15 01:13:20 | 000,158,664 | ---- | C] () -- C:\Users\HBG\Huaweiregcleaner.exe
[2012.12.15 01:13:20 | 000,079,436 | ---- | C] () -- C:\Users\HBG\billing_sms.wav
[2012.12.15 01:13:20 | 000,007,994 | ---- | C] () -- C:\Users\HBG\Responses.xml
[2012.12.15 01:13:20 | 000,002,815 | ---- | C] () -- C:\Users\HBG\network_wifi_disconnect.html
[2012.12.15 01:13:20 | 000,002,750 | ---- | C] () -- C:\Users\HBG\network.html
[2012.12.15 01:13:20 | 000,002,026 | ---- | C] () -- C:\Users\HBG\network_available.html
[2012.12.15 01:13:20 | 000,002,024 | ---- | C] () -- C:\Users\HBG\3Gnetwork_available.html
[2012.12.15 01:13:20 | 000,001,887 | ---- | C] () -- C:\Users\HBG\threshold_cut.html
[2012.12.15 01:13:20 | 000,001,834 | ---- | C] () -- C:\Users\HBG\general_sms.html
[2012.12.15 01:13:20 | 000,001,670 | ---- | C] () -- C:\Users\HBG\error.xml
[2012.12.15 01:13:20 | 000,001,490 | ---- | C] () -- C:\Users\HBG\WAPConfig.xml
[2012.12.15 01:13:20 | 000,001,205 | ---- | C] () -- C:\Users\HBG\info.html
[2012.12.15 01:13:20 | 000,001,201 | ---- | C] () -- C:\Users\HBG\error.html
[2012.12.15 01:13:20 | 000,001,153 | ---- | C] () -- C:\Users\HBG\ads.html
[2012.12.15 01:13:20 | 000,001,124 | ---- | C] () -- C:\Users\HBG\threshold.html
[2012.12.15 01:13:20 | 000,001,122 | ---- | C] () -- C:\Users\HBG\billing_sms.html
[2012.12.15 01:13:20 | 000,001,086 | ---- | C] () -- C:\Users\HBG\plain.html
[2012.12.15 01:13:20 | 000,001,074 | ---- | C] () -- C:\Users\HBG\brand_sms.html
[2012.12.15 01:13:20 | 000,000,983 | ---- | C] () -- C:\Users\HBG\img_ads.html
[2012.12.15 01:13:20 | 000,000,809 | ---- | C] () -- C:\Users\HBG\configMedion.ini
[2012.12.15 01:13:20 | 000,000,038 | ---- | C] () -- C:\Users\HBG\runOnConnect.ini
[2012.12.15 01:13:17 | 000,510,920 | ---- | C] () -- C:\Users\HBG\ALDITALKVerbindungsassistent_Launcher.exe
[2012.12.15 01:13:17 | 000,342,984 | ---- | C] () -- C:\Users\HBG\ALDITALKVerbindungsassistent_Service.exe
[2012.12.15 01:13:17 | 000,281,544 | ---- | C] () -- C:\Users\HBG\OSU.exe
[2012.12.15 01:13:17 | 000,074,884 | ---- | C] () -- C:\Users\HBG\Images_Medion_Asst.xml
[2012.12.15 01:13:17 | 000,038,190 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Asst_0007.xml
[2012.12.15 01:13:17 | 000,027,353 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Asst_0007.xml
[2012.12.15 01:13:17 | 000,018,939 | ---- | C] () -- C:\Users\HBG\Help_Medion_0007.chm
[2012.12.15 01:13:17 | 000,009,288 | ---- | C] () -- C:\Users\HBG\Controls_Medion_SMSMMS_0007.xml
[2012.12.15 01:13:17 | 000,008,734 | ---- | C] () -- C:\Users\HBG\Images_Medion_Upgrader.xml
[2012.12.15 01:13:17 | 000,008,376 | ---- | C] () -- C:\Users\HBG\Images_Medion_SMSMMS.xml
[2012.12.15 01:13:17 | 000,007,342 | ---- | C] () -- C:\Users\HBG\Images_Medion_Uninstaller.xml
[2012.12.15 01:13:17 | 000,006,471 | ---- | C] () -- C:\Users\HBG\Strings_Medion_SMSMMS_0007.xml
[2012.12.15 01:13:17 | 000,006,149 | ---- | C] () -- C:\Users\HBG\Eula_Medion_0007.htm
[2012.12.15 01:13:17 | 000,006,069 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Upgrader_0007.xml
[2012.12.15 01:13:17 | 000,005,190 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Address_0007.xml
[2012.12.15 01:13:17 | 000,002,679 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Address_0007.xml
[2012.12.15 01:13:17 | 000,002,568 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Uninstaller_0007.xml
[2012.12.15 01:13:17 | 000,002,486 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Upgrader_0007.xml
[2012.12.15 01:13:17 | 000,002,037 | ---- | C] () -- C:\Users\HBG\Offers_Medion_0007.xml
[2012.12.15 01:13:17 | 000,001,718 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Uninstaller_0007.xml
[2012.12.15 01:13:17 | 000,000,282 | ---- | C] () -- C:\Users\HBG\Images_Medion_Address.xml
[2012.12.15 01:13:16 | 001,633,224 | ---- | C] () -- C:\Users\HBG\ALDITALKVerbindungsassistent.exe
[2012.12.15 01:13:16 | 001,097,728 | ---- | C] () -- C:\Users\HBG\NDISAPI.dll
[2012.12.15 01:13:16 | 000,606,208 | ---- | C] () -- C:\Users\HBG\WTGXMLUtil.dll
[2012.12.15 01:13:16 | 000,043,976 | ---- | C] () -- C:\Users\HBG\InstallWTGService.exe
[2012.12.15 01:13:16 | 000,001,817 | ---- | C] () -- C:\Users\HBG\config.ini
[2012.12.15 01:13:16 | 000,001,597 | ---- | C] () -- C:\Users\HBG\KD.xml
[2012.12.15 01:13:16 | 000,000,991 | ---- | C] () -- C:\Users\HBG\bn.xml
[2012.12.15 01:13:15 | 000,294,912 | ---- | C] () -- C:\Users\HBG\WTGSMSPCClient.dll
[2012.12.15 01:13:15 | 000,204,800 | ---- | C] () -- C:\Users\HBG\LiveBoxCM.dll
[2012.12.15 01:13:15 | 000,126,976 | ---- | C] () -- C:\Users\HBG\WtgWiFi.dll
[2012.12.15 01:13:14 | 000,883,656 | ---- | C] () -- C:\Users\HBG\Setup.exe
[2012.12.15 01:13:14 | 000,823,296 | ---- | C] () -- C:\Users\HBG\libeay32.dll
[2012.12.15 01:13:14 | 000,094,274 | ---- | C] () -- C:\Users\HBG\WtgZip.dll
[2012.12.15 01:13:13 | 004,392,468 | ---- | C] () -- C:\Users\HBG\webtogodb.wdb
[2012.12.15 01:13:13 | 000,244,680 | ---- | C] () -- C:\Users\HBG\WTGVistaUtil.exe
[2012.12.15 01:13:13 | 000,106,496 | ---- | C] () -- C:\Users\HBG\WtgUtil.dll
[2012.12.15 01:13:13 | 000,090,112 | ---- | C] () -- C:\Users\HBG\WtgPorts.dll
[2012.12.15 01:13:13 | 000,069,632 | ---- | C] () -- C:\Users\HBG\WTGMMSPCClient.dll
[2012.12.15 01:13:13 | 000,012,288 | ---- | C] () -- C:\Users\HBG\WTGDebugs.dll
[2012.12.15 01:13:12 | 000,565,248 | ---- | C] () -- C:\Users\HBG\WtgCore.dll
[2012.12.15 01:13:12 | 000,306,120 | ---- | C] () -- C:\Users\HBG\Uninstaller.exe
[2012.12.15 01:13:12 | 000,196,608 | ---- | C] () -- C:\Users\HBG\WtgDetection.dll
[2012.12.15 01:13:12 | 000,139,264 | ---- | C] () -- C:\Users\HBG\WtgBluetooth.dll
[2012.12.15 01:13:12 | 000,102,400 | ---- | C] () -- C:\Users\HBG\WtgDatabase.dll
[2012.12.15 01:13:12 | 000,086,016 | ---- | C] () -- C:\Users\HBG\WtgDialup.dll
[2012.12.15 01:13:12 | 000,073,728 | ---- | C] () -- C:\Users\HBG\WtgDriverInstall.dll
[2012.12.15 01:13:12 | 000,012,800 | ---- | C] () -- C:\Users\HBG\WtgDriverInstallX.dll
[2012.10.25 18:28:24 | 000,009,322 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (Windows).EML
[2012.03.07 14:43:06 | 000,021,857 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2011.12.09 21:36:04 | 000,000,045 | RH-- | C] () -- C:\Windows\PAWSETUP.INI
[2011.12.09 21:35:12 | 000,000,306 | ---- | C] () -- C:\Windows\HD.INI
[2011.12.08 13:44:05 | 000,048,690 | ---- | C] () -- C:\Users\HBG\P081211_12.42.jpg
[2011.12.08 13:43:51 | 001,146,711 | ---- | C] () -- C:\Users\HBG\P081211_12.41.jpg
[2011.10.04 23:36:34 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2011.10.03 11:10:21 | 000,027,456 | ---- | C] () -- C:\Windows\System32\solidlocalmon.dll
[2011.10.03 11:10:21 | 000,018,752 | ---- | C] () -- C:\Windows\System32\solidlocalui.dll
[2011.08.06 11:31:29 | 000,068,640 | ---- | C] () -- C:\Windows\unTMV.exe
[2011.07.13 14:27:07 | 000,004,096 | -H-- | C] () -- C:\Users\HBG\AppData\Local\keyfile3.drm
[2011.06.08 15:28:50 | 000,017,408 | ---- | C] () -- C:\Users\HBG\AppData\Local\WebpageIcons.db
[2011.06.08 15:23:54 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011.06.08 15:23:54 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011.06.01 18:40:28 | 000,012,968 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
[2011.06.01 09:09:12 | 000,000,091 | ---- | C] () -- C:\Users\HBG\AppData\Local\fusioncache.dat
[2011.05.31 21:49:18 | 000,000,310 | ---- | C] () -- C:\Windows\ContWin.ini
[2011.05.31 13:58:16 | 000,038,746 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\B8E4.9CB
[2011.05.13 13:06:01 | 000,000,321 | ---- | C] () -- C:\Windows\devk.ini
[2011.05.13 13:06:01 | 000,000,210 | ---- | C] () -- C:\Windows\easap1.ini
[2011.01.28 17:24:04 | 000,012,629 | -H-- | C] () -- C:\Users\HBG\jpeggeri.dat
[2011.01.26 18:08:58 | 000,015,499 | -H-- | C] () -- C:\Users\HBG\ZbThumbnail.info
[2011.01.26 17:58:23 | 001,391,293 | ---- | C] () -- C:\Users\HBG\IMG_0681.JPG
[2011.01.26 17:58:23 | 001,181,975 | ---- | C] () -- C:\Users\HBG\IMG_0682.JPG
[2011.01.26 17:58:23 | 001,152,731 | ---- | C] () -- C:\Users\HBG\IMG_0683.JPG
[2010.06.10 19:00:00 | 000,000,680 | ---- | C] () -- C:\Users\HBG\AppData\Local\d3d9caps.dat
[2010.04.10 21:32:13 | 000,011,264 | ---- | C] () -- C:\Users\HBG\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.28 11:08:08 | 000,000,008 | RH-- | C] () -- C:\Users\HBG\hwid
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 304 bytes -> C:\Users\HBG\Documents\Medion-TV2.jpg:Updt_SummaryInformation
@Alternate Data Stream - 143 bytes -> C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (Windows).EML:OECustomProperty

< End of report >

OLT(Extras)

Code:

ATTFilter

OTL Extras logfile created on: 02.04.2013 11:52:44 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\HBG\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 53,37% Memory free
4,22 Gb Paging File | 3,02 Gb Available in Paging File | 71,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 89,43 Gb Total Space | 7,85 Gb Free Space | 8,78% Space Free | Partition Type: NTFS
Drive D: | 52,78 Gb Total Space | 39,44 Gb Free Space | 74,73% Space Free | Partition Type: NTFS
 
Computer Name: HBG-MOBIL | User Name: HBG | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-3573208741-2431200081-520062559-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01513A85-E8DD-458F-AC72-63F7281F2189}" = rport=138 | protocol=17 | dir=out | app=system | 
"{1D8FD333-553A-42E8-8FCE-124C3B61663F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{378F7C68-51CE-4961-A7AD-5D57616E818F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{433467EA-467D-40D4-B400-B1A970730F73}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4342396A-462E-45EC-82C1-6F333CDB5B75}" = lport=139 | protocol=6 | dir=in | app=system | 
"{5119343E-65E3-498D-8E5D-14AADBBA48FB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{712B8499-9D4A-489D-8126-945C59B01116}" = rport=137 | protocol=17 | dir=out | app=system | 
"{82E6A419-BB29-4BD1-B51A-1BBD35396606}" = rport=445 | protocol=6 | dir=out | app=system | 
"{85C78582-2889-4E7B-997B-DE39FD7FADF0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{AE4261CE-7636-4EA4-9597-E02BD94D1687}" = lport=445 | protocol=6 | dir=in | app=system | 
"{B9ADF46D-4C55-4D85-A201-5314EA4479D3}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0590DC1C-918E-4F65-8434-B002486B2C3D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{1F39CDDD-D025-40F8-B9C4-4DF74D533E74}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{200A6E49-52C0-462A-BE6A-574887FA07D8}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{59365D50-2493-4362-8CDC-18D1187BABD2}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | 
"{674030D8-AD9B-4E64-A855-0E874010B375}" = protocol=6 | dir=in | app=c:\program files\common files\acronis\syncagent\syncagentsrv.exe | 
"{89CC9036-D590-4652-B5E0-32187A5F224D}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{8DA5AF83-0F49-4AB6-AC3A-37A60775C6F4}" = protocol=17 | dir=in | app=c:\program files\common files\acronis\syncagent\syncagentsrv.exe | 
"{9E394333-70C1-495A-8B78-3EABA43B6595}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B77DF88C-E1B9-440C-BB24-CE9A5CCC04D2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{BF1DEA35-A898-410C-A61E-9F6469C6A69A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{C0BF15AC-4D24-4564-9335-7ABB6EBE8235}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{FEAC4E17-EDCE-425D-963C-AE1588B7133A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | 
"TCP Query User{7AFA474C-8C69-4900-82D8-9AF20892D301}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{866E9C44-C2D7-42A2-BDDE-710C841CF19F}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{C4BC01DA-BE92-47D3-9000-26E7AC42577F}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{52344B49-58DA-428A-89CF-283CFE935ED3}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{7FD3F095-94DD-4F82-9D29-7CCF10C902A7}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{91C2B51C-B405-4C18-A6AF-29A99A161E96}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{054A5F46-6DCE-4D09-8BC0-170428A4ED56}" = Acronis*True*Image*Home 2012
"{054A5F46-6DCE-4D09-8BC0-170428A4ED56}Visible" = Acronis*True*Image*Home 2012
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series" = Canon iP4600 series Printer Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series" = Canon iP4800 series Printer Driver
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2E60CEFA-92EE-4C4A-8EE6-0B8866C3F86A}" = WORD EXPLORER 2.0
"{2FC09AE8-6FCC-4598-9511-F498A64F4490}" = N-D
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{396905A5-84AB-4173-AB85-5ED843D30FB8}" = MAGIX Speed burnR (MSI)
"{3A6F4A31-8CFD-46B4-8385-E1F384DB121E}" = PDF-XChange Viewer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5616B6-A323-4378-B78C-B8F1C8230C17}" = MAGIX Screenshare
"{56BFAA6E-2BCC-4AED-9233-84731E66B205}" = Solid Converter PDF
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73182AC3-5CC3-4161-AE97-F23E09B13147}" = Vallen JPegger
"{746398D1-22E2-413C-BF45-C0FE6A7A669A}" = SnapAPI
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C605FFA-E482-467D-BE5E-B70095689541}" = MAGIX Fotos auf DVD MX
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OUTLOOKR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OUTLOOKR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OUTLOOKR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OUTLOOKR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_OUTLOOKR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_OUTLOOKR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2007
"{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{97F32DF8-D66E-446A-A425-C1D7B45C1033}" = Nero 7 Essentials
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = Asus MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{9F5FD796-86F0-4360-85F8-D54C0F5411EB}" = Steuer-Spar-Erklärung 2011
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{AEB61F7A-4BBA-4292-A096-7893E09034A4}" = Steuer-Spar-Erklärung 2013
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BD136CE7-6666-4273-A056-8D92F8625AAB}" = Sun ODF Plugin for Microsoft Office 3.2
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C7B8E06E-EBBC-4210-93AB-DFC8760E3FC9}" = Works Suite-Betriebssystem-Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}" = Steuer-Spar-Erklärung 2012
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Foto Premium 9
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F2260E94-80F2-4CB1-B6B1-6043D9BFFA47}" = Works-Synchronisierung
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE MailCheck für Internet Explorer
"3 WiFi Manager" = 3 WiFi Manager
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"ALDITALKVerbindungsassistent" = ALDI TALK Verbindungsassistent
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon iP4600 series Benutzerregistrierung" = Canon iP4600 series Benutzerregistrierung
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"ClocX" = ClocX (1.4)
"EAS" = EAS
"ElsterFormular" = ElsterFormular
"Google Chrome" = Google Chrome
"Hardcopy(C__Program Files_Hardcopy)" = Hardcopy (C:\Program Files\Hardcopy)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2E60CEFA-92EE-4C4A-8EE6-0B8866C3F86A}" = Word Explorer 2.0
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"IrfanView" = IrfanView (remove only)
"MAGIX_MSI_Fotos_auf_CD_DVD_MX" = MAGIX Fotos auf DVD MX
"MAGIX_MSI_PCVisit" = MAGIX Screenshare
"MAGIX_MSI_Speed3_burnR_mxcdr_MSI" = MAGIX Speed burnR (MSI)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera" = Canon Utilities MyCamera
"OUTLOOKR" = Microsoft Office Outlook 2007
"Pdf995" = Pdf995
"PhotoStitch" = Canon Utilities PhotoStitch
"PictureIt_v9" = Microsoft Picture It! Foto Premium 9
"PROHYBRIDR" = 2007 Microsoft Office system
"Recuva" = Recuva
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 5" = TeamViewer 5
"Trader Workstation 4.0" = Trader Workstation 4.0
"TVgenial" = TVgenial 4.10
"VLC media player" = VLC media player 1.1.0
"WinGimp-2.0_is1" = GIMP 2.6.11
"Works2004Setup" = Setup-Start von Microsoft Works 2004
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3573208741-2431200081-520062559-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"Trader Workstation" = Trader Workstation
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.04.2013 05:37:25 | Computer Name = HBG-Mobil | Source = SDWinSec.exe | ID = 0
Description = 
 
[ OSession Events ]
Error - 03.04.2010 06:25:02 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 54386
 seconds with 660 seconds of active time.  This session ended with a crash.
 
Error - 10.11.2010 13:16:02 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5974
 seconds with 240 seconds of active time.  This session ended with a crash.
 
Error - 02.04.2011 05:02:11 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 6732
 seconds with 3960 seconds of active time.  This session ended with a crash.
 
Error - 29.06.2011 04:11:35 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 43
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 02.05.2012 13:52:31 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 37990
 seconds with 7020 seconds of active time.  This session ended with a crash.
 
Error - 17.06.2012 14:28:44 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 38
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 08.11.2012 13:41:47 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 548
 seconds with 240 seconds of active time.  This session ended with a crash.
 
Error - 09.11.2012 09:36:51 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1054
 seconds with 900 seconds of active time.  This session ended with a crash.
 
Error - 22.01.2013 08:52:04 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 133
 seconds with 60 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 02.04.2013 05:10:03 | Computer Name = HBG-Mobil | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.04.2013 05:20:26 | Computer Name = HBG-Mobil | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.04.2013 05:37:10 | Computer Name = HBG-Mobil | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

hrbg · 02.04.2013, 11:25

Hallo cosinus,

Dankefür die schnelle Reaktion.
Anbei die gewünschten Logs:

JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.9 (04.01.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by HBG on 02.04.2013 at 10:58:47,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\apnupdater
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\bprotectordefaultscope 
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{00000000-6e41-4fd3-8538-502f5495e5fc} 
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{d4027c7f-154a-4066-a1ad-4243d8127440} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{d4027c7f-154a-4066-a1ad-4243d8127440} 



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Failed to delete: [Registry Key] hkey_current_user\software\datamngr
Failed to delete: [Registry Key] hkey_local_machine\software\datamngr
Failed to delete: [Registry Key] hkey_current_user\software\datamngr_toolbar
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT1351351
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc} 
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440} 
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{d4027c7f-154a-4066-a1ad-4243d8127440} 
Successfully deleted: [Registry Key] "hkey_current_user\software\apn" 
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar" 
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0cfe535c35f99574e8340bfa75bf92c2" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0e12f736682067fde4d1158d5940a82e" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\120dfadeb50841f408f04d2a278f9509" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\1a24b5bb8521b03e0c8d908f5abc0ae6" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\261f213d1f55267499b1f87d0cc3bcf7" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\2b0d56c4f4c46d844a57ffed6f0d2852" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\49d4375fe41653242aea4c969e4e65e0" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6aa0923513360135b272e8289c5f13fa" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6f7467af8f29c134cbbab394eccfde96" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\741b4adf27276464790022c965ab6da8" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\7de196b10195f5647a2b21b761f3de01" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\922525dcc5199162f8935747ca3d8e59" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\9d4f5849367142e4685ed8c25e44c5ed" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a5875b04372c19545beb90d4d606c472" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a876d9e80b896ec44a8620248cc79296" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\b66ffab725b92594c986de826a867888" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\bcda179d619b91648538e3394cac94cc" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\d677b1a9671d4d4004f6f2a4469e86ea" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\dd1402a9dd4215a43abde169a41afa0e" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\e36e114a0ead2ad46b381d23ad69cddf" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\ef8e618db3aedfbb384561b5c548f65e" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\products\a28b4d68debaa244eb686953b7074fef" 
Failed to delete: [Registry Key] "hkey_local_machine\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\scheduled update for ask toolbar" 



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\HBG\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Users\HBG\appdata\locallow\asktoolbar" 
Successfully deleted: [Folder] "C:\Program Files\ask.com" 
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}" 



~~~ FireFox

Successfully deleted: [File] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\yp55qh8v.default\user.js
Successfully deleted: [File] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\user.js
Successfully deleted: [File] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\yp55qh8v.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\yp55qh8v.default\searchplugins\conduit.xml
Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com"
Successfully deleted: [Folder] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\smartbar
Successfully deleted: [Folder] C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\extensions\toolbar@ask.com
Successfully deleted the following from C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\yp55qh8v.default\prefs.js

user_pref("browser.search.selectedEngine", "Ask.com");
user_pref("browser.search.order.1", "Ask.com");
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=MGX&o=15359&locale=de_DE&apn_uid=1F133E18-9A44-485B-A608-A3972477F9B8&apn_ptnrs=JQ&apn_sauid=BA
user_pref("extensions.asktb.ff-original-keyword-url", "");
Successfully deleted the following from C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\prefs.js

user_pref("CT3241949.1000082.isDisplayHidden", "true");
user_pref("CT3241949.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
user_pref("CT3241949.1000234.TWC_TMP_city", "BONN");
user_pref("CT3241949.1000234.TWC_TMP_country", "DE");
user_pref("CT3241949.1000234.TWC_locId", "GMXX0010");
user_pref("CT3241949.1000234.TWC_location", "Bonn, The Gambia");
user_pref("CT3241949.1000234.TWC_region", "DE");
user_pref("CT3241949.1000234.TWC_temp_dis", "c");
user_pref("CT3241949.1000234.TWC_wind_dis", "kmh");
user_pref("CT3241949.1000234.weatherData", "{\"icon\":\"33.png\",\"temperature\":\"3°C\",\"temperatureClear\":\"3°C\",\"highTemperature\":\"3°C\",\"lowTemperature\":\"-1°C
user_pref("CT3241949.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3241949.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3241949.FirstTime", "true");
user_pref("CT3241949.FirstTimeFF3", "true");
user_pref("CT3241949.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3241949&SearchSource=2&q=");
user_pref("CT3241949.UserID", "UN00546228509657926");
user_pref("CT3241949.browser.search.defaultthis.engineName", true);
user_pref("CT3241949.embeddedsData", "[{\"appId\":\"129887071061272563\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT3241949.enableAlerts", "always");
user_pref("CT3241949.event_data", "JTVCJTVE");
user_pref("CT3241949.fired_events", "AA==");
user_pref("CT3241949.firstTimeDialogOpened", "true");
user_pref("CT3241949.fixUrls", true);
user_pref("CT3241949.installType", "Unknown");
user_pref("CT3241949.isCheckedStartAsHidden", true);
user_pref("CT3241949.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3241949.isFirstTimeToolbarLoading", "false");
user_pref("CT3241949.isPerformedSmartBarTransition", "true");
user_pref("CT3241949.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3241949.key_date", "Mjg=");
user_pref("CT3241949.keyword", true);
user_pref("CT3241949.migrateAppsAndComponents", true);
user_pref("CT3241949.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about%3Ahome\",\"EB_MAIN_FRAME_TITLE\":\"Mozilla%20Firefox-Startseite\",\"EB_TOO
user_pref("CT3241949.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"BROWSER_COMPONENT\\\"]\"}");
user_pref("CT3241949.search.searchAppId", "129887071061272563");
user_pref("CT3241949.search.searchCount", "0");
user_pref("CT3241949.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3241949\"}");
user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FileConverter13.OurToolbar.com//xpi\"}");
user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"FileConverter 1.3\"}");
user_pref("CT3241949.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3241949.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1351445327417");
user_pref("CT3241949.serviceLayer_services_appsMetadata_lastUpdate", "1351445327207");
user_pref("CT3241949.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1351445328499");
user_pref("CT3241949.serviceLayer_services_menu_769c590835a76d075fe33b9a87a87786_lastUpdate", "1351445328223");
user_pref("CT3241949.serviceLayer_services_menu_d32f45618f5a02bd965c56155a643855_lastUpdate", "1351445327498");
user_pref("CT3241949.serviceLayer_services_optimizer_lastUpdate", "1351445328213");
user_pref("CT3241949.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1351445336517");
user_pref("CT3241949.serviceLayer_services_searchAPI_lastUpdate", "1351445326227");
user_pref("CT3241949.serviceLayer_services_serviceMap_lastUpdate", "1351445325741");
user_pref("CT3241949.serviceLayer_services_toolbarContextMenu_lastUpdate", "1351445336383");
user_pref("CT3241949.serviceLayer_services_toolbarSettings_lastUpdate", "1351445325946");
user_pref("CT3241949.serviceLayer_services_translation_lastUpdate", "1351445327258");
user_pref("CT3241949.settingsINI", true);
user_pref("CT3241949.smartbar.CTID", "CT3241949");
user_pref("CT3241949.smartbar.Uninstall", "0");
user_pref("CT3241949.smartbar.homepage", true);
user_pref("CT3241949.smartbar.toolbarName", "FileConverter 1.3 ");
user_pref("CT3241949_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1351445324473,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3241949&SearchSource=13");
user_pref("Smartbar.ConduitSearchEngineList", "FileConverter 1.3 Customized Web Search");
user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3241949&SearchSource=2&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3241949");
user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3241949&SearchSource=13");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.id", "fa94a7ac0000000000000015af393853");
user_pref("extensions.BabylonToolbar.instlDay", "15641");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=fa94a7ac0000000000000015af393853&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.818:51:34");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3241949&SearchSource=2&q=");
Emptied folder: C:\Users\HBG\AppData\Roaming\mozilla\firefox\profiles\th4710u9.default-1343061943453\minidumps [204 files]



~~~ Chrome

Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\pgafcinpmmpklohkojmllohdhomoefph



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.04.2013 at 11:03:27,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

adwCleaner

Code:

ATTFilter

# AdwCleaner v2.115 - Datei am 02/04/2013 um 11:17:58 erstellt
# Aktualisiert am 17/03/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : HBG - HBG-MOBIL
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\HBG\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\HBG\AppData\Roaming\Mozilla\Firefox\Profiles\th4710u9.default-1343061943453\bprotector_prefs.js
Datei Gelöscht : C:\Users\HBG\AppData\Roaming\Mozilla\Firefox\Profiles\th4710u9.default-1343061943453\searchplugins\fileconverter-13-customized-web-search.xml
Datei Gelöscht : C:\Users\HBG\AppData\Roaming\Mozilla\Firefox\Profiles\yp55qh8v.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\HBG\Desktop\eBay.lnk
Ordner Gelöscht : C:\Users\Internet\AppData\LocalLow\AskToolbar

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\d57d7dde53bbd12
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\d57d7dde53bbd12
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v19.0.2 (de)

Datei : C:\Users\HBG\AppData\Roaming\Mozilla\Firefox\Profiles\th4710u9.default-1343061943453\prefs.js

Gelöscht : user_pref("CT3241949.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Gelöscht : user_pref("CT3241949.1000234.weatherData", "{\"icon\":\"33.png\",\"temperature\":\"3°C\",\"temperatu[...]
Gelöscht : user_pref("CT3241949.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT3241949.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gelöscht : user_pref("CT3241949.embeddedsData", "[{\"appId\":\"129887071061272563\",\"apiPermissions\":{\"cross[...]
Gelöscht : user_pref("CT3241949.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT3241949.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gelöscht : user_pref("CT3241949.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Gelöscht : user_pref("CT3241949.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"BROWSER_COMPONENT\\\"][...]
Gelöscht : user_pref("CT3241949.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gelöscht : user_pref("CT3241949_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]

Datei : C:\Users\HBG\AppData\Roaming\Mozilla\Firefox\Profiles\yp55qh8v.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\558fhuvq.default\prefs.js

Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=MGX&o=15359&locale=d[...]
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v26.0.1410.43

Datei : C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.1294] : homepage = "hxxp://search.babylon.com/?affID=109958&tt=4312_7&babsrc=HP_ss&mntrId=fa94a7ac000000[...]
Gelöscht [l.1458] : urls_to_restore_on_startup ="session": {"restore_on_startup": 4,  [ "hxxp://search.babylon.com/?[...]

*************************

AdwCleaner[S1].txt - [341 octets] - [02/04/2013 11:17:14]
AdwCleaner[S2].txt - [6611 octets] - [02/04/2013 11:17:58]

########## EOF - C:\AdwCleaner[S2].txt - [6671 octets] ##########

OTL (OLT)

Code:

ATTFilter

OTL logfile created on: 02.04.2013 11:52:44 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\HBG\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 53,37% Memory free
4,22 Gb Paging File | 3,02 Gb Available in Paging File | 71,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 89,43 Gb Total Space | 7,85 Gb Free Space | 8,78% Space Free | Partition Type: NTFS
Drive D: | 52,78 Gb Total Space | 39,44 Gb Free Space | 74,73% Space Free | Partition Type: NTFS
 
Computer Name: HBG-MOBIL | User Name: HBG | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\HBG\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\HBG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Windows\Installer\MSIB24E.tmp (Solid Documents, LLC)
PRC - C:\Users\HBG\ALDITALKVerbindungsassistent_Launcher.exe ()
PRC - C:\Users\HBG\ALDITALKVerbindungsassistent_Service.exe ()
PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\Net4Switch\Net4Switch.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Acronis\TrueImageHome\Common\ti_managers.dll ()
MOD - C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll ()
MOD - C:\Users\HBG\ALDITALKVerbindungsassistent_Launcher.exe ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswui.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipsw_cfgmgr.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswsysmon.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswresmgr.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswcore.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\iphelper.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswhlp.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswds.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\cxcmrt.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswgblset.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ipswobj.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\LogonStartup.dll ()
MOD - C:\Program Files\ASUS\Net4Switch\ResItf.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (SymAppCore) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe File not found
SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (ISPwdSvc) -- C:\Program Files\Norton Internet Security\isPwdSvc.exe File not found
SRV - (comHost) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe File not found
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (afcdpsrv) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (syncagentsrv) -- C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (SCPDFReadSpool) -- C:\Windows\Installer\MSIB24E.tmp (Solid Documents, LLC)
SRV - (ALDITALKVerbindungsassistent_Service) -- C:\Users\HBG\ALDITALKVerbindungsassistent_Service.exe ()
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeActiveFileMonitor8.0) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (AAV UpdateService) -- C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (InCDsrv) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe (Nero AG)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (ipswuio) -- System32\DRIVERS\ipswuio.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (hwusbfake) -- system32\DRIVERS\ewusbfake.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (rt2870) -- C:\Windows\System32\drivers\rt2870.sys (Ralink Technology, Corp.)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (afcdp) -- C:\Windows\System32\drivers\afcdp.sys (Acronis)
DRV - (tdrpman) -- C:\Windows\System32\drivers\tdrpman.sys (Acronis)
DRV - (timounter) -- C:\Windows\System32\drivers\timntr.sys (Acronis)
DRV - (vididr) -- C:\Windows\System32\drivers\vididr.sys (Acronis)
DRV - (vidsflt67) -- C:\Windows\System32\drivers\vsflt67.sys (Acronis)
DRV - (snapman) -- C:\Windows\System32\drivers\snapman.sys (Acronis)
DRV - (fltsrv) -- C:\Windows\System32\drivers\fltsrv.sys (Acronis)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (hwusbdev) -- C:\Windows\System32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (incdrm) -- C:\Windows\System32\drivers\InCDRm.sys (Nero AG)
DRV - (InCDrec) -- C:\Windows\System32\drivers\InCDrec.sys (Nero AG)
DRV - (InCDPass) -- C:\Windows\System32\drivers\InCDPass.sys (Nero AG)
DRV - (InCDfs) -- C:\Windows\System32\drivers\InCDfs.sys (Nero AG)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (SYMTDI) -- C:\Windows\System32\drivers\symtdi.sys (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\drivers\symredrv.sys (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVENG.SYS (Symantec Corporation)
DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20061025.029\IDSvix86.sys (Symantec Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\HBG\Documents
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.web.de/tb/ie_startpage
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{1F03280F-5D22-4C49-8AC1-48F7928C4988}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=MGX&o=15359&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=JQ&apn_dtid=YYYYYYYYDE&apn_uid=1F133E18-9A44-485B-A608-A3972477F9B8&apn_sauid=BAC84ABF-A12A-4184-A87E-48C15560DDB8
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{424E1B9E-FD14-4112-A912-CA8330CF5A86}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{8990CAE6-534B-402C-92B8-80EB5E51F484}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{8B3AB5A0-D576-44AF-8753-1B6515CE9F60}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\SearchScopes\{C61671AD-48CD-4BDD-B37B-77D7DA791967}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49354
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.10.31 16:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.10.31 16:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.10.31 16:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 10:32:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.08 10:31:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 10:32:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.08 10:31:58 | 000,000,000 | ---D | M]
 
[2010.03.26 20:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HBG\AppData\Roaming\mozilla\Extensions
[2013.04.02 11:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HBG\AppData\Roaming\mozilla\Firefox\Profiles\th4710u9.default-1343061943453\extensions
[2011.12.28 12:39:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HBG\AppData\Roaming\mozilla\Firefox\Profiles\yp55qh8v.default\extensions
[2013.04.02 11:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013.03.08 10:31:50 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\mozilla firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
[2013.03.08 10:31:51 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak2
[2013.03.08 10:32:14 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.01.23 12:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2013.01.19 14:11:59 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.19 14:11:59 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.01.19 14:11:59 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.19 14:11:59 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.19 14:11:59 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.19 14:11:59 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.6 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: YouTube = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Google Mail = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\HBG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WEB.DE MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (WEB.DE MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\..\Toolbar\WebBrowser: (WEB.DE MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3573208741-2431200081-520062559-1000..\Run: [Spotify Web Helper] C:\Users\HBG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-3573208741-2431200081-520062559-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\HBG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-3573208741-2431200081-520062559-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Run Context - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O8 - Extra context menu item: Run Word Explorer - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O9 - Extra Button: Run Word Explorer - {26231800-6CE9-43d8-9357-5B4DC8CF4561} - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O9 - Extra 'Tools' menuitem : Run Word Explorer - {26231800-6CE9-43d8-9357-5B4DC8CF4561} - C:\Program Files\Informatic\Word Explorer 2.0\cnie5.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33C356C5-CCE1-4246-BE34-213C78FA0A21}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F952BDE-BBE5-44EB-9339-036F116C8410}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3573208741-2431200081-520062559-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{07f0cb47-d153-11df-b568-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{07f0cb47-d153-11df-b568-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{0f5af784-83bf-11df-8c66-ebd6765066d3}\Shell - "" = AutoRun
O33 - MountPoints2\{0f5af784-83bf-11df-8c66-ebd6765066d3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{0f5af789-83bf-11df-8c66-ebd6765066d3}\Shell - "" = AutoRun
O33 - MountPoints2\{0f5af789-83bf-11df-8c66-ebd6765066d3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{17e7ea36-abab-11df-95a9-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{17e7ea36-abab-11df-95a9-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{17e7ea38-abab-11df-95a9-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{17e7ea38-abab-11df-95a9-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2433ca01-1b2f-11e1-b7ea-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{2433ca01-1b2f-11e1-b7ea-001d60a340fb}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\index.html
O33 - MountPoints2\{2545fd65-39e7-11df-9983-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{2545fd65-39e7-11df-9983-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2545fd86-39e7-11df-9983-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{2545fd86-39e7-11df-9983-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3af65f3c-6da7-11e1-8a01-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{3af65f3c-6da7-11e1-8a01-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3af65f6a-6da7-11e1-8a01-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{3af65f6a-6da7-11e1-8a01-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{415399cd-4641-11e2-a144-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{415399cd-4641-11e2-a144-001d60a340fb}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{4434fc81-3df6-11df-8ca1-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4434fc81-3df6-11df-8ca1-001d60a340fb}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4434fc83-3df6-11df-8ca1-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4434fc83-3df6-11df-8ca1-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4434fd27-3df6-11df-8ca1-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4434fd27-3df6-11df-8ca1-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4e98ae26-8d11-11e0-9d9d-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4e98ae26-8d11-11e0-9d9d-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4e98ae29-8d11-11e0-9d9d-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{4e98ae29-8d11-11e0-9d9d-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{59f07131-65e4-11e1-8f98-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{59f07131-65e4-11e1-8f98-001e101f8924}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6d1fcbe0-7fbd-11e1-9b14-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{6d1fcbe0-7fbd-11e1-9b14-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{780cc5fe-3606-11e1-a299-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{780cc5fe-3606-11e1-a299-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{780cc613-3606-11e1-a299-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{780cc613-3606-11e1-a299-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{7a3f1380-45d0-11e2-a4f8-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{7a3f1380-45d0-11e2-a4f8-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7ca3d0e8-458c-11df-8363-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{7ca3d0e8-458c-11df-8363-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8ddcb8f0-6a2b-11e1-9426-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{8ddcb8f0-6a2b-11e1-9426-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbd9f2-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbd9f2-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbda21-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda21-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbda25-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda25-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{92dbda32-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda32-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{92dbda33-363d-11e1-b68c-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{92dbda33-363d-11e1-b68c-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9d7bb166-a895-11e1-b9f3-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{9d7bb166-a895-11e1-b9f3-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b478a478-51bc-11e1-85e2-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{b478a478-51bc-11e1-85e2-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b7ca19cb-69f6-11e1-ac62-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{b7ca19cb-69f6-11e1-ac62-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d0f4e335-3c94-11df-9ca7-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{d0f4e335-3c94-11df-9ca7-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d0f4e3ad-3c94-11df-9ca7-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{d0f4e3ad-3c94-11df-9ca7-001d60a340fb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e6a0422c-514a-11df-ad24-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{e6a0422c-514a-11df-ad24-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f17ccf21-4689-11e2-b672-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{f17ccf21-4689-11e2-b672-001d60a340fb}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{f17ccf60-4689-11e2-b672-001e101f2b52}\Shell - "" = AutoRun
O33 - MountPoints2\{f17ccf60-4689-11e2-b672-001e101f2b52}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{fa6d3f02-f33c-11e1-8ff6-001d60a340fb}\Shell - "" = AutoRun
O33 - MountPoints2\{fa6d3f02-f33c-11e1-8ff6-001d60a340fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fd427367-6374-11e1-aeda-001e101f21c1}\Shell - "" = AutoRun
O33 - MountPoints2\{fd427367-6374-11e1-aeda-001e101f21c1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.02 10:58:34 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.04.02 10:57:41 | 000,000,000 | ---D | C] -- C:\JRT
[2013.03.22 23:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.03.16 15:20:45 | 000,000,000 | ---D | C] -- C:\Users\HBG\Documents\Bianka
[2013.03.15 11:21:29 | 000,000,000 | ---D | C] -- C:\Users\HBG\Documents\PAYBACK_gUTSCHEIN-bis1204-Dateien
[2013.03.14 10:18:21 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.03.14 10:18:18 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.03.14 10:18:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.03.14 10:18:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.03.14 10:18:18 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.03.14 10:18:16 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.03.14 10:18:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.03.14 10:18:14 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.03.13 12:43:53 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.03.10 18:44:24 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.10 18:43:35 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.10 18:43:35 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.03.10 18:43:35 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.03.08 19:37:02 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Local\Spotify
[2013.03.08 19:31:58 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Roaming\Spotify
[2013.03.08 18:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\UUdb
[2013.03.08 18:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\1und1Softwareaktualisierung
[2013.03.08 18:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck
[2013.03.08 18:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\1&1 Mail & Media GmbH
[2013.03.08 18:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\WEB.DE MailCheck
[2013.03.08 17:56:55 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Local\Apps
[2013.03.08 17:56:54 | 000,000,000 | ---D | C] -- C:\Users\HBG\AppData\Local\Deployment
[2013.03.08 10:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.03.05 11:48:49 | 000,000,000 | ---D | C] -- C:\Users\HBG\Documents\HausFrechenAnDerVogtei48
[2012.12.15 01:13:17 | 000,535,496 | ---- | C] (WebToGo Mobiles Internet GmbH) -- C:\Users\HBG\ALDITALKVerbindungsassistent_SMSMMS.exe
[2012.12.15 01:13:16 | 000,495,616 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGAlerts.dll
[2012.12.15 01:13:16 | 000,401,462 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcp60.dll
[2012.12.15 01:13:16 | 000,286,773 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcrt.dll
[2012.12.15 01:13:16 | 000,237,568 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGSoapUtil.dll
[2012.12.15 01:13:16 | 000,233,472 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGHandOver.dll
[2012.12.15 01:13:16 | 000,208,896 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WTGHuaweiNDISUtil.dll
[2012.12.15 01:13:16 | 000,102,400 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Users\HBG\Del_CD_ROM.exe
[2012.12.15 01:13:15 | 000,925,696 | ---- | C] (WebToGo) -- C:\Users\HBG\WtgWiFiCore.dll
[2012.12.15 01:13:15 | 000,780,024 | ---- | C] (QUALCOMM, Inc.) -- C:\Users\HBG\QCWWAN2k.dll
[2012.12.15 01:13:15 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcr71.dll
[2012.12.15 01:13:15 | 000,090,112 | ---- | C] (TODO: <Company name>) -- C:\Users\HBG\WtgWiFiVista.dll
[2012.12.15 01:13:14 | 001,093,120 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfc80u.dll
[2012.12.15 01:13:14 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcr80.dll
[2012.12.15 01:13:14 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcp80.dll
[2012.12.15 01:13:14 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\msvcm80.dll
[2012.12.15 01:13:14 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfcm80.dll
[2012.12.15 01:13:14 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfcm80u.dll
[2012.12.15 01:13:13 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Users\HBG\mfc80.dll
[2012.12.15 01:13:13 | 000,057,344 | ---- | C] (WinAbility® Software Corporation) -- C:\Users\HBG\VistaLib32.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.02 11:44:06 | 000,642,970 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.02 11:44:06 | 000,607,918 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.02 11:44:06 | 000,132,284 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.02 11:44:06 | 000,109,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.02 11:37:26 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.02 11:37:10 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.02 11:36:55 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.02 11:36:55 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.02 11:36:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.02 11:36:47 | 2138,365,952 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.02 11:35:49 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.04.02 11:33:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.01 18:22:00 | 000,000,224 | ---- | M] () -- C:\Windows\tasks\ARO 2012.job
[2013.04.01 11:36:15 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.31 16:09:46 | 000,094,320 | ---- | M] () -- C:\Users\HBG\Documents\StornoHotelHamburg.pdf
[2013.03.31 16:09:43 | 000,000,059 | ---- | M] () -- C:\Windows\wpd99.drv
[2013.03.27 13:46:54 | 000,241,610 | ---- | M] () -- C:\Users\HBG\Documents\Malwarebytes.pdf
[2013.03.26 12:11:53 | 000,000,000 | ---- | M] () -- C:\Users\HBG\defogger_reenable
[2013.03.18 20:35:14 | 000,045,312 | ---- | M] () -- C:\Users\HBG\Documents\BBK_2410_1_zusammenstellung_aufwendungen_20130319.pdf
[2013.03.16 18:20:00 | 000,306,313 | ---- | M] () -- C:\Users\HBG\Documents\Vorschlag.PDF
[2013.03.15 21:43:30 | 000,001,750 | ---- | M] () -- C:\Users\HBG\Desktop\Spotify.lnk
[2013.03.15 15:03:33 | 000,089,434 | ---- | M] () -- C:\Users\HBG\Documents\EVA_Terminanfrage_Filmdigitalisieren_Groupon.pdf
[2013.03.15 11:21:29 | 000,008,154 | ---- | M] () -- C:\Users\HBG\Documents\PAYBACK_gUTSCHEIN-bis1204.htm
[2013.03.13 17:37:48 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.13 17:37:48 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.10 18:43:18 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.03.10 18:43:17 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.10 18:43:17 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.10 18:43:16 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.03.10 18:43:16 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.03.10 18:43:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.03.08 18:03:59 | 000,001,906 | ---- | M] () -- C:\Users\HBG\Desktop\Amazon.lnk
[2013.03.08 18:03:59 | 000,001,904 | ---- | M] () -- C:\Users\HBG\Desktop\WEB.DE.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.31 16:09:41 | 000,094,320 | ---- | C] () -- C:\Users\HBG\Documents\StornoHotelHamburg.pdf
[2013.03.27 13:46:44 | 000,241,610 | ---- | C] () -- C:\Users\HBG\Documents\Malwarebytes.pdf
[2013.03.26 12:11:53 | 000,000,000 | ---- | C] () -- C:\Users\HBG\defogger_reenable
[2013.03.18 20:35:11 | 000,045,312 | ---- | C] () -- C:\Users\HBG\Documents\BBK_2410_1_zusammenstellung_aufwendungen_20130319.pdf
[2013.03.16 18:20:00 | 000,306,313 | ---- | C] () -- C:\Users\HBG\Documents\Vorschlag.PDF
[2013.03.15 15:03:30 | 000,089,434 | ---- | C] () -- C:\Users\HBG\Documents\EVA_Terminanfrage_Filmdigitalisieren_Groupon.pdf
[2013.03.15 11:21:27 | 000,008,154 | ---- | C] () -- C:\Users\HBG\Documents\PAYBACK_gUTSCHEIN-bis1204.htm
[2013.03.08 19:37:00 | 000,001,750 | ---- | C] () -- C:\Users\HBG\Desktop\Spotify.lnk
[2013.03.08 19:37:00 | 000,001,694 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2013.03.08 18:03:59 | 000,001,906 | ---- | C] () -- C:\Users\HBG\Desktop\Amazon.lnk
[2013.03.08 18:03:59 | 000,001,904 | ---- | C] () -- C:\Users\HBG\Desktop\WEB.DE.lnk
[2013.02.19 14:37:24 | 000,002,151 | ---- | C] () -- C:\Users\HBG\.recently-used.xbel
[2013.02.12 00:51:54 | 000,042,214 | ---- | C] () -- C:\Users\HBG\20130209_165604.jpg
[2013.01.15 18:49:48 | 000,014,172 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2012.12.15 01:13:20 | 000,158,664 | ---- | C] () -- C:\Users\HBG\Huaweiregcleaner.exe
[2012.12.15 01:13:20 | 000,079,436 | ---- | C] () -- C:\Users\HBG\billing_sms.wav
[2012.12.15 01:13:20 | 000,007,994 | ---- | C] () -- C:\Users\HBG\Responses.xml
[2012.12.15 01:13:20 | 000,002,815 | ---- | C] () -- C:\Users\HBG\network_wifi_disconnect.html
[2012.12.15 01:13:20 | 000,002,750 | ---- | C] () -- C:\Users\HBG\network.html
[2012.12.15 01:13:20 | 000,002,026 | ---- | C] () -- C:\Users\HBG\network_available.html
[2012.12.15 01:13:20 | 000,002,024 | ---- | C] () -- C:\Users\HBG\3Gnetwork_available.html
[2012.12.15 01:13:20 | 000,001,887 | ---- | C] () -- C:\Users\HBG\threshold_cut.html
[2012.12.15 01:13:20 | 000,001,834 | ---- | C] () -- C:\Users\HBG\general_sms.html
[2012.12.15 01:13:20 | 000,001,670 | ---- | C] () -- C:\Users\HBG\error.xml
[2012.12.15 01:13:20 | 000,001,490 | ---- | C] () -- C:\Users\HBG\WAPConfig.xml
[2012.12.15 01:13:20 | 000,001,205 | ---- | C] () -- C:\Users\HBG\info.html
[2012.12.15 01:13:20 | 000,001,201 | ---- | C] () -- C:\Users\HBG\error.html
[2012.12.15 01:13:20 | 000,001,153 | ---- | C] () -- C:\Users\HBG\ads.html
[2012.12.15 01:13:20 | 000,001,124 | ---- | C] () -- C:\Users\HBG\threshold.html
[2012.12.15 01:13:20 | 000,001,122 | ---- | C] () -- C:\Users\HBG\billing_sms.html
[2012.12.15 01:13:20 | 000,001,086 | ---- | C] () -- C:\Users\HBG\plain.html
[2012.12.15 01:13:20 | 000,001,074 | ---- | C] () -- C:\Users\HBG\brand_sms.html
[2012.12.15 01:13:20 | 000,000,983 | ---- | C] () -- C:\Users\HBG\img_ads.html
[2012.12.15 01:13:20 | 000,000,809 | ---- | C] () -- C:\Users\HBG\configMedion.ini
[2012.12.15 01:13:20 | 000,000,038 | ---- | C] () -- C:\Users\HBG\runOnConnect.ini
[2012.12.15 01:13:17 | 000,510,920 | ---- | C] () -- C:\Users\HBG\ALDITALKVerbindungsassistent_Launcher.exe
[2012.12.15 01:13:17 | 000,342,984 | ---- | C] () -- C:\Users\HBG\ALDITALKVerbindungsassistent_Service.exe
[2012.12.15 01:13:17 | 000,281,544 | ---- | C] () -- C:\Users\HBG\OSU.exe
[2012.12.15 01:13:17 | 000,074,884 | ---- | C] () -- C:\Users\HBG\Images_Medion_Asst.xml
[2012.12.15 01:13:17 | 000,038,190 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Asst_0007.xml
[2012.12.15 01:13:17 | 000,027,353 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Asst_0007.xml
[2012.12.15 01:13:17 | 000,018,939 | ---- | C] () -- C:\Users\HBG\Help_Medion_0007.chm
[2012.12.15 01:13:17 | 000,009,288 | ---- | C] () -- C:\Users\HBG\Controls_Medion_SMSMMS_0007.xml
[2012.12.15 01:13:17 | 000,008,734 | ---- | C] () -- C:\Users\HBG\Images_Medion_Upgrader.xml
[2012.12.15 01:13:17 | 000,008,376 | ---- | C] () -- C:\Users\HBG\Images_Medion_SMSMMS.xml
[2012.12.15 01:13:17 | 000,007,342 | ---- | C] () -- C:\Users\HBG\Images_Medion_Uninstaller.xml
[2012.12.15 01:13:17 | 000,006,471 | ---- | C] () -- C:\Users\HBG\Strings_Medion_SMSMMS_0007.xml
[2012.12.15 01:13:17 | 000,006,149 | ---- | C] () -- C:\Users\HBG\Eula_Medion_0007.htm
[2012.12.15 01:13:17 | 000,006,069 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Upgrader_0007.xml
[2012.12.15 01:13:17 | 000,005,190 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Address_0007.xml
[2012.12.15 01:13:17 | 000,002,679 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Address_0007.xml
[2012.12.15 01:13:17 | 000,002,568 | ---- | C] () -- C:\Users\HBG\Controls_Medion_Uninstaller_0007.xml
[2012.12.15 01:13:17 | 000,002,486 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Upgrader_0007.xml
[2012.12.15 01:13:17 | 000,002,037 | ---- | C] () -- C:\Users\HBG\Offers_Medion_0007.xml
[2012.12.15 01:13:17 | 000,001,718 | ---- | C] () -- C:\Users\HBG\Strings_Medion_Uninstaller_0007.xml
[2012.12.15 01:13:17 | 000,000,282 | ---- | C] () -- C:\Users\HBG\Images_Medion_Address.xml
[2012.12.15 01:13:16 | 001,633,224 | ---- | C] () -- C:\Users\HBG\ALDITALKVerbindungsassistent.exe
[2012.12.15 01:13:16 | 001,097,728 | ---- | C] () -- C:\Users\HBG\NDISAPI.dll
[2012.12.15 01:13:16 | 000,606,208 | ---- | C] () -- C:\Users\HBG\WTGXMLUtil.dll
[2012.12.15 01:13:16 | 000,043,976 | ---- | C] () -- C:\Users\HBG\InstallWTGService.exe
[2012.12.15 01:13:16 | 000,001,817 | ---- | C] () -- C:\Users\HBG\config.ini
[2012.12.15 01:13:16 | 000,001,597 | ---- | C] () -- C:\Users\HBG\KD.xml
[2012.12.15 01:13:16 | 000,000,991 | ---- | C] () -- C:\Users\HBG\bn.xml
[2012.12.15 01:13:15 | 000,294,912 | ---- | C] () -- C:\Users\HBG\WTGSMSPCClient.dll
[2012.12.15 01:13:15 | 000,204,800 | ---- | C] () -- C:\Users\HBG\LiveBoxCM.dll
[2012.12.15 01:13:15 | 000,126,976 | ---- | C] () -- C:\Users\HBG\WtgWiFi.dll
[2012.12.15 01:13:14 | 000,883,656 | ---- | C] () -- C:\Users\HBG\Setup.exe
[2012.12.15 01:13:14 | 000,823,296 | ---- | C] () -- C:\Users\HBG\libeay32.dll
[2012.12.15 01:13:14 | 000,094,274 | ---- | C] () -- C:\Users\HBG\WtgZip.dll
[2012.12.15 01:13:13 | 004,392,468 | ---- | C] () -- C:\Users\HBG\webtogodb.wdb
[2012.12.15 01:13:13 | 000,244,680 | ---- | C] () -- C:\Users\HBG\WTGVistaUtil.exe
[2012.12.15 01:13:13 | 000,106,496 | ---- | C] () -- C:\Users\HBG\WtgUtil.dll
[2012.12.15 01:13:13 | 000,090,112 | ---- | C] () -- C:\Users\HBG\WtgPorts.dll
[2012.12.15 01:13:13 | 000,069,632 | ---- | C] () -- C:\Users\HBG\WTGMMSPCClient.dll
[2012.12.15 01:13:13 | 000,012,288 | ---- | C] () -- C:\Users\HBG\WTGDebugs.dll
[2012.12.15 01:13:12 | 000,565,248 | ---- | C] () -- C:\Users\HBG\WtgCore.dll
[2012.12.15 01:13:12 | 000,306,120 | ---- | C] () -- C:\Users\HBG\Uninstaller.exe
[2012.12.15 01:13:12 | 000,196,608 | ---- | C] () -- C:\Users\HBG\WtgDetection.dll
[2012.12.15 01:13:12 | 000,139,264 | ---- | C] () -- C:\Users\HBG\WtgBluetooth.dll
[2012.12.15 01:13:12 | 000,102,400 | ---- | C] () -- C:\Users\HBG\WtgDatabase.dll
[2012.12.15 01:13:12 | 000,086,016 | ---- | C] () -- C:\Users\HBG\WtgDialup.dll
[2012.12.15 01:13:12 | 000,073,728 | ---- | C] () -- C:\Users\HBG\WtgDriverInstall.dll
[2012.12.15 01:13:12 | 000,012,800 | ---- | C] () -- C:\Users\HBG\WtgDriverInstallX.dll
[2012.10.25 18:28:24 | 000,009,322 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (Windows).EML
[2012.03.07 14:43:06 | 000,021,857 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2011.12.09 21:36:04 | 000,000,045 | RH-- | C] () -- C:\Windows\PAWSETUP.INI
[2011.12.09 21:35:12 | 000,000,306 | ---- | C] () -- C:\Windows\HD.INI
[2011.12.08 13:44:05 | 000,048,690 | ---- | C] () -- C:\Users\HBG\P081211_12.42.jpg
[2011.12.08 13:43:51 | 001,146,711 | ---- | C] () -- C:\Users\HBG\P081211_12.41.jpg
[2011.10.04 23:36:34 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2011.10.03 11:10:21 | 000,027,456 | ---- | C] () -- C:\Windows\System32\solidlocalmon.dll
[2011.10.03 11:10:21 | 000,018,752 | ---- | C] () -- C:\Windows\System32\solidlocalui.dll
[2011.08.06 11:31:29 | 000,068,640 | ---- | C] () -- C:\Windows\unTMV.exe
[2011.07.13 14:27:07 | 000,004,096 | -H-- | C] () -- C:\Users\HBG\AppData\Local\keyfile3.drm
[2011.06.08 15:28:50 | 000,017,408 | ---- | C] () -- C:\Users\HBG\AppData\Local\WebpageIcons.db
[2011.06.08 15:23:54 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011.06.08 15:23:54 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011.06.01 18:40:28 | 000,012,968 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
[2011.06.01 09:09:12 | 000,000,091 | ---- | C] () -- C:\Users\HBG\AppData\Local\fusioncache.dat
[2011.05.31 21:49:18 | 000,000,310 | ---- | C] () -- C:\Windows\ContWin.ini
[2011.05.31 13:58:16 | 000,038,746 | ---- | C] () -- C:\Users\HBG\AppData\Roaming\B8E4.9CB
[2011.05.13 13:06:01 | 000,000,321 | ---- | C] () -- C:\Windows\devk.ini
[2011.05.13 13:06:01 | 000,000,210 | ---- | C] () -- C:\Windows\easap1.ini
[2011.01.28 17:24:04 | 000,012,629 | -H-- | C] () -- C:\Users\HBG\jpeggeri.dat
[2011.01.26 18:08:58 | 000,015,499 | -H-- | C] () -- C:\Users\HBG\ZbThumbnail.info
[2011.01.26 17:58:23 | 001,391,293 | ---- | C] () -- C:\Users\HBG\IMG_0681.JPG
[2011.01.26 17:58:23 | 001,181,975 | ---- | C] () -- C:\Users\HBG\IMG_0682.JPG
[2011.01.26 17:58:23 | 001,152,731 | ---- | C] () -- C:\Users\HBG\IMG_0683.JPG
[2010.06.10 19:00:00 | 000,000,680 | ---- | C] () -- C:\Users\HBG\AppData\Local\d3d9caps.dat
[2010.04.10 21:32:13 | 000,011,264 | ---- | C] () -- C:\Users\HBG\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.28 11:08:08 | 000,000,008 | RH-- | C] () -- C:\Users\HBG\hwid
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 304 bytes -> C:\Users\HBG\Documents\Medion-TV2.jpg:Updt_SummaryInformation
@Alternate Data Stream - 143 bytes -> C:\Users\HBG\AppData\Roaming\Kommagetrennte Werte (Windows).EML:OECustomProperty

< End of report >

OLT(Extras)

Code:

ATTFilter

OTL Extras logfile created on: 02.04.2013 11:52:44 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\HBG\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 53,37% Memory free
4,22 Gb Paging File | 3,02 Gb Available in Paging File | 71,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 89,43 Gb Total Space | 7,85 Gb Free Space | 8,78% Space Free | Partition Type: NTFS
Drive D: | 52,78 Gb Total Space | 39,44 Gb Free Space | 74,73% Space Free | Partition Type: NTFS
 
Computer Name: HBG-MOBIL | User Name: HBG | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-3573208741-2431200081-520062559-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01513A85-E8DD-458F-AC72-63F7281F2189}" = rport=138 | protocol=17 | dir=out | app=system | 
"{1D8FD333-553A-42E8-8FCE-124C3B61663F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{378F7C68-51CE-4961-A7AD-5D57616E818F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{433467EA-467D-40D4-B400-B1A970730F73}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4342396A-462E-45EC-82C1-6F333CDB5B75}" = lport=139 | protocol=6 | dir=in | app=system | 
"{5119343E-65E3-498D-8E5D-14AADBBA48FB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{712B8499-9D4A-489D-8126-945C59B01116}" = rport=137 | protocol=17 | dir=out | app=system | 
"{82E6A419-BB29-4BD1-B51A-1BBD35396606}" = rport=445 | protocol=6 | dir=out | app=system | 
"{85C78582-2889-4E7B-997B-DE39FD7FADF0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{AE4261CE-7636-4EA4-9597-E02BD94D1687}" = lport=445 | protocol=6 | dir=in | app=system | 
"{B9ADF46D-4C55-4D85-A201-5314EA4479D3}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0590DC1C-918E-4F65-8434-B002486B2C3D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{1F39CDDD-D025-40F8-B9C4-4DF74D533E74}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{200A6E49-52C0-462A-BE6A-574887FA07D8}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{59365D50-2493-4362-8CDC-18D1187BABD2}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | 
"{674030D8-AD9B-4E64-A855-0E874010B375}" = protocol=6 | dir=in | app=c:\program files\common files\acronis\syncagent\syncagentsrv.exe | 
"{89CC9036-D590-4652-B5E0-32187A5F224D}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{8DA5AF83-0F49-4AB6-AC3A-37A60775C6F4}" = protocol=17 | dir=in | app=c:\program files\common files\acronis\syncagent\syncagentsrv.exe | 
"{9E394333-70C1-495A-8B78-3EABA43B6595}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B77DF88C-E1B9-440C-BB24-CE9A5CCC04D2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{BF1DEA35-A898-410C-A61E-9F6469C6A69A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{C0BF15AC-4D24-4564-9335-7ABB6EBE8235}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{FEAC4E17-EDCE-425D-963C-AE1588B7133A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | 
"TCP Query User{7AFA474C-8C69-4900-82D8-9AF20892D301}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{866E9C44-C2D7-42A2-BDDE-710C841CF19F}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{C4BC01DA-BE92-47D3-9000-26E7AC42577F}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{52344B49-58DA-428A-89CF-283CFE935ED3}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{7FD3F095-94DD-4F82-9D29-7CCF10C902A7}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{91C2B51C-B405-4C18-A6AF-29A99A161E96}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{054A5F46-6DCE-4D09-8BC0-170428A4ED56}" = Acronis*True*Image*Home 2012
"{054A5F46-6DCE-4D09-8BC0-170428A4ED56}Visible" = Acronis*True*Image*Home 2012
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series" = Canon iP4600 series Printer Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series" = Canon iP4800 series Printer Driver
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2E60CEFA-92EE-4C4A-8EE6-0B8866C3F86A}" = WORD EXPLORER 2.0
"{2FC09AE8-6FCC-4598-9511-F498A64F4490}" = N-D
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{396905A5-84AB-4173-AB85-5ED843D30FB8}" = MAGIX Speed burnR (MSI)
"{3A6F4A31-8CFD-46B4-8385-E1F384DB121E}" = PDF-XChange Viewer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5616B6-A323-4378-B78C-B8F1C8230C17}" = MAGIX Screenshare
"{56BFAA6E-2BCC-4AED-9233-84731E66B205}" = Solid Converter PDF
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73182AC3-5CC3-4161-AE97-F23E09B13147}" = Vallen JPegger
"{746398D1-22E2-413C-BF45-C0FE6A7A669A}" = SnapAPI
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C605FFA-E482-467D-BE5E-B70095689541}" = MAGIX Fotos auf DVD MX
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OUTLOOKR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OUTLOOKR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OUTLOOKR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OUTLOOKR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_OUTLOOKR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_OUTLOOKR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2007
"{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{97F32DF8-D66E-446A-A425-C1D7B45C1033}" = Nero 7 Essentials
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = Asus MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{9F5FD796-86F0-4360-85F8-D54C0F5411EB}" = Steuer-Spar-Erklärung 2011
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{AEB61F7A-4BBA-4292-A096-7893E09034A4}" = Steuer-Spar-Erklärung 2013
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BD136CE7-6666-4273-A056-8D92F8625AAB}" = Sun ODF Plugin for Microsoft Office 3.2
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C7B8E06E-EBBC-4210-93AB-DFC8760E3FC9}" = Works Suite-Betriebssystem-Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}" = Steuer-Spar-Erklärung 2012
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Foto Premium 9
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F2260E94-80F2-4CB1-B6B1-6043D9BFFA47}" = Works-Synchronisierung
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE MailCheck für Internet Explorer
"3 WiFi Manager" = 3 WiFi Manager
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"ALDITALKVerbindungsassistent" = ALDI TALK Verbindungsassistent
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon iP4600 series Benutzerregistrierung" = Canon iP4600 series Benutzerregistrierung
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"ClocX" = ClocX (1.4)
"EAS" = EAS
"ElsterFormular" = ElsterFormular
"Google Chrome" = Google Chrome
"Hardcopy(C__Program Files_Hardcopy)" = Hardcopy (C:\Program Files\Hardcopy)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2E60CEFA-92EE-4C4A-8EE6-0B8866C3F86A}" = Word Explorer 2.0
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"IrfanView" = IrfanView (remove only)
"MAGIX_MSI_Fotos_auf_CD_DVD_MX" = MAGIX Fotos auf DVD MX
"MAGIX_MSI_PCVisit" = MAGIX Screenshare
"MAGIX_MSI_Speed3_burnR_mxcdr_MSI" = MAGIX Speed burnR (MSI)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera" = Canon Utilities MyCamera
"OUTLOOKR" = Microsoft Office Outlook 2007
"Pdf995" = Pdf995
"PhotoStitch" = Canon Utilities PhotoStitch
"PictureIt_v9" = Microsoft Picture It! Foto Premium 9
"PROHYBRIDR" = 2007 Microsoft Office system
"Recuva" = Recuva
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 5" = TeamViewer 5
"Trader Workstation 4.0" = Trader Workstation 4.0
"TVgenial" = TVgenial 4.10
"VLC media player" = VLC media player 1.1.0
"WinGimp-2.0_is1" = GIMP 2.6.11
"Works2004Setup" = Setup-Start von Microsoft Works 2004
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3573208741-2431200081-520062559-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"Trader Workstation" = Trader Workstation
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.04.2013 05:37:25 | Computer Name = HBG-Mobil | Source = SDWinSec.exe | ID = 0
Description = 
 
[ OSession Events ]
Error - 03.04.2010 06:25:02 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 54386
 seconds with 660 seconds of active time.  This session ended with a crash.
 
Error - 10.11.2010 13:16:02 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5974
 seconds with 240 seconds of active time.  This session ended with a crash.
 
Error - 02.04.2011 05:02:11 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 6732
 seconds with 3960 seconds of active time.  This session ended with a crash.
 
Error - 29.06.2011 04:11:35 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 43
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 02.05.2012 13:52:31 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 37990
 seconds with 7020 seconds of active time.  This session ended with a crash.
 
Error - 17.06.2012 14:28:44 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 38
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 08.11.2012 13:41:47 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 548
 seconds with 240 seconds of active time.  This session ended with a crash.
 
Error - 09.11.2012 09:36:51 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1054
 seconds with 900 seconds of active time.  This session ended with a crash.
 
Error - 22.01.2013 08:52:04 | Computer Name = HBG-Mobil | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 133
 seconds with 60 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 02.04.2013 05:10:03 | Computer Name = HBG-Mobil | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.04.2013 05:20:26 | Computer Name = HBG-Mobil | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.04.2013 05:37:10 | Computer Name = HBG-Mobil | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

cosinus · 02.04.2013, 12:06

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

hrbg · 02.04.2013, 20:14

Hallo cosinus,

habe alles gemacht wie gewünscht.
Kapersky meldet immer noch eine Bedrohung durch Malware:
"Gefunden: HEUR: Exploit.Java.CVE-2012-0507.gen"

Auch ESET hat noch einen Virenbefall festgestellt.

Hier die Logs:

Malwarebytes:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.04.02.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
HBG :: HBG-MOBIL [Administrator]

Schutz: Aktiviert

02.04.2013 17:08:49
mbam-log-2013-04-02 (17-08-49).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 234813
Laufzeit: 11 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=0eb2e16246f30c41808bf533e766179a
# engine=13533
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-04-02 06:36:39
# local_time=2013-04-02 08:36:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1285 16777214 100 100 5129972 61251749 0 0
# compatibility_mode=5892 16776637 100 100 37897 202460527 0 0
# scanned=275957
# found=1
# cleaned=0
# scan_time=10485
sh=E63C0C8579F842EF63AA4349E13E30D88E4AC127 ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.NNF trojan" ac=I fn="C:\Users\HBG\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\4fa6845e-5963e97d"