| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Suchmaschinen Weiterleitung auf WerbeseitenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.05.2013, 00:08
| #1 |
| |  Suchmaschinen Weiterleitung auf Werbeseiten Nabend! ich werde beim klicken auf die Ergebnislinks von google oder bing auf irgendwelche Werbeseiten weitergeleitet  (wie schon hier beschrieben: http://www.trojaner-board.de/135379-...place-com.html) habe alle in dem thread aufgeführten schritte durchgeführt:
Ergebnis: MBAR (Malwarebytes Anti-Rootkit) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.24.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
*** :: *** [administrator]
24.05.2013 18:25:27
mbar-log-2013-05-24 (18-25-27).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31452
Time elapsed: 12 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-24 18:30:58
-----------------------------
18:30:58.609 OS Version: Windows 5.1.2600 Service Pack 3
18:30:58.609 Number of processors: 2 586 0xE08
18:30:58.609 ComputerName: *** UserName: ***
18:30:59.125 Initialize success
18:48:30.406 AVAST engine defs: 13052301
19:05:28.484 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
19:05:28.484 Disk 0 Vendor: Corsair_Force_3_SSD 1.3.2 Size: 114473MB BusType: 3
19:05:28.500 Disk 0 MBR read successfully
19:05:28.515 Disk 0 MBR scan
19:05:28.515 Disk 0 Windows XP default MBR code
19:05:28.515 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 4000 MB offset 63
19:05:28.515 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 72316 MB offset 8193150
19:05:28.531 Disk 0 scanning sectors +156296385
19:05:28.531 Disk 0 scanning C:\WINDOWS\system32\drivers
19:05:32.000 Service scanning
19:05:38.531 Modules scanning
19:05:40.140 Disk 0 trace - called modules:
19:05:40.140 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
19:05:40.140 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b1c4ab8]
19:05:40.140 3 CLASSPNP.SYS[f74f7fd7] -> nt!IofCallDriver -> \Device\00000094[0x8b1fc030]
19:05:40.156 5 ACPI.sys[f735d620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x8b252940]
19:05:40.390 AVAST engine scan C:\WINDOWS
19:05:42.218 AVAST engine scan C:\WINDOWS\system32
19:07:12.421 AVAST engine scan C:\WINDOWS\system32\drivers
19:07:19.328 AVAST engine scan C:\Dokumente und Einstellungen\***
19:45:43.000 AVAST engine scan C:\Dokumente und Einstellungen\All Users
19:47:39.968 Scan finished successfully
19:56:51.609 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\***\Desktop\MBR.dat"
19:56:51.609 The log file has been saved successfully to "C:\Dokumente und Einstellungen\***\Desktop\aswMBR.txt"
Beitrag zu lang, also neuer Post: TDSS-Killer Code:
ATTFilter 48.0703 2484 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
50.0718 2484 ============================================================
50.0718 2484 Current date / time: 2013/05/25 50.0718
50.0718 2484 SystemInfo:
50.0718 2484
50.0718 2484 OS Version: 5.1.2600 ServicePack: 3.0
50.0718 2484 Product type: Workstation
50.0718 2484 ComputerName: ***
50.0718 2484 UserName: ***
50.0718 2484 Windows directory: C:\WINDOWS
50.0718 2484 System windows directory: C:\WINDOWS
50.0718 2484 Processor architecture: Intel x86
50.0718 2484 Number of processors: 2
50.0718 2484 Page size: 0x1000
50.0718 2484 Boot type: Normal boot
50.0718 2484 ============================================================
51.0046 2484 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
51.0046 2484 ============================================================
51.0046 2484 \Device\Harddisk0\DR0:
51.0046 2484 MBR partitions:
51.0046 2484 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7D043F
51.0046 2484 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7D047E, BlocksNum 0x8D3E043
51.0046 2484 ============================================================
51.0046 2484 C: <-> \Device\Harddisk0\DR0\Partition2
51.0046 2484 ============================================================
51.0046 2484 Initialize success
51.0046 2484 ============================================================
53.0359 3680 ============================================================
53.0359 3680 Scan started
53.0359 3680 Mode: Manual;
53.0359 3680 ============================================================
53.0625 3680 ================ Scan system memory ========================
53.0625 3680 System memory - ok
53.0625 3680 ================ Scan services =============================
53.0687 3680 Abiosdsk - ok
53.0687 3680 abp480n5 - ok
53.0703 3680 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
53.0703 3680 ACPI - ok
53.0703 3680 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
53.0703 3680 ACPIEC - ok
53.0718 3680 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
53.0718 3680 AdobeFlashPlayerUpdateSvc - ok
53.0734 3680 adpu160m - ok
53.0734 3680 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
53.0734 3680 aec - ok
53.0750 3680 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
53.0750 3680 AFD - ok
53.0750 3680 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
53.0750 3680 AgereModemAudio - ok
53.0781 3680 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
53.0796 3680 AgereSoftModem - ok
53.0812 3680 Aha154x - ok
53.0812 3680 aic78u2 - ok
53.0812 3680 aic78xx - ok
53.0828 3680 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
53.0828 3680 Alerter - ok
53.0828 3680 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
53.0828 3680 ALG - ok
53.0843 3680 AliIde - ok
53.0843 3680 amsint - ok
53.0859 3680 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
53.0859 3680 AntiVirSchedulerService - ok
53.0859 3680 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
53.0859 3680 AntiVirService - ok
53.0875 3680 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
53.0875 3680 Apple Mobile Device - ok
53.0875 3680 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
53.0890 3680 AppMgmt - ok
53.0890 3680 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
53.0890 3680 Arp1394 - ok
53.0906 3680 asc - ok
53.0906 3680 asc3350p - ok
53.0906 3680 asc3550 - ok
53.0921 3680 [ 54AB078660E536DA72B21A27F56B035B ] Aspi32 C:\WINDOWS\system32\drivers\aspi32.sys
53.0921 3680 Aspi32 - ok
53.0937 3680 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
53.0937 3680 aspnet_state - ok
53.0937 3680 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
53.0937 3680 AsyncMac - ok
53.0953 3680 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
53.0953 3680 atapi - ok
53.0953 3680 Atdisk - ok
53.0968 3680 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
53.0968 3680 Atmarpc - ok
53.0968 3680 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
53.0968 3680 AudioSrv - ok
53.0984 3680 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
53.0984 3680 audstub - ok
53.0984 3680 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
53.0984 3680 avgntflt - ok
54.0000 3680 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
54.0000 3680 avipbb - ok
54.0000 3680 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
54.0000 3680 avkmgr - ok
54.0015 3680 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
54.0015 3680 Beep - ok
54.0031 3680 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
54.0031 3680 BITS - ok
54.0046 3680 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
54.0046 3680 Bonjour Service - ok
54.0062 3680 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
54.0062 3680 Browser - ok
54.0062 3680 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
54.0062 3680 cbidf2k - ok
54.0078 3680 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
54.0078 3680 CCDECODE - ok
54.0078 3680 cd20xrnt - ok
54.0078 3680 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
54.0093 3680 Cdaudio - ok
54.0093 3680 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
54.0093 3680 Cdfs - ok
54.0093 3680 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
54.0109 3680 Cdrom - ok
54.0109 3680 Changer - ok
54.0109 3680 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
54.0109 3680 CiSvc - ok
54.0125 3680 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
54.0125 3680 ClipSrv - ok
54.0125 3680 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
54.0140 3680 clr_optimization_v2.0.50727_32 - ok
54.0140 3680 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
54.0140 3680 clr_optimization_v4.0.30319_32 - ok
54.0156 3680 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
54.0156 3680 CmBatt - ok
54.0156 3680 CmdIde - ok
54.0171 3680 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
54.0171 3680 Compbatt - ok
54.0171 3680 COMSysApp - ok
54.0171 3680 Cpqarray - ok
54.0187 3680 Crypkey License - ok
54.0187 3680 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
54.0187 3680 CryptSvc - ok
54.0203 3680 [ 5C706C06C1279952D2CC1A609CA948BF ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
54.0203 3680 CVirtA - ok
54.0218 3680 [ C64D9A84723E874BF5168D7BF420F85D ] CVPND C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
54.0250 3680 CVPND - ok
54.0265 3680 [ 03516F6D3B8C91C919DE622196A84BCE ] CVPNDRVA C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
54.0265 3680 CVPNDRVA - ok
54.0265 3680 dac2w2k - ok
54.0281 3680 dac960nt - ok
54.0281 3680 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
54.0296 3680 DcomLaunch - ok
54.0312 3680 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
54.0312 3680 Dhcp - ok
54.0312 3680 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
54.0312 3680 Disk - ok
54.0312 3680 dmadmin - ok
54.0343 3680 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
54.0359 3680 dmboot - ok
54.0359 3680 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
54.0359 3680 dmio - ok
54.0375 3680 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
54.0375 3680 dmload - ok
54.0375 3680 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
54.0375 3680 dmserver - ok
54.0390 3680 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
54.0390 3680 DMusic - ok
54.0390 3680 [ 8101650993B2F79118D2BF24402C390D ] DNE C:\WINDOWS\system32\DRIVERS\dne2000.sys
54.0390 3680 DNE - ok
54.0406 3680 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
54.0406 3680 Dnscache - ok
54.0406 3680 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
54.0406 3680 Dot3svc - ok
54.0421 3680 dpti2o - ok
54.0421 3680 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
54.0421 3680 drmkaud - ok
54.0437 3680 [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
54.0437 3680 dtsoftbus01 - ok
54.0437 3680 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
54.0437 3680 EapHost - ok
54.0453 3680 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
54.0453 3680 ERSvc - ok
54.0453 3680 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
54.0453 3680 Eventlog - ok
54.0468 3680 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
54.0468 3680 EventSystem - ok
54.0484 3680 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
54.0484 3680 Fastfat - ok
54.0484 3680 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
54.0500 3680 FastUserSwitchingCompatibility - ok
54.0500 3680 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
54.0500 3680 Fdc - ok
54.0500 3680 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
54.0515 3680 Fips - ok
54.0515 3680 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
54.0515 3680 Flpydisk - ok
54.0515 3680 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
54.0531 3680 FltMgr - ok
54.0531 3680 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
54.0531 3680 FontCache3.0.0.0 - ok
54.0531 3680 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
54.0546 3680 Fs_Rec - ok
54.0546 3680 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
54.0546 3680 Ftdisk - ok
54.0562 3680 [ 00845DCD64FE6348DDF7890C310C17B9 ] FUJ02B1 C:\WINDOWS\system32\DRIVERS\FUJ02B1.sys
54.0562 3680 FUJ02B1 - ok
54.0562 3680 [ EF9F310F86FD504AFCDCEDF8280091FB ] FUJ02E3 C:\WINDOWS\system32\DRIVERS\FUJ02E3.sys
54.0562 3680 FUJ02E3 - ok
54.0562 3680 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
54.0562 3680 GEARAspiWDM - ok
54.0578 3680 [ DCBFA8269D243A855344E846049CBDAE ] GoogleDesktopManager-060409-093314 C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
54.0578 3680 GoogleDesktopManager-060409-093314 - ok
54.0578 3680 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
54.0578 3680 Gpc - ok
54.0593 3680 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
54.0593 3680 gupdate - ok
54.0593 3680 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
54.0593 3680 gupdatem - ok
54.0609 3680 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
54.0609 3680 gusvc - ok
54.0609 3680 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
54.0625 3680 HDAudBus - ok
54.0625 3680 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
54.0625 3680 helpsvc - ok
54.0625 3680 HidServ - ok
54.0640 3680 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
54.0640 3680 HidUsb - ok
54.0640 3680 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
54.0640 3680 hkmsvc - ok
54.0656 3680 hpn - ok
54.0656 3680 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
54.0671 3680 HTTP - ok
54.0671 3680 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
54.0671 3680 HTTPFilter - ok
54.0671 3680 i2omgmt - ok
54.0687 3680 i2omp - ok
54.0687 3680 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
54.0687 3680 i8042prt - ok
54.0718 3680 [ 6FCB904910DA07C9DC2593D66438FA29 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
54.0734 3680 ialm - ok
54.0750 3680 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
54.0750 3680 IDriverT - ok
54.0765 3680 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
54.0781 3680 idsvc - ok
54.0796 3680 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
54.0796 3680 Imapi - ok
54.0812 3680 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
54.0812 3680 ImapiService - ok
54.0812 3680 ini910u - ok
54.0906 3680 [ 64BE56B8858CA0153C725C720FFD194F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
54.0984 3680 IntcAzAudAddService - ok
55.0000 3680 IntelIde - ok
55.0000 3680 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
55.0000 3680 intelppm - ok
55.0015 3680 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
55.0015 3680 Ip6Fw - ok
55.0015 3680 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
55.0015 3680 IpFilterDriver - ok
55.0031 3680 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
55.0031 3680 IpInIp - ok
55.0031 3680 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
55.0046 3680 IpNat - ok
55.0062 3680 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Programme\iPod\bin\iPodService.exe
55.0062 3680 iPod Service - ok
55.0078 3680 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
55.0078 3680 IPSec - ok
55.0078 3680 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
55.0078 3680 irda - ok
55.0093 3680 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
55.0093 3680 IRENUM - ok
55.0093 3680 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
55.0093 3680 Irmon - ok
55.0109 3680 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
55.0109 3680 isapnp - ok
55.0109 3680 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
55.0109 3680 JavaQuickStarterService - ok
55.0125 3680 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
55.0125 3680 Kbdclass - ok
55.0125 3680 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
55.0125 3680 kbdhid - ok
55.0140 3680 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
55.0140 3680 kmixer - ok
55.0140 3680 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
55.0156 3680 KSecDD - ok
55.0156 3680 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
55.0156 3680 LanmanServer - ok
55.0171 3680 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
55.0171 3680 lanmanworkstation - ok
55.0171 3680 lbrtfdc - ok
55.0187 3680 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
55.0203 3680 LmHosts - ok
55.0203 3680 [ BA1347822D01B2D29C14CF09663A6457 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
55.0218 3680 LVRS - ok
55.0281 3680 [ E2C99D3B692BA2173114C9DF79313B70 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
55.0359 3680 LVUVC - ok
55.0375 3680 [ 4A5FFDF0FE830C448830BD4B02B02B4B ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
55.0375 3680 mbamchameleon - ok
55.0375 3680 [ 5E55BFC76186C213BD8FCB119033FDF7 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
55.0390 3680 MDM - ok
55.0390 3680 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
55.0390 3680 Messenger - ok
55.0406 3680 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
55.0406 3680 mnmdd - ok
55.0406 3680 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
55.0406 3680 mnmsrvc - ok
55.0421 3680 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
55.0421 3680 Modem - ok
55.0421 3680 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
55.0421 3680 Mouclass - ok
55.0437 3680 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
55.0437 3680 mouhid - ok
55.0453 3680 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
55.0453 3680 MountMgr - ok
55.0453 3680 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
55.0453 3680 MozillaMaintenance - ok
55.0453 3680 mraid35x - ok
55.0468 3680 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
55.0468 3680 MRxDAV - ok
55.0484 3680 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
55.0500 3680 MRxSmb - ok
55.0500 3680 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
55.0500 3680 MSDTC - ok
55.0515 3680 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
55.0515 3680 Msfs - ok
55.0515 3680 MSIServer - ok
55.0515 3680 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
55.0515 3680 MSKSSRV - ok
55.0531 3680 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
55.0531 3680 MSPCLOCK - ok
55.0531 3680 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
55.0531 3680 MSPQM - ok
55.0546 3680 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
55.0546 3680 mssmbios - ok
55.0546 3680 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
55.0546 3680 MSTEE - ok
55.0546 3680 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
55.0562 3680 Mup - ok
55.0562 3680 [ A0F0B16316276017E682410B5612A707 ] mv2 C:\WINDOWS\system32\DRIVERS\mv2.sys
55.0562 3680 mv2 - ok
55.0562 3680 MySQL - ok
55.0578 3680 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
55.0578 3680 NABTSFEC - ok
55.0578 3680 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
55.0593 3680 napagent - ok
55.0593 3680 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
55.0609 3680 NDIS - ok
55.0609 3680 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
55.0609 3680 NdisIP - ok
55.0609 3680 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
55.0625 3680 NdisTapi - ok
55.0625 3680 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
55.0625 3680 Ndisuio - ok
55.0625 3680 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
55.0625 3680 NdisWan - ok
55.0640 3680 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
55.0640 3680 NDProxy - ok
55.0640 3680 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\WINDOWS\system32\DRIVERS\netaapl.sys
55.0640 3680 Netaapl - ok
55.0656 3680 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
55.0656 3680 NetBIOS - ok
55.0656 3680 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
55.0656 3680 NetBT - ok
55.0671 3680 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
55.0671 3680 NetDDE - ok
55.0671 3680 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
55.0687 3680 NetDDEdsdm - ok
55.0687 3680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
55.0687 3680 Netlogon - ok
55.0687 3680 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
55.0703 3680 Netman - ok
55.0703 3680 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
55.0703 3680 NetTcpPortSharing - ok
55.0750 3680 [ E2F396F71A793A04839DBB6AF304A026 ] NETw3x32 C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
55.0781 3680 NETw3x32 - ok
55.0781 3680 [ 32A46F5EDCEC1D791510571AA50B2942 ] NetworkX C:\WINDOWS\system32\ckldrv.sys
55.0781 3680 NetworkX - ok
55.0796 3680 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
55.0796 3680 NIC1394 - ok
55.0796 3680 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
55.0812 3680 Nla - ok
55.0812 3680 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
55.0812 3680 Npfs - ok
55.0828 3680 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
55.0843 3680 Ntfs - ok
55.0843 3680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
55.0843 3680 NtLmSsp - ok
55.0859 3680 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
55.0875 3680 NtmsSvc - ok
55.0875 3680 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
55.0875 3680 Null - ok
55.0875 3680 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
55.0875 3680 NwlnkFlt - ok
55.0890 3680 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
55.0890 3680 NwlnkFwd - ok
55.0890 3680 [ A7B4D345D0F160649AA7CDC37E5C1A28 ] O2Flash C:\WINDOWS\system32\o2flash.exe
55.0890 3680 O2Flash - ok
55.0906 3680 [ 3201B873D5D296F926981C7477CD598A ] O2MDRDR C:\WINDOWS\system32\DRIVERS\o2media.sys
55.0906 3680 O2MDRDR - ok
55.0906 3680 [ 552F07EA923CB37FE586B5FEE080876E ] O2SDRDR C:\WINDOWS\system32\DRIVERS\o2sd.sys
55.0906 3680 O2SDRDR - ok
55.0921 3680 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
55.0921 3680 ohci1394 - ok
55.0921 3680 OracleMTSRecoveryService - ok
55.0937 3680 OracleOraDb11g_home1ClrAgent - ok
55.0937 3680 [ AB2B07AC4AFD38F574D903EAF9E98A60 ] OZSCR C:\WINDOWS\system32\DRIVERS\ozscr.sys
55.0953 3680 OZSCR - ok
55.0953 3680 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
55.0953 3680 Parport - ok
55.0953 3680 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
55.0953 3680 PartMgr - ok
55.0968 3680 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
55.0968 3680 ParVdm - ok
55.0968 3680 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
55.0968 3680 PCI - ok
55.0984 3680 PCIDump - ok
55.0984 3680 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
55.0984 3680 PCIIde - ok
56.0000 3680 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
56.0000 3680 Pcmcia - ok
56.0000 3680 PDCOMP - ok
56.0000 3680 PDFRAME - ok
56.0015 3680 PDRELI - ok
56.0015 3680 PDRFRAME - ok
56.0015 3680 perc2 - ok
56.0031 3680 perc2hib - ok
56.0046 3680 [ D2D2FA02B722336960EEAE0AE7107891 ] PID_0928 C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
56.0062 3680 PID_0928 - ok
56.0062 3680 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
56.0062 3680 PlugPlay - ok
56.0078 3680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
56.0078 3680 PolicyAgent - ok
56.0078 3680 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
56.0078 3680 PptpMiniport - ok
56.0078 3680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
56.0093 3680 ProtectedStorage - ok
56.0093 3680 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
56.0093 3680 PSched - ok
56.0093 3680 [ C8EB36910D3BD582891977E80925E21E ] PSSDK42 C:\WINDOWS\system32\Drivers\pssdk42.sys
56.0109 3680 PSSDK42 - ok
56.0109 3680 [ 0BEC7B42F4093400509821C63F13F1D5 ] PSSDKLBF C:\WINDOWS\system32\Drivers\pssdklbf.sys
56.0109 3680 PSSDKLBF - ok
56.0109 3680 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
56.0109 3680 Ptilink - ok
56.0125 3680 ql1080 - ok
56.0125 3680 Ql10wnt - ok
56.0125 3680 ql12160 - ok
56.0140 3680 ql1240 - ok
56.0140 3680 ql1280 - ok
56.0140 3680 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
56.0140 3680 RasAcd - ok
56.0156 3680 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
56.0156 3680 RasAuto - ok
56.0156 3680 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
56.0171 3680 Rasirda - ok
56.0171 3680 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
56.0171 3680 Rasl2tp - ok
56.0171 3680 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
56.0187 3680 RasMan - ok
56.0187 3680 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
56.0187 3680 RasPppoe - ok
56.0187 3680 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
56.0203 3680 Raspti - ok
56.0203 3680 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
56.0203 3680 Rdbss - ok
56.0218 3680 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
56.0218 3680 RDPCDD - ok
56.0218 3680 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
56.0234 3680 rdpdr - ok
56.0234 3680 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
56.0234 3680 RDPWD - ok
56.0250 3680 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
56.0250 3680 RDSessMgr - ok
56.0265 3680 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
56.0265 3680 redbook - ok
56.0265 3680 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
56.0265 3680 RemoteAccess - ok
56.0281 3680 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
56.0281 3680 RemoteRegistry - ok
56.0281 3680 [ 9103D53E2ACD8B7B56C5CCAAB2C40488 ] Rfc2IBHLink C:\WINDOWS\system32\Rfc2IBHLink.exe
56.0296 3680 Rfc2IBHLink - ok
56.0296 3680 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
56.0296 3680 RpcLocator - ok
56.0312 3680 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
56.0312 3680 RpcSs - ok
56.0328 3680 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
56.0328 3680 RSVP - ok
56.0328 3680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
56.0328 3680 SamSs - ok
56.0343 3680 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
56.0343 3680 SCardSvr - ok
56.0359 3680 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
56.0359 3680 Schedule - ok
56.0359 3680 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
56.0375 3680 sdbus - ok
56.0375 3680 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
56.0375 3680 Secdrv - ok
56.0375 3680 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
56.0375 3680 seclogon - ok
56.0390 3680 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
56.0390 3680 SENS - ok
56.0390 3680 sentemul - ok
56.0406 3680 [ AEBBA7428A6C40CCE3C5ABDE45190B24 ] Sentinel C:\WINDOWS\system32\drivers\sentinel.sys
56.0406 3680 Sentinel - ok
56.0406 3680 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
56.0406 3680 serenum - ok
56.0421 3680 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
56.0421 3680 Serial - ok
56.0437 3680 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
56.0437 3680 Sfloppy - ok
56.0453 3680 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
56.0453 3680 SharedAccess - ok
56.0468 3680 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
56.0468 3680 ShellHWDetection - ok
56.0468 3680 Simbad - ok
56.0468 3680 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
56.0468 3680 SLIP - ok
56.0484 3680 [ D03A4CDB1B089E3F6C23501339506E5E ] SMCIRDA C:\WINDOWS\system32\DRIVERS\smcirda.sys
56.0484 3680 SMCIRDA - ok
56.0484 3680 [ A1FF7D99B199CEA1F3DF371BA70D2780 ] Sntnlusb C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
56.0500 3680 Sntnlusb - ok
56.0500 3680 Sparrow - ok
56.0500 3680 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
56.0500 3680 splitter - ok
56.0515 3680 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
56.0515 3680 Spooler - ok
56.0515 3680 [ 5501EE14991F3DCBF2014439260AA19B ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
56.0515 3680 sr - ok
56.0531 3680 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
56.0531 3680 srservice - ok
56.0546 3680 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
56.0546 3680 Srv - ok
56.0562 3680 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
56.0562 3680 SSDPSRV - ok
56.0562 3680 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
56.0562 3680 ssmdrv - ok
56.0578 3680 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
56.0578 3680 stisvc - ok
56.0593 3680 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
56.0593 3680 streamip - ok
56.0593 3680 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
56.0593 3680 swenum - ok
56.0609 3680 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
56.0609 3680 swmidi - ok
56.0609 3680 SwPrv - ok
56.0609 3680 symc810 - ok
56.0625 3680 symc8xx - ok
56.0625 3680 sym_hi - ok
56.0625 3680 sym_u3 - ok
56.0640 3680 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
56.0640 3680 sysaudio - ok
56.0640 3680 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
56.0656 3680 SysmonLog - ok
56.0656 3680 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
56.0671 3680 TapiSrv - ok
56.0671 3680 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
56.0687 3680 Tcpip - ok
56.0687 3680 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
56.0687 3680 TDPIPE - ok
56.0687 3680 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
56.0703 3680 TDTCP - ok
56.0703 3680 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
56.0703 3680 TermDD - ok
56.0718 3680 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
56.0718 3680 TermService - ok
56.0734 3680 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
56.0734 3680 Themes - ok
56.0734 3680 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
56.0734 3680 TlntSvr - ok
56.0750 3680 TosIde - ok
56.0750 3680 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
56.0750 3680 TrkWks - ok
56.0765 3680 [ 596BF95189AD63FE7F02EDDDA596A4A2 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
56.0765 3680 Udfs - ok
56.0765 3680 ultra - ok
56.0781 3680 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
56.0796 3680 Update - ok
56.0796 3680 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
56.0796 3680 upnphost - ok
56.0812 3680 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
56.0812 3680 UPS - ok
56.0812 3680 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
56.0812 3680 USBAAPL - ok
56.0828 3680 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
56.0828 3680 usbaudio - ok
56.0828 3680 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
56.0828 3680 usbccgp - ok
56.0843 3680 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
56.0843 3680 usbehci - ok
56.0843 3680 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
56.0843 3680 usbhub - ok
56.0859 3680 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
56.0859 3680 usbprint - ok
56.0859 3680 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
56.0859 3680 usbscan - ok
56.0859 3680 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
56.0875 3680 USBSTOR - ok
56.0875 3680 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
56.0875 3680 usbuhci - ok
56.0875 3680 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
56.0890 3680 usbvideo - ok
56.0890 3680 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
56.0890 3680 VgaSave - ok
56.0890 3680 ViaIde - ok
56.0906 3680 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
56.0906 3680 VolSnap - ok
56.0906 3680 [ 27B3DD12A19EEC50220DF15B64913DDA ] vsdatant C:\WINDOWS\system32\vsdatant.sys
56.0921 3680 vsdatant - ok
56.0937 3680 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
56.0937 3680 VSS - ok
56.0953 3680 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
56.0953 3680 W32Time - ok
56.0953 3680 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
56.0953 3680 Wanarp - ok
56.0968 3680 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
56.0984 3680 Wdf01000 - ok
56.0984 3680 WDICA - ok
56.0984 3680 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
57.0000 3680 wdmaud - ok
57.0000 3680 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
57.0000 3680 WebClient - ok
57.0015 3680 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
57.0015 3680 winmgmt - ok
57.0031 3680 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
57.0031 3680 WmdmPmSN - ok
57.0046 3680 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
57.0062 3680 Wmi - ok
57.0078 3680 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
57.0078 3680 WmiApSrv - ok
57.0093 3680 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
57.0109 3680 WPFFontCache_v0400 - ok
57.0125 3680 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
57.0125 3680 wscsvc - ok
57.0125 3680 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
57.0125 3680 WSTCODEC - ok
57.0140 3680 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
57.0140 3680 wuauserv - ok
57.0156 3680 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
57.0156 3680 WZCSVC - ok
57.0171 3680 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
57.0171 3680 xmlprov - ok
57.0187 3680 [ 05D48E56EA2612D39A4E7F0ECC17B917 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
57.0187 3680 yukonwxp - ok
57.0203 3680 ================ Scan global ===============================
57.0203 3680 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
57.0218 3680 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
57.0234 3680 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
57.0234 3680 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
57.0234 3680 [Global] - ok
57.0234 3680 ================ Scan MBR ==================================
57.0234 3680 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
57.0312 3680 \Device\Harddisk0\DR0 - ok
57.0312 3680 ================ Scan VBR ==================================
57.0312 3680 [ E6620D8085E514F90A7074B9FA2C063D ] \Device\Harddisk0\DR0\Partition1
57.0312 3680 \Device\Harddisk0\DR0\Partition1 - ok
57.0312 3680 [ B4F707E1375EEB2F452ACB9C0302697D ] \Device\Harddisk0\DR0\Partition2
57.0312 3680 \Device\Harddisk0\DR0\Partition2 - ok
57.0312 3680 ============================================================
57.0312 3680 Scan finished
57.0312 3680 ============================================================
57.0328 2604 Detected object count: 0
57.0328 2604 Actual detected object count: 0
04.0015 2612 ============================================================
04.0015 2612 Scan started
04.0015 2612 Mode: Manual;
04.0015 2612 ============================================================
04.0109 2612 ================ Scan system memory ========================
04.0109 2612 System memory - ok
04.0109 2612 ================ Scan services =============================
04.0156 2612 Abiosdsk - ok
04.0156 2612 abp480n5 - ok
04.0156 2612 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
04.0171 2612 ACPI - ok
04.0171 2612 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
04.0171 2612 ACPIEC - ok
04.0187 2612 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
04.0187 2612 AdobeFlashPlayerUpdateSvc - ok
04.0187 2612 adpu160m - ok
04.0203 2612 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
04.0203 2612 aec - ok
04.0203 2612 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
04.0203 2612 AFD - ok
04.0218 2612 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
04.0218 2612 AgereModemAudio - ok
04.0234 2612 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
04.0250 2612 AgereSoftModem - ok
04.0250 2612 Aha154x - ok
04.0250 2612 aic78u2 - ok
04.0265 2612 aic78xx - ok
04.0265 2612 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
04.0265 2612 Alerter - ok
04.0281 2612 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
04.0281 2612 ALG - ok
04.0281 2612 AliIde - ok
04.0281 2612 amsint - ok
04.0296 2612 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
04.0296 2612 AntiVirSchedulerService - ok
04.0296 2612 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
04.0296 2612 AntiVirService - ok
04.0312 2612 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
04.0312 2612 Apple Mobile Device - ok
04.0312 2612 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
04.0312 2612 AppMgmt - ok
04.0328 2612 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
04.0328 2612 Arp1394 - ok
04.0328 2612 asc - ok
04.0328 2612 asc3350p - ok
04.0343 2612 asc3550 - ok
04.0359 2612 [ 54AB078660E536DA72B21A27F56B035B ] Aspi32 C:\WINDOWS\system32\drivers\aspi32.sys
04.0359 2612 Aspi32 - ok
04.0359 2612 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
04.0359 2612 aspnet_state - ok
04.0375 2612 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
04.0375 2612 AsyncMac - ok
04.0375 2612 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
04.0375 2612 atapi - ok
04.0375 2612 Atdisk - ok
04.0390 2612 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
04.0390 2612 Atmarpc - ok
04.0390 2612 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
04.0390 2612 AudioSrv - ok
04.0390 2612 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
04.0406 2612 audstub - ok
04.0406 2612 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
04.0406 2612 avgntflt - ok
04.0406 2612 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
04.0406 2612 avipbb - ok
04.0421 2612 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
04.0421 2612 avkmgr - ok
04.0421 2612 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
04.0421 2612 Beep - ok
04.0437 2612 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
04.0437 2612 BITS - ok
04.0453 2612 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
04.0453 2612 Bonjour Service - ok
04.0468 2612 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
04.0468 2612 Browser - ok
04.0468 2612 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
04.0468 2612 cbidf2k - ok
04.0468 2612 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
04.0468 2612 CCDECODE - ok
04.0484 2612 cd20xrnt - ok
04.0484 2612 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
04.0484 2612 Cdaudio - ok
04.0500 2612 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
04.0500 2612 Cdfs - ok
04.0500 2612 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
04.0500 2612 Cdrom - ok
04.0500 2612 Changer - ok
04.0515 2612 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
04.0515 2612 CiSvc - ok
04.0515 2612 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
04.0515 2612 ClipSrv - ok
04.0531 2612 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04.0531 2612 clr_optimization_v2.0.50727_32 - ok
04.0531 2612 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
04.0531 2612 clr_optimization_v4.0.30319_32 - ok
04.0546 2612 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
04.0546 2612 CmBatt - ok
04.0546 2612 CmdIde - ok
04.0546 2612 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
04.0546 2612 Compbatt - ok
04.0562 2612 COMSysApp - ok
04.0562 2612 Cpqarray - ok
04.0578 2612 Crypkey License - ok
04.0578 2612 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
04.0578 2612 CryptSvc - ok
04.0578 2612 [ 5C706C06C1279952D2CC1A609CA948BF ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
04.0578 2612 CVirtA - ok
04.0609 2612 [ C64D9A84723E874BF5168D7BF420F85D ] CVPND C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
04.0625 2612 CVPND - ok
04.0640 2612 [ 03516F6D3B8C91C919DE622196A84BCE ] CVPNDRVA C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
04.0640 2612 CVPNDRVA - ok
04.0640 2612 dac2w2k - ok
04.0656 2612 dac960nt - ok
04.0656 2612 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
04.0671 2612 DcomLaunch - ok
04.0671 2612 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
04.0671 2612 Dhcp - ok
04.0687 2612 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
04.0687 2612 Disk - ok
04.0687 2612 dmadmin - ok
04.0703 2612 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
04.0703 2612 dmboot - ok
04.0718 2612 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
04.0718 2612 dmio - ok
04.0718 2612 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
04.0718 2612 dmload - ok
04.0734 2612 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
04.0734 2612 dmserver - ok
04.0734 2612 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
04.0734 2612 DMusic - ok
04.0750 2612 [ 8101650993B2F79118D2BF24402C390D ] DNE C:\WINDOWS\system32\DRIVERS\dne2000.sys
04.0750 2612 DNE - ok
04.0750 2612 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
04.0750 2612 Dnscache - ok
04.0765 2612 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
04.0765 2612 Dot3svc - ok
04.0765 2612 dpti2o - ok
04.0765 2612 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
04.0781 2612 drmkaud - ok
04.0781 2612 [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
04.0781 2612 dtsoftbus01 - ok
04.0796 2612 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
04.0796 2612 EapHost - ok
04.0796 2612 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
04.0796 2612 ERSvc - ok
04.0796 2612 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
04.0812 2612 Eventlog - ok
04.0812 2612 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
04.0812 2612 EventSystem - ok
04.0828 2612 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
04.0828 2612 Fastfat - ok
04.0828 2612 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
04.0843 2612 FastUserSwitchingCompatibility - ok
04.0843 2612 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
04.0843 2612 Fdc - ok
04.0843 2612 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
04.0843 2612 Fips - ok
04.0859 2612 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
04.0859 2612 Flpydisk - ok
04.0859 2612 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
04.0859 2612 FltMgr - ok
04.0875 2612 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
04.0875 2612 FontCache3.0.0.0 - ok
04.0875 2612 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
04.0875 2612 Fs_Rec - ok
04.0890 2612 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
04.0890 2612 Ftdisk - ok
04.0890 2612 [ 00845DCD64FE6348DDF7890C310C17B9 ] FUJ02B1 C:\WINDOWS\system32\DRIVERS\FUJ02B1.sys
04.0890 2612 FUJ02B1 - ok
04.0890 2612 [ EF9F310F86FD504AFCDCEDF8280091FB ] FUJ02E3 C:\WINDOWS\system32\DRIVERS\FUJ02E3.sys
04.0890 2612 FUJ02E3 - ok
04.0906 2612 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
04.0906 2612 GEARAspiWDM - ok
04.0906 2612 [ DCBFA8269D243A855344E846049CBDAE ] GoogleDesktopManager-060409-093314 C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
04.0906 2612 GoogleDesktopManager-060409-093314 - ok
04.0921 2612 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
04.0921 2612 Gpc - ok
04.0921 2612 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
04.0921 2612 gupdate - ok
04.0921 2612 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
04.0921 2612 gupdatem - ok
04.0937 2612 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
04.0937 2612 gusvc - ok
04.0937 2612 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
04.0937 2612 HDAudBus - ok
04.0953 2612 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
04.0953 2612 helpsvc - ok
04.0953 2612 HidServ - ok
04.0968 2612 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
04.0968 2612 HidUsb - ok
04.0968 2612 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
04.0968 2612 hkmsvc - ok
04.0968 2612 hpn - ok
04.0984 2612 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
04.0984 2612 HTTP - ok
04.0984 2612 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
05.0000 2612 HTTPFilter - ok
05.0000 2612 i2omgmt - ok
05.0000 2612 i2omp - ok
05.0015 2612 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
05.0015 2612 i8042prt - ok
05.0031 2612 [ 6FCB904910DA07C9DC2593D66438FA29 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
05.0046 2612 ialm - ok
05.0046 2612 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
05.0046 2612 IDriverT - ok
05.0078 2612 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05.0078 2612 idsvc - ok
05.0093 2612 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
05.0093 2612 Imapi - ok
05.0093 2612 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
05.0093 2612 ImapiService - ok
05.0109 2612 ini910u - ok
05.0187 2612 [ 64BE56B8858CA0153C725C720FFD194F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
05.0218 2612 IntcAzAudAddService - ok
05.0234 2612 IntelIde - ok
05.0234 2612 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
05.0234 2612 intelppm - ok
05.0250 2612 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
05.0250 2612 Ip6Fw - ok
05.0250 2612 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
05.0250 2612 IpFilterDriver - ok
05.0250 2612 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
05.0250 2612 IpInIp - ok
05.0265 2612 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
05.0265 2612 IpNat - ok
05.0281 2612 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Programme\iPod\bin\iPodService.exe
05.0281 2612 iPod Service - ok
05.0296 2612 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
05.0296 2612 IPSec - ok
05.0296 2612 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
05.0296 2612 irda - ok
05.0296 2612 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
05.0296 2612 IRENUM - ok
05.0312 2612 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
05.0312 2612 Irmon - ok
05.0312 2612 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
05.0312 2612 isapnp - ok
05.0328 2612 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
05.0328 2612 JavaQuickStarterService - ok
05.0328 2612 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
05.0343 2612 Kbdclass - ok
05.0343 2612 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
05.0343 2612 kbdhid - ok
05.0343 2612 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
05.0343 2612 kmixer - ok
05.0359 2612 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
05.0359 2612 KSecDD - ok
05.0359 2612 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
05.0375 2612 LanmanServer - ok
05.0375 2612 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
05.0375 2612 lanmanworkstation - ok
05.0390 2612 lbrtfdc - ok
05.0390 2612 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
05.0390 2612 LmHosts - ok
05.0406 2612 [ BA1347822D01B2D29C14CF09663A6457 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
05.0406 2612 LVRS - ok
05.0484 2612 [ E2C99D3B692BA2173114C9DF79313B70 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
05.0515 2612 LVUVC - ok
05.0515 2612 [ 4A5FFDF0FE830C448830BD4B02B02B4B ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
05.0515 2612 mbamchameleon - ok
05.0531 2612 [ 5E55BFC76186C213BD8FCB119033FDF7 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
05.0531 2612 MDM - ok
05.0546 2612 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
05.0546 2612 Messenger - ok
05.0546 2612 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
05.0546 2612 mnmdd - ok
05.0562 2612 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
05.0562 2612 mnmsrvc - ok
05.0562 2612 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
05.0562 2612 Modem - ok
05.0562 2612 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
05.0578 2612 Mouclass - ok
05.0578 2612 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
05.0578 2612 mouhid - ok
05.0578 2612 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
05.0578 2612 MountMgr - ok
05.0593 2612 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
05.0593 2612 MozillaMaintenance - ok
05.0593 2612 mraid35x - ok
05.0609 2612 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
05.0609 2612 MRxDAV - ok
05.0609 2612 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
05.0625 2612 MRxSmb - ok
05.0625 2612 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
05.0625 2612 MSDTC - ok
05.0640 2612 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
05.0640 2612 Msfs - ok
05.0640 2612 MSIServer - ok
05.0656 2612 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
05.0656 2612 MSKSSRV - ok
05.0656 2612 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
05.0671 2612 MSPCLOCK - ok
05.0671 2612 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
05.0671 2612 MSPQM - ok
05.0687 2612 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
05.0687 2612 mssmbios - ok
05.0687 2612 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
05.0687 2612 MSTEE - ok
05.0687 2612 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
05.0703 2612 Mup - ok
05.0703 2612 [ A0F0B16316276017E682410B5612A707 ] mv2 C:\WINDOWS\system32\DRIVERS\mv2.sys
05.0703 2612 mv2 - ok
05.0703 2612 MySQL - ok
05.0718 2612 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
05.0718 2612 NABTSFEC - ok
...
06.0015 2612 [ 552F07EA923CB37FE586B5FEE080876E ] O2SDRDR C:\WINDOWS\system32\DRIVERS\o2sd.sys
06.0015 2612 O2SDRDR - ok
06.0015 2612 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
06.0015 2612 ohci1394 - ok
06.0031 2612 OracleMTSRecoveryService - ok
06.0046 2612 OracleOraDb11g_home1ClrAgent - ok
06.0062 2612 [ AB2B07AC4AFD38F574D903EAF9E98A60 ] OZSCR C:\WINDOWS\system32\DRIVERS\ozscr.sys
06.0062 2612 OZSCR - ok
06.0062 2612 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
06.0078 2612 Parport - ok
06.0078 2612 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
06.0078 2612 PartMgr - ok
06.0078 2612 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
06.0078 2612 ParVdm - ok
06.0093 2612 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
06.0093 2612 PCI - ok
06.0093 2612 PCIDump - ok
06.0109 2612 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
06.0109 2612 PCIIde - ok
06.0109 2612 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
06.0109 2612 Pcmcia - ok
06.0125 2612 PDCOMP - ok
06.0125 2612 PDFRAME - ok
06.0125 2612 PDRELI - ok
06.0140 2612 PDRFRAME - ok
06.0140 2612 perc2 - ok
06.0140 2612 perc2hib - ok
06.0171 2612 [ D2D2FA02B722336960EEAE0AE7107891 ] PID_0928 C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
06.0171 2612 PID_0928 - ok
06.0171 2612 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
06.0187 2612 PlugPlay - ok
06.0187 2612 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
06.0187 2612 PolicyAgent - ok
06.0187 2612 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
06.0203 2612 PptpMiniport - ok
06.0203 2612 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
06.0203 2612 ProtectedStorage - ok
06.0218 2612 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
06.0218 2612 PSched - ok
06.0218 2612 [ C8EB36910D3BD582891977E80925E21E ] PSSDK42 C:\WINDOWS\system32\Drivers\pssdk42.sys
06.0218 2612 PSSDK42 - ok
06.0218 2612 [ 0BEC7B42F4093400509821C63F13F1D5 ] PSSDKLBF C:\WINDOWS\system32\Drivers\pssdklbf.sys
06.0218 2612 PSSDKLBF - ok
06.0234 2612 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
06.0234 2612 Ptilink - ok
06.0234 2612 ql1080 - ok
06.0234 2612 Ql10wnt - ok
06.0250 2612 ql12160 - ok
06.0250 2612 ql1240 - ok
06.0250 2612 ql1280 - ok
06.0265 2612 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
06.0265 2612 RasAcd - ok
06.0265 2612 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
...
06.0468 2612 Schedule - ok
06.0484 2612 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
06.0484 2612 sdbus - ok
06.0484 2612 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
06.0484 2612 Secdrv - ok
06.0484 2612 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
06.0500 2612 seclogon - ok
06.0500 2612 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
06.0500 2612 SENS - ok
06.0500 2612 sentemul - ok
06.0515 2612 [ AEBBA7428A6C40CCE3C5ABDE45190B24 ] Sentinel C:\WINDOWS\system32\drivers\sentinel.sys
06.0515 2612 Sentinel - ok
06.0515 2612 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
06.0515 2612 serenum - ok
06.0531 2612 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
06.0531 2612 Serial - ok
06.0546 2612 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
06.0546 2612 Sfloppy - ok
06.0562 2612 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
06.0562 2612 SharedAccess - ok
06.0578 2612 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
06.0578 2612 ShellHWDetection - ok
06.0578 2612 Simbad - ok
06.0593 2612 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
06.0593 2612 SLIP - ok
06.0593 2612 [ D03A4CDB1B089E3F6C23501339506E5E ] SMCIRDA C:\WINDOWS\system32\DRIVERS\smcirda.sys
06.0593 2612 SMCIRDA - ok
06.0609 2612 [ A1FF7D99B199CEA1F3DF371BA70D2780 ] Sntnlusb C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
06.0609 2612 Sntnlusb - ok
06.0609 2612 Sparrow - ok
06.0609 2612 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
06.0609 2612 splitter - ok
06.0625 2612 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
06.0625 2612 Spooler - ok
06.0625 2612 [ 5501EE14991F3DCBF2014439260AA19B ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
06.0625 2612 sr - ok
06.0640 2612 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
06.0640 2612 srservice - ok
06.0656 2612 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
06.0656 2612 Srv - ok
06.0656 2612 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
06.0656 2612 SSDPSRV - ok
06.0671 2612 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
06.0671 2612 ssmdrv - ok
06.0687 2612 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
06.0687 2612 stisvc - ok
06.0687 2612 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
06.0687 2612 streamip - ok
06.0703 2612 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
06.0703 2612 swenum - ok
06.0703 2612 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
06.0703 2612 swmidi - ok
06.0703 2612 SwPrv - ok
06.0718 2612 symc810 - ok
06.0718 2612 symc8xx - ok
06.0718 2612 sym_hi - ok
06.0734 2612 sym_u3 - ok
06.0734 2612 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
06.0734 2612 sysaudio - ok
06.0750 2612 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
06.0750 2612 SysmonLog - ok
06.0750 2612 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
06.0765 2612 TapiSrv - ok
06.0765 2612 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
06.0781 2612 Tcpip - ok
06.0781 2612 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
06.0781 2612 TDPIPE - ok
06.0781 2612 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
06.0796 2612 TDTCP - ok
06.0796 2612 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
06.0796 2612 TermDD - ok
06.0812 2612 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
06.0812 2612 TermService - ok
06.0812 2612 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
06.0812 2612 Themes - ok
06.0828 2612 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
06.0828 2612 TlntSvr - ok
06.0828 2612 TosIde - ok
06.0843 2612 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
06.0843 2612 TrkWks - ok
06.0843 2612 [ 596BF95189AD63FE7F02EDDDA596A4A2 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
06.0843 2612 Udfs - ok
06.0859 2612 ultra - ok
06.0875 2612 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
06.0875 2612 Update - ok
06.0875 2612 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
06.0875 2612 upnphost - ok
06.0890 2612 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
06.0890 2612 UPS - ok
06.0890 2612 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
06.0890 2612 USBAAPL - ok
06.0906 2612 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
06.0906 2612 usbaudio - ok
06.0906 2612 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
06.0906 2612 usbccgp - ok
06.0921 2612 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
06.0921 2612 usbehci - ok
06.0937 2612 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
06.0937 2612 usbhub - ok
06.0937 2612 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
06.0937 2612 usbprint - ok
06.0953 2612 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
06.0953 2612 usbscan - ok
06.0953 2612 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
06.0953 2612 USBSTOR - ok
06.0968 2612 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
06.0968 2612 usbuhci - ok
06.0968 2612 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
06.0984 2612 usbvideo - ok
06.0984 2612 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
06.0984 2612 VgaSave - ok
06.0984 2612 ViaIde - ok
07.0000 2612 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
07.0000 2612 VolSnap - ok
07.0000 2612 [ 27B3DD12A19EEC50220DF15B64913DDA ] vsdatant C:\WINDOWS\system32\vsdatant.sys
07.0015 2612 vsdatant - ok
07.0015 2612 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
07.0031 2612 VSS - ok
07.0031 2612 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
07.0031 2612 W32Time - ok
07.0046 2612 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
07.0046 2612 Wanarp - ok
07.0062 2612 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
07.0062 2612 Wdf01000 - ok
07.0062 2612 WDICA - ok
07.0078 2612 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
07.0078 2612 wdmaud - ok
07.0093 2612 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
07.0093 2612 WebClient - ok
07.0109 2612 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
07.0109 2612 winmgmt - ok
07.0125 2612 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
07.0125 2612 WmdmPmSN - ok
07.0140 2612 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
07.0140 2612 Wmi - ok
07.0156 2612 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
07.0156 2612 WmiApSrv - ok
07.0171 2612 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
07.0187 2612 WPFFontCache_v0400 - ok
07.0187 2612 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
07.0203 2612 wscsvc - ok
07.0203 2612 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
07.0203 2612 WSTCODEC - ok
07.0203 2612 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
07.0218 2612 wuauserv - ok
07.0234 2612 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
07.0234 2612 WZCSVC - ok
07.0234 2612 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
07.0250 2612 xmlprov - ok
07.0250 2612 [ 05D48E56EA2612D39A4E7F0ECC17B917 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
07.0250 2612 yukonwxp - ok
07.0281 2612 ================ Scan global ===============================
07.0281 2612 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
07.0296 2612 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
07.0296 2612 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
07.0312 2612 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
07.0312 2612 [Global] - ok
07.0312 2612 ================ Scan MBR ==================================
07.0312 2612 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
07.0390 2612 \Device\Harddisk0\DR0 - ok
07.0390 2612 ================ Scan VBR ==================================
07.0390 2612 [ E6620D8085E514F90A7074B9FA2C063D ] \Device\Harddisk0\DR0\Partition1
07.0390 2612 \Device\Harddisk0\DR0\Partition1 - ok
07.0390 2612 [ B4F707E1375EEB2F452ACB9C0302697D ] \Device\Harddisk0\DR0\Partition2
07.0390 2612 \Device\Harddisk0\DR0\Partition2 - ok
07.0390 2612 ============================================================
07.0390 2612 Scan finished
07.0390 2612 ============================================================
07.0406 3992 Detected object count: 0
07.0406 3992 Actual detected object count: 0
49.0328 0332 ============================================================
49.0328 0332 Scan started
49.0328 0332 Mode: Manual; SigCheck; TDLFS;
49.0328 0332 ============================================================
49.0390 0332 ================ Scan system memory ========================
49.0390 0332 System memory - ok
49.0390 0332 ================ Scan services =============================
49.0437 0332 Abiosdsk - ok
49.0437 0332 abp480n5 - ok
49.0453 0332 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
49.0796 0332 ACPI - ok
49.0796 0332 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
49.0921 0332 ACPIEC - ok
49.0921 0332 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
49.0953 0332 AdobeFlashPlayerUpdateSvc - ok
49.0953 0332 adpu160m - ok
49.0968 0332 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
50.0078 0332 aec - ok
50.0093 0332 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
50.0109 0332 AFD - ok
50.0109 0332 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
50.0125 0332 AgereModemAudio - ok
50.0156 0332 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
50.0203 0332 AgereSoftModem - ok
50.0203 0332 Aha154x - ok
50.0203 0332 aic78u2 - ok
50.0218 0332 aic78xx - ok
50.0218 0332 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
50.0343 0332 Alerter - ok
50.0343 0332 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
50.0406 0332 ALG - ok
50.0406 0332 AliIde - ok
50.0421 0332 amsint - ok
50.0421 0332 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
50.0437 0332 AntiVirSchedulerService - ok
50.0453 0332 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
50.0468 0332 AntiVirService - ok
50.0468 0332 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
50.0484 0332 Apple Mobile Device - ok
50.0500 0332 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
50.0562 0332 AppMgmt - ok
50.0562 0332 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
50.0671 0332 Arp1394 - ok
50.0687 0332 asc - ok
50.0687 0332 asc3350p - ok
50.0687 0332 asc3550 - ok
50.0703 0332 [ 54AB078660E536DA72B21A27F56B035B ] Aspi32 C:\WINDOWS\system32\drivers\aspi32.sys
50.0703 0332 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
50.0703 0332 Aspi32 - detected UnsignedFile.Multi.Generic (1)
50.0718 0332 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
50.0734 0332 aspnet_state - ok
50.0734 0332 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
50.0859 0332 AsyncMac - ok
50.0859 0332 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
50.0984 0332 atapi - ok
51.0000 0332 Atdisk - ok
51.0000 0332 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
51.0125 0332 Atmarpc - ok
51.0125 0332 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
51.0250 0332 AudioSrv - ok
51.0265 0332 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
51.0375 0332 audstub - ok
51.0390 0332 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
51.0406 0332 avgntflt - ok
51.0406 0332 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
51.0421 0332 avipbb - ok
51.0437 0332 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
51.0453 0332 avkmgr - ok
51.0453 0332 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
51.0578 0332 Beep - ok
51.0578 0332 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
51.0703 0332 BITS - ok
51.0718 0332 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
51.0734 0332 Bonjour Service - ok
51.0750 0332 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
51.0765 0332 Browser - ok
51.0781 0332 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
51.0906 0332 cbidf2k - ok
51.0906 0332 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
52.0031 0332 CCDECODE - ok
52.0031 0332 cd20xrnt - ok
52.0031 0332 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
52.0156 0332 Cdaudio - ok
52.0171 0332 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
52.0281 0332 Cdfs - ok
52.0296 0332 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
52.0406 0332 Cdrom - ok
52.0421 0332 Changer - ok
52.0421 0332 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
52.0531 0332 CiSvc - ok
52.0546 0332 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
52.0671 0332 ClipSrv - ok
52.0671 0332 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
52.0687 0332 clr_optimization_v2.0.50727_32 - ok
52.0703 0332 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
52.0718 0332 clr_optimization_v4.0.30319_32 - ok
52.0718 0332 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
52.0828 0332 CmBatt - ok
52.0843 0332 CmdIde - ok
52.0843 0332 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
52.0953 0332 Compbatt - ok
52.0953 0332 COMSysApp - ok
52.0968 0332 Cpqarray - ok
52.0968 0332 Crypkey License - ok
52.0984 0332 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
53.0093 0332 CryptSvc - ok
53.0093 0332 [ 5C706C06C1279952D2CC1A609CA948BF ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
53.0125 0332 CVirtA - ok
53.0140 0332 [ C64D9A84723E874BF5168D7BF420F85D ] CVPND C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
53.0218 0332 CVPND - ok
53.0218 0332 [ 03516F6D3B8C91C919DE622196A84BCE ] CVPNDRVA C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
53.0234 0332 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
53.0234 0332 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
53.0234 0332 dac2w2k - ok
53.0234 0332 dac960nt - ok
53.0250 0332 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
53.0281 0332 DcomLaunch - ok
53.0281 0332 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
53.0406 0332 Dhcp - ok
53.0406 0332 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
53.0531 0332 Disk - ok
53.0546 0332 dmadmin - ok
53.0562 0332 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
53.0687 0332 dmboot - ok
53.0703 0332 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
53.0828 0332 dmio - ok
53.0828 0332 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
53.0953 0332 dmload - ok
53.0953 0332 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
54.0078 0332 dmserver - ok
54.0078 0332 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
54.0203 0332 DMusic - ok
54.0218 0332 [ 8101650993B2F79118D2BF24402C390D ] DNE C:\WINDOWS\system32\DRIVERS\dne2000.sys
54.0234 0332 DNE - ok
54.0234 0332 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
54.0250 0332 Dnscache - ok
54.0265 0332 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
54.0359 0332 Dot3svc - ok
54.0375 0332 dpti2o - ok
54.0375 0332 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
54.0484 0332 drmkaud - ok
54.0500 0332 [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
54.0515 0332 dtsoftbus01 - ok
54.0515 0332 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
54.0656 0332 EapHost - ok
54.0656 0332 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
54.0765 0332 ERSvc - ok
54.0781 0332 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
54.0796 0332 Eventlog - ok
54.0812 0332 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
54.0828 0332 EventSystem - ok
54.0828 0332 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
54.0953 0332 Fastfat - ok
54.0968 0332 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
54.0984 0332 FastUserSwitchingCompatibility - ok
54.0984 0332 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
55.0109 0332 Fdc - ok
55.0109 0332 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
55.0234 0332 Fips - ok
55.0234 0332 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
55.0343 0332 Flpydisk - ok
55.0359 0332 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
55.0468 0332 FltMgr - ok
55.0468 0332 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
55.0484 0332 FontCache3.0.0.0 - ok
55.0500 0332 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
55.0609 0332 Fs_Rec - ok
55.0609 0332 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
55.0718 0332 Ftdisk - ok
55.0734 0332 [ 00845DCD64FE6348DDF7890C310C17B9 ] FUJ02B1 C:\WINDOWS\system32\DRIVERS\FUJ02B1.sys
55.0750 0332 FUJ02B1 - ok
55.0750 0332 [ EF9F310F86FD504AFCDCEDF8280091FB ] FUJ02E3 C:\WINDOWS\system32\DRIVERS\FUJ02E3.sys
55.0765 0332 FUJ02E3 - ok
55.0765 0332 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
55.0781 0332 GEARAspiWDM - ok
55.0796 0332 [ DCBFA8269D243A855344E846049CBDAE ] GoogleDesktopManager-060409-093314 C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
55.0796 0332 GoogleDesktopManager-060409-093314 - ok
55.0812 0332 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
55.0921 0332 Gpc - ok
55.0921 0332 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
55.0937 0332 gupdate - ok
55.0953 0332 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
55.0968 0332 gupdatem - ok
55.0968 0332 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
55.0984 0332 gusvc - ok
56.0000 0332 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
56.0109 0332 HDAudBus - ok
56.0109 0332 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
56.0218 0332 helpsvc - ok
56.0234 0332 HidServ - ok
56.0234 0332 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
56.0343 0332 HidUsb - ok
56.0359 0332 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
56.0468 0332 hkmsvc - ok
56.0468 0332 hpn - ok
56.0484 0332 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
56.0500 0332 HTTP - ok
56.0500 0332 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
56.0625 0332 HTTPFilter - ok
56.0625 0332 i2omgmt - ok
56.0640 0332 i2omp - ok
56.0640 0332 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
56.0750 0332 i8042prt - ok
56.0765 0332 [ 6FCB904910DA07C9DC2593D66438FA29 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
56.0828 0332 ialm - ok
56.0828 0332 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
56.0828 0332 IDriverT ( UnsignedFile.Multi.Generic ) - warning
56.0828 0332 IDriverT - detected UnsignedFile.Multi.Generic (1)
56.0859 0332 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
56.0906 0332 idsvc - ok
56.0906 0332 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
57.0015 0332 Imapi - ok
57.0031 0332 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
57.0140 0332 ImapiService - ok
57.0140 0332 ini910u - ok
57.0234 0332 [ 64BE56B8858CA0153C725C720FFD194F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
57.0375 0332 IntcAzAudAddService - ok
57.0390 0332 IntelIde - ok
57.0390 0332 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
57.0500 0332 intelppm - ok
57.0515 0332 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
57.0640 0332 Ip6Fw - ok
57.0640 0332 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
57.0750 0332 IpFilterDriver - ok
57.0750 0332 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
57.0875 0332 IpInIp - ok
57.0875 0332 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
57.0984 0332 IpNat - ok
58.0000 0332 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Programme\iPod\bin\iPodService.exe
58.0031 0332 iPod Service - ok
58.0031 0332 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
58.0156 0332 IPSec - ok
58.0156 0332 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
58.0234 0332 irda - ok
58.0234 0332 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
58.0296 0332 IRENUM - ok
58.0296 0332 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
58.0359 0332 Irmon - ok
58.0359 0332 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
58.0484 0332 isapnp - ok
58.0484 0332 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
58.0500 0332 JavaQuickStarterService - ok
58.0500 0332 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
58.0625 0332 Kbdclass - ok
58.0625 0332 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
58.0750 0332 kbdhid - ok
58.0765 0332 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
58.0875 0332 kmixer - ok
58.0890 0332 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
58.0906 0332 KSecDD - ok
58.0921 0332 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
58.0953 0332 LanmanServer - ok
58.0953 0332 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
58.0968 0332 lanmanworkstation - ok
58.0984 0332 lbrtfdc - ok
59.0000 0332 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
59.0125 0332 LmHosts - ok
59.0140 0332 [ BA1347822D01B2D29C14CF09663A6457 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
59.0156 0332 LVRS - ok
59.0234 0332 [ E2C99D3B692BA2173114C9DF79313B70 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
59.0406 0332 LVUVC - ok
59.0406 0332 [ 4A5FFDF0FE830C448830BD4B02B02B4B ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
59.0421 0332 mbamchameleon - ok
59.0437 0332 [ 5E55BFC76186C213BD8FCB119033FDF7 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
59.0437 0332 MDM ( UnsignedFile.Multi.Generic ) - warning
59.0453 0332 MDM - detected UnsignedFile.Multi.Generic (1)
59.0453 0332 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
59.0562 0332 Messenger - ok
59.0562 0332 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
59.0671 0332 mnmdd - ok
59.0687 0332 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
59.0796 0332 mnmsrvc - ok
59.0812 0332 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
59.0906 0332 Modem - ok
59.0921 0332 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00.0031 0332 Mouclass - ok
00.0046 0332 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00.0156 0332 mouhid - ok
00.0156 0332 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00.0265 0332 MountMgr - ok
00.0281 0332 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
00.0296 0332 MozillaMaintenance - ok
00.0296 0332 mraid35x - ok
00.0312 0332 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00.0406 0332 MRxDAV - ok
00.0421 0332 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00.0453 0332 MRxSmb - ok
00.0453 0332 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00.0578 0332 MSDTC - ok
00.0593 0332 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00.0718 0332 Msfs - ok
00.0734 0332 MSIServer - ok
00.0734 0332 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00.0843 0332 MSKSSRV - ok
00.0843 0332 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00.0953 0332 MSPCLOCK - ok
00.0953 0332 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
01.0078 0332 MSPQM - ok
01.0093 0332 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01.0218 0332 mssmbios - ok
01.0218 0332 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
01.0328 0332 MSTEE - ok
01.0343 0332 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
01.0359 0332 Mup - ok
01.0359 0332 [ A0F0B16316276017E682410B5612A707 ] mv2 C:\WINDOWS\system32\DRIVERS\mv2.sys
01.0375 0332 mv2 - ok
01.0375 0332 MySQL - ok
01.0390 0332 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01.0515 0332 NABTSFEC - ok
01.0531 0332 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
01.0640 0332 napagent - ok
01.0656 0332 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
01.0765 0332 NDIS - ok
01.0781 0332 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01.0890 0332 NdisIP - ok
01.0906 0332 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01.0937 0332 NdisTapi - ok
01.0937 0332 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
02.0046 0332 Ndisuio - ok
02.0062 0332 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
02.0187 0332 NdisWan - ok
02.0187 0332 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
02.0203 0332 NDProxy - ok
02.0218 0332 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\WINDOWS\system32\DRIVERS\netaapl.sys
02.0234 0332 Netaapl - ok
02.0234 0332 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
02.0359 0332 NetBIOS - ok
02.0375 0332 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
02.0484 0332 NetBT - ok
02.0500 0332 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
02.0609 0332 NetDDE - ok
02.0625 0332 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
02.0734 0332 NetDDEdsdm - ok
02.0734 0332 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
02.0843 0332 Netlogon - ok
02.0859 0332 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
02.0968 0332 Netman - ok
02.0968 0332 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
02.0984 0332 NetTcpPortSharing - ok
03.0015 0332 [ E2F396F71A793A04839DBB6AF304A026 ] NETw3x32 C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
03.0078 0332 NETw3x32 - ok
03.0078 0332 [ 32A46F5EDCEC1D791510571AA50B2942 ] NetworkX C:\WINDOWS\system32\ckldrv.sys
03.0093 0332 NetworkX ( UnsignedFile.Multi.Generic ) - warning
03.0093 0332 NetworkX - detected UnsignedFile.Multi.Generic (1)
03.0093 0332 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
03.0218 0332 NIC1394 - ok
03.0218 0332 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
03.0234 0332 Nla - ok
03.0250 0332 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
03.0343 0332 Npfs - ok
03.0359 0332 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
03.0484 0332 Ntfs - ok
03.0484 0332 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
03.0593 0332 NtLmSsp - ok
03.0609 0332 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
03.0718 0332 NtmsSvc - ok
03.0734 0332 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
03.0828 0332 Null - ok
03.0843 0332 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
03.0953 0332 NwlnkFlt - ok
03.0953 0332 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
04.0062 0332 NwlnkFwd - ok
04.0062 0332 [ A7B4D345D0F160649AA7CDC37E5C1A28 ] O2Flash C:\WINDOWS\system32\o2flash.exe
04.0078 0332 O2Flash ( UnsignedFile.Multi.Generic ) - warning
04.0078 0332 O2Flash - detected UnsignedFile.Multi.Generic (1)
04.0078 0332 [ 3201B873D5D296F926981C7477CD598A ] O2MDRDR C:\WINDOWS\system32\DRIVERS\o2media.sys
04.0093 0332 O2MDRDR - ok
04.0093 0332 [ 552F07EA923CB37FE586B5FEE080876E ] O2SDRDR C:\WINDOWS\system32\DRIVERS\o2sd.sys
04.0109 0332 O2SDRDR - ok
04.0125 0332 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
04.0218 0332 ohci1394 - ok
04.0234 0332 OracleMTSRecoveryService - ok
04.0234 0332 OracleOraDb11g_home1ClrAgent - ok
04.0250 0332 [ AB2B07AC4AFD38F574D903EAF9E98A60 ] OZSCR C:\WINDOWS\system32\DRIVERS\ozscr.sys
04.0265 0332 OZSCR - ok
04.0265 0332 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
04.0375 0332 Parport - ok
04.0375 0332 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
04.0484 0332 PartMgr - ok
04.0500 0332 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
04.0593 0332 ParVdm - ok
04.0609 0332 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
04.0703 0332 PCI - ok
04.0718 0332 PCIDump - ok
04.0718 0332 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
04.0828 0332 PCIIde - ok
04.0828 0332 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
04.0937 0332 Pcmcia - ok
04.0937 0332 PDCOMP - ok
04.0937 0332 PDFRAME - ok
04.0953 0332 PDRELI - ok
04.0953 0332 PDRFRAME - ok
04.0953 0332 perc2 - ok
04.0968 0332 perc2hib - ok
04.0984 0332 [ D2D2FA02B722336960EEAE0AE7107891 ] PID_0928 C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
05.0015 0332 PID_0928 - ok
05.0015 0332 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
05.0031 0332 PlugPlay - ok
05.0031 0332 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
05.0140 0332 PolicyAgent - ok
05.0140 0332 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
05.0250 0332 PptpMiniport - ok
05.0265 0332 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
05.0359 0332 ProtectedStorage - ok
05.0375 0332 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
05.0468 0332 PSched - ok
05.0484 0332 [ C8EB36910D3BD582891977E80925E21E ] PSSDK42 C:\WINDOWS\system32\Drivers\pssdk42.sys
05.0500 0332 PSSDK42 - ok
05.0500 0332 [ 0BEC7B42F4093400509821C63F13F1D5 ] PSSDKLBF C:\WINDOWS\system32\Drivers\pssdklbf.sys
05.0515 0332 PSSDKLBF - ok
05.0515 0332 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
05.0625 0332 Ptilink - ok
05.0625 0332 ql1080 - ok
05.0640 0332 Ql10wnt - ok
05.0640 0332 ql12160 - ok
05.0640 0332 ql1240 - ok
05.0640 0332 ql1280 - ok
05.0656 0332 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
05.0750 0332 RasAcd - ok
...
08.0187 0332 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
08.0296 0332 SENS - ok
08.0296 0332 sentemul - ok
08.0296 0332 [ AEBBA7428A6C40CCE3C5ABDE45190B24 ] Sentinel C:\WINDOWS\system32\drivers\sentinel.sys
08.0312 0332 Sentinel ( UnsignedFile.Multi.Generic ) - warning
08.0312 0332 Sentinel - detected UnsignedFile.Multi.Generic (1)
08.0312 0332 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
08.0421 0332 serenum - ok
08.0421 0332 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
08.0531 0332 Serial - ok
08.0546 0332 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
08.0640 0332 Sfloppy - ok
08.0656 0332 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
08.0781 0332 SharedAccess - ok
08.0796 0332 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08.0812 0332 ShellHWDetection - ok
08.0812 0332 Simbad - ok
08.0828 0332 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
08.0937 0332 SLIP - ok
08.0937 0332 [ D03A4CDB1B089E3F6C23501339506E5E ] SMCIRDA C:\WINDOWS\system32\DRIVERS\smcirda.sys
09.0000 0332 SMCIRDA - ok
09.0000 0332 [ A1FF7D99B199CEA1F3DF371BA70D2780 ] Sntnlusb C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
09.0031 0332 Sntnlusb - ok
09.0031 0332 Sparrow - ok
09.0031 0332 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09.0140 0332 splitter - ok
09.0156 0332 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09.0171 0332 Spooler - ok
09.0171 0332 [ 5501EE14991F3DCBF2014439260AA19B ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09.0171 0332 sr ( UnsignedFile.Multi.Generic ) - warning
09.0171 0332 sr - detected UnsignedFile.Multi.Generic (1)
09.0187 0332 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
09.0250 0332 srservice - ok
09.0250 0332 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09.0281 0332 Srv - ok
09.0281 0332 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09.0343 0332 SSDPSRV - ok
09.0343 0332 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
09.0359 0332 ssmdrv - ok
09.0375 0332 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09.0484 0332 stisvc - ok
09.0484 0332 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09.0609 0332 streamip - ok
09.0625 0332 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09.0734 0332 swenum - ok
09.0750 0332 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09.0875 0332 swmidi - ok
09.0875 0332 SwPrv - ok
09.0875 0332 symc810 - ok
09.0890 0332 symc8xx - ok
09.0906 0332 sym_hi - ok
09.0906 0332 sym_u3 - ok
09.0921 0332 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10.0046 0332 sysaudio - ok
10.0046 0332 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10.0156 0332 SysmonLog - ok
10.0171 0332 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10.0296 0332 TapiSrv - ok
10.0312 0332 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10.0343 0332 Tcpip - ok
10.0359 0332 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10.0484 0332 TDPIPE - ok
10.0500 0332 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10.0625 0332 TDTCP - ok
10.0625 0332 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10.0750 0332 TermDD - ok
10.0765 0332 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
10.0875 0332 TermService - ok
10.0890 0332 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
10.0906 0332 Themes - ok
10.0906 0332 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
10.0968 0332 TlntSvr - ok
10.0968 0332 TosIde - ok
10.0984 0332 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
11.0109 0332 TrkWks - ok
11.0125 0332 [ 596BF95189AD63FE7F02EDDDA596A4A2 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11.0140 0332 Udfs ( UnsignedFile.Multi.Generic ) - warning
11.0140 0332 Udfs - detected UnsignedFile.Multi.Generic (1)
11.0140 0332 ultra - ok
11.0156 0332 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11.0265 0332 Update - ok
11.0281 0332 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
11.0343 0332 upnphost - ok
11.0343 0332 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
11.0468 0332 UPS - ok
11.0468 0332 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
11.0484 0332 USBAAPL - ok
11.0500 0332 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
11.0609 0332 usbaudio - ok
11.0609 0332 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11.0718 0332 usbccgp - ok
11.0734 0332 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11.0843 0332 usbehci - ok
11.0843 0332 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11.0968 0332 usbhub - ok
11.0968 0332 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12.0078 0332 usbprint - ok
12.0078 0332 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12.0203 0332 usbscan - ok
12.0203 0332 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12.0328 0332 USBSTOR - ok
12.0328 0332 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12.0437 0332 usbuhci - ok
12.0453 0332 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
12.0578 0332 usbvideo - ok
12.0578 0332 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12.0687 0332 VgaSave - ok
12.0703 0332 ViaIde - ok
12.0703 0332 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12.0828 0332 VolSnap - ok
12.0828 0332 [ 27B3DD12A19EEC50220DF15B64913DDA ] vsdatant C:\WINDOWS\system32\vsdatant.sys
12.0859 0332 vsdatant - ok
12.0859 0332 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
12.0921 0332 VSS - ok
12.0937 0332 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
13.0046 0332 W32Time - ok
13.0046 0332 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13.0156 0332 Wanarp - ok
13.0171 0332 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
13.0203 0332 Wdf01000 - ok
13.0203 0332 WDICA - ok
13.0203 0332 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13.0328 0332 wdmaud - ok
13.0328 0332 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
13.0453 0332 WebClient - ok
13.0468 0332 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13.0578 0332 winmgmt - ok
13.0578 0332 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
13.0703 0332 WmdmPmSN - ok
13.0718 0332 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
13.0750 0332 Wmi - ok
13.0765 0332 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13.0859 0332 WmiApSrv - ok
13.0875 0332 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13.0921 0332 WPFFontCache_v0400 - ok
13.0921 0332 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14.0046 0332 wscsvc - ok
14.0046 0332 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14.0171 0332 WSTCODEC - ok
14.0171 0332 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14.0281 0332 wuauserv - ok
14.0296 0332 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14.0406 0332 WZCSVC - ok
14.0421 0332 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14.0531 0332 xmlprov - ok
14.0546 0332 [ 05D48E56EA2612D39A4E7F0ECC17B917 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
14.0578 0332 yukonwxp - ok
14.0578 0332 ================ Scan global ===============================
14.0593 0332 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
14.0593 0332 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
14.0609 0332 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
14.0609 0332 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
14.0625 0332 [Global] - ok
14.0625 0332 ================ Scan MBR ==================================
14.0625 0332 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14.0703 0332 \Device\Harddisk0\DR0 - ok
14.0703 0332 ================ Scan VBR ==================================
14.0718 0332 [ E6620D8085E514F90A7074B9FA2C063D ] \Device\Harddisk0\DR0\Partition1
14.0718 0332 \Device\Harddisk0\DR0\Partition1 - ok
14.0718 0332 [ B4F707E1375EEB2F452ACB9C0302697D ] \Device\Harddisk0\DR0\Partition2
14.0718 0332 \Device\Harddisk0\DR0\Partition2 - ok
14.0718 0332 ============================================================
14.0718 0332 Scan finished
14.0718 0332 ============================================================
14.0828 1892 Detected object count: 9
14.0828 1892 Actual detected object count: 9
44.0312 1892 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
44.0312 1892 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
44.0312 1892 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
44.0312 1892 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip
44.0312 1892 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
44.0312 1892 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
44.0328 1892 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
44.0328 1892 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
44.0328 1892 NetworkX ( UnsignedFile.Multi.Generic ) - skipped by user
44.0328 1892 NetworkX ( UnsignedFile.Multi.Generic ) - User select action: Skip
44.0328 1892 O2Flash ( UnsignedFile.Multi.Generic ) - skipped by user
44.0328 1892 O2Flash ( UnsignedFile.Multi.Generic ) - User select action: Skip
44.0328 1892 Sentinel ( UnsignedFile.Multi.Generic ) - skipped by user
44.0328 1892 Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Skip
44.0328 1892 sr ( UnsignedFile.Multi.Generic ) - skipped by user
44.0328 1892 sr ( UnsignedFile.Multi.Generic ) - User select action: Skip
44.0328 1892 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
44.0328 1892 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
46.0468 3192 Deinitialize success
Vielen vielen Dank |
|
25.05.2013, 00:17
| #2 |
| /// TB-Ausbilder   | Suchmaschinen Weiterleitung auf Werbeseiten Hallo milchi und
__________________ Mein Name ist Leo und ich werde dich durch die Bereinigung deines Rechners begleiten. Eins vorneweg: Ich kann dir keine Garantien geben, dass ich alles finden werde. Bei schwerwiegenden Infektionen ist ein Formatieren und Neuinstallieren meist der schnellere und immer der sicherere Weg. Wenn du dich für eine Bereinigung entscheidest, dann sollten wir gründlich vorgehen. Bleib also dran, bis ich dir eindeutig mitteile, dass wir fertig sind. Auch wenn die auffälligen Symptome schon früh verschwinden, bedeutet das nicht, dass dein Rechner dann schon sauber und sicher ist.  Hinweise zum Ablauf
Los geht's: Bevor man reihenweise dieser Spezialtools raushaut, sollte man mal einen Überblick über die Lage gewinnen: Schritt 1 Lade dir bitte OTL (von Oldtimer) herunter und speichere es auf deinen Desktop.
Bitte poste in deiner nächsten Antwort:
__________________ |
|
25.05.2013, 00:29
| #3 |
| | Suchmaschinen Weiterleitung auf Werbeseiten OTL Logfile:
__________________OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 25.05.2013 01:22:13 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,24 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 74,93% Memory free 5,08 Gb Paging File | 4,27 Gb Available in Paging File | 83,97% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 70,62 Gb Total Space | 3,69 Gb Free Space | 5,22% Space Free | Partition Type: NTFS Drive F: | 1,83 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: *** | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Dropbox\delphi\projekte\RML\PC Laufzeit\laufzeit.exe () PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\oracle\***\product\11.2.0\dbhome_1\BIN\omtsreco.exe (Oracle Corporation) PRC - C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe () PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems) PRC - C:\WINDOWS\system32\o2flash.exe (O2Micro International) PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\Crypserv.exe (Kenonic Controls Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Dropbox\delphi\projekte\RML\PC Laufzeit\laufzeit.exe () MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll () MOD - C:\Programme\Notepad++\NppShell_05.dll () MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\oracle\***\product\11.2.0\dbhome_1\BIN\oraperf11.dll () MOD - C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe () MOD - C:\Programme\MySQL\MySQL Server 5.0\bin\libmySQL.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\WINDOWS\system32\vpnapi.dll () MOD - C:\WINDOWS\system32\redmonnt.dll () MOD - C:\WINDOWS\system32\pdfcmnnt.dll () ========== Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Rfc2IBHLink) -- C:\WINDOWS\system32\Rfc2IBHLink.exe (IBH softec Gesellschaft für Automatisierungstechnik mbH Turmstrasse 77 D-64743 Beerfelden / Odw. hxxp://www.ibhsoftec.de ) SRV - (OracleMTSRecoveryService) -- C:\oracle\***\product\11.2.0\dbhome_1\bin\omtsreco.exe (Oracle Corporation) SRV - (OracleOraDb11g_home1ClrAgent) -- C:\oracle\***\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe (Oracle Corporation) SRV - (MySQL) -- C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe () SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems) SRV - (O2Flash) -- C:\WINDOWS\system32\o2flash.exe (O2Micro International) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation) SRV - (Crypkey License) -- C:\WINDOWS\System32\Crypserv.exe (Kenonic Controls Ltd.) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (sentemul) -- C:\WINDOWS\system32\drivers\sentemul.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (aswMBR) -- C:\DOKUME~1\***~1\LOKALE~1\Temp\aswMBR.sys File not found DRV - (mbamchameleon) -- C:\WINDOWS\system32\drivers\mbamchameleon.sys () DRV - (LVUVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH) DRV - (Netaapl) -- C:\WINDOWS\system32\drivers\netaapl.sys (Apple Inc.) DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (PSSDKLBF) -- C:\WINDOWS\system32\drivers\pssdklbf.sys (microOLAP Technologies LTD) DRV - (PSSDK42) -- C:\WINDOWS\system32\drivers\pssdk42.sys (microOLAP Technologies LTD) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (PID_0928) -- C:\WINDOWS\system32\drivers\LV561AV.SYS (Logitech Inc.) DRV - (mv2) -- C:\WINDOWS\system32\drivers\mv2.sys (UVNC BVBA) DRV - (Udfs) -- C:\WINDOWS\System32\drivers\udfs.sys () DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec) DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems) DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (O2SDRDR) -- C:\WINDOWS\system32\drivers\o2sd.sys (O2Micro ) DRV - (O2MDRDR) -- C:\WINDOWS\system32\drivers\o2media.sys (O2Micro ) DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (OZSCR) -- C:\WINDOWS\system32\drivers\ozscr.sys (O2Micro) DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC) DRV - (FUJ02E3) -- C:\WINDOWS\system32\drivers\fuj02e3.sys (FUJITSU LIMITED) DRV - (Sentinel) -- C:\WINDOWS\system32\drivers\SENTINEL.SYS (Rainbow Technologies, Inc.) DRV - (Sntnlusb) -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS (Rainbow Technologies Inc.) DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC) DRV - (FUJ02B1) -- C:\WINDOWS\system32\drivers\fuj02b1.sys (FUJITSU LIMITED) DRV - (NetworkX) -- C:\WINDOWS\system32\Ckldrv.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=gppc IE - HKCU\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4 IE - HKCU\..\SearchScopes\{6F76E322-963F-40B0-BC8C-3BA7492A080B}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=C0FC9B7B-C98A-4E4F-B31B-7D0BAEBFE917&apn_sauid=29458968-044E-41D7-BE23-72CA9C4235F3 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Programme\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npdeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.0: C:\Programme\Microsoft\Web Platform Installer\\npwpidetector.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gamescenter@gamescenter.com: C:\Programme\GamesCenter\GamesCenter.xpi [2013.02.01 10:03:00 | 000,037,470 | ---- | M] () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.05.24 10:31:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.05.24 10:31:41 | 000,000,000 | ---D | M] [2010.04.06 12:55:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions [2013.05.24 10:31:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.05.24 10:31:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2013.05.24 10:31:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.05.24 10:31:47 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.03.08 00:29:38 | 000,244,736 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Programme\mozilla firefox\plugins\npEModelPlugin.dll [2011.05.15 23:51:01 | 000,002,047 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\fcmdSrch.xml ========== Chrome ========== CHR - default_search_provider: Ask (Enabled) CHR - default_search_provider: search_url = hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=C0FC9B7B-C98A-4E4F-B31B-7D0BAEBFE917&apn_ptnrs=U3&apn_sauid=29458968-044E-41D7-BE23-72CA9C4235F3&apn_dtid=OSJ000YYDE&q={searchTerms} CHR - default_search_provider: suggest_url = hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms} CHR - homepage: hxxp://start.facemoods.com/?a=gppc CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\26.0.1410.64\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: GWT DMP Plugin (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jpjpnpmbddbjkfaccnmhnkdgjideieim\1.0.9738_0\WINNT_x86-msvc/npGwtDevPlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: NPCIG.dll (Enabled) = C:\Programme\Canon\ZoomBrowser EX\Program\NPCIG.dll CHR - plugin: Picasa (Enabled) = C:\Programme\Google\Picasa3\npPicasa3.dll CHR - plugin: WPI Detector 1.1 (Enabled) = C:\Programme\Microsoft\Web Platform Installer\\npwpidetector.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Programme\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Programme\Veetle\plugins\npVeetle.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: Google Drive = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Games Center = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dehjbbcmklelglapfndfbomoaooippkb\1.0_1\ CHR - Extension: GWT Developer Plugin = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jpjpnpmbddbjkfaccnmhnkdgjideieim\1.0.11338_0\ CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2008.08.21 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\RunOnce: [Z1] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation) O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\laufzeit.lnk = C:\Dropbox\delphi\projekte\RML\PC Laufzeit\laufzeit.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45) O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.7.0_15) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.255.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{55CFB9DD-BD76-46DF-9437-953FDAC44774}: DhcpNameServer = 192.168.255.254 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2003.02.11 09:08:34 | 000,000,045 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{dc2ef15f-6e86-11e1-8301-0018de6bb26b}\Shell - "" = AutoRun O33 - MountPoints2\{dc2ef15f-6e86-11e1-8301-0018de6bb26b}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{dc2ef15f-6e86-11e1-8301-0018de6bb26b}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{f18f320e-c96b-11df-8246-0018de6bb26b}\Shell - "" = AutoRun O33 - MountPoints2\{f18f320e-c96b-11df-8246-0018de6bb26b}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{f18f320e-c96b-11df-8246-0018de6bb26b}\Shell\AutoRun\command - "" = "D:\WD SmartWare.exe" autoplay=true O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.05.24 18:11:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2013.05.24 13:20:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads [2013.05.24 13:19:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Alte Firefox-Daten [2013.05.24 10:31:40 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2013.05.21 19:30:57 | 000,000,000 | ---D | C] -- C:\Programme\Paint.NET [2013.05.21 19:30:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Paint.NET [2013.05.21 12:36:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\XnView [2013.05.21 12:36:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\XnView [2013.05.21 12:36:36 | 000,000,000 | ---D | C] -- C:\Programme\XnView [2013.05.17 13:23:19 | 000,000,000 | ---D | C] -- C:\Programme\Western Digital Corporation [2013.05.16 13:07:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\GExperts [2013.05.16 13:06:52 | 000,000,000 | ---D | C] -- C:\Programme\GExperts for BDS 2006 [2013.05.16 13:06:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\GExperts for BDS 2006 [2013.05.15 19:57:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Notepad++ [2013.05.15 19:57:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Notepad++ [2013.05.15 19:57:22 | 000,000,000 | ---D | C] -- C:\Programme\Notepad++ [2013.05.15 19:57:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Notepad++ [2013.05.14 20:53:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\EDrawings [2013.05.14 20:49:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SolidWorks 2013 [2013.05.14 20:49:42 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\eDrawings2013 [2013.05.13 20:43:18 | 000,000,000 | ---D | C] -- C:\Programme\Safari [2013.05.11 19:29:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\meyer [2013.05.07 15:49:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\workspace [2013.05.07 15:03:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Studie [2013.05.06 21:54:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\me [2013.05.02 11:27:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Oracle SQL Developer Data Modeler [2013.04.29 22:41:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Sentinel Emulator [2013.04.29 22:41:34 | 000,000,000 | ---D | C] -- C:\Programme\SentEmul [2013.04.29 22:38:38 | 000,020,000 | ---- | C] (C-Map) -- C:\WINDOWS\System32\drivers\cmapusb.sys [2013.04.29 22:38:37 | 000,018,013 | ---- | C] (C-Map) -- C:\WINDOWS\System32\drivers\cmap_pc2.sys [2013.04.29 22:38:37 | 000,016,088 | ---- | C] (C-Map) -- C:\WINDOWS\System32\drivers\cmapldr.sys [2013.04.29 22:38:37 | 000,000,000 | ---D | C] -- C:\Programme\C-Map [2013.04.29 22:37:53 | 000,192,512 | ---- | C] (C-Map Russia) -- C:\WINDOWS\System32\CMGBase.dll [2013.04.29 22:37:50 | 000,165,888 | ---- | C] (Kenonic Controls) -- C:\WINDOWS\Ckconfig.exe [2013.04.29 22:37:50 | 000,052,224 | ---- | C] (Kenonic Controls Ltd.) -- C:\WINDOWS\System32\Crypserv.exe [2013.04.29 22:37:48 | 000,026,120 | ---- | C] (Rainbow Technologies Inc.) -- C:\WINDOWS\System32\drivers\SNTNLUSB.SYS [2013.04.29 22:37:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RNBOSENT [2013.04.29 22:37:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MaxSea Dienstprogramme [2013.04.29 22:37:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Drivers [2013.04.29 22:36:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Polar [2013.04.29 22:36:25 | 000,000,000 | ---D | C] -- C:\Programme\I&M [2013.04.25 13:23:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\SQL Developer [2013.04.25 13:22:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Oracle SQL Developer Data Modeler [2013.04.25 13:05:02 | 000,000,000 | ---D | C] -- C:\Programme\Sun [2013.04.25 12:53:11 | 000,000,000 | ---D | C] -- C:\Programme\WinSCP [2013.04.25 12:53:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\WinSCP [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.25 01:19:00 | 000,001,106 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.05.24 19:56:51 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\MBR.dat [2013.05.24 19:44:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.05.24 19:29:01 | 000,001,246 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-641613935-3379061909-3612515523-1004UA.job [2013.05.24 18:11:57 | 000,035,144 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [2013.05.24 15:13:34 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.05.24 15:13:09 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.05.24 15:13:03 | 000,000,320 | ---- | M] () -- C:\WINDOWS\tasks\Lpxincengj.job [2013.05.24 15:13:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.05.24 15:13:00 | 3479,162,880 | -HS- | M] () -- C:\hiberfil.sys [2013.05.24 09:29:00 | 000,001,194 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-641613935-3379061909-3612515523-1004Core.job [2013.05.23 17:51:10 | 000,000,600 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\winscp.rnd [2013.05.23 16:57:57 | 000,212,992 | RHS- | M] () -- C:\WINDOWS\System32\msvcrt7.dll [2013.05.22 14:18:47 | 000,000,226 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\li.html [2013.05.21 19:31:06 | 000,000,840 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Paint.NET.lnk [2013.05.19 11:06:08 | 000,000,701 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\klap.html [2013.05.17 15:44:29 | 000,000,210 | -HS- | M] () -- C:\boot.ini [2013.05.17 13:45:17 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013.05.17 13:45:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013.05.16 14:46:07 | 000,068,440 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat [2013.05.16 10:42:23 | 000,320,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.05.15 23:52:54 | 000,518,600 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.05.15 23:52:54 | 000,496,448 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.05.15 23:52:54 | 000,099,740 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.05.15 23:52:54 | 000,083,770 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.05.15 23:49:43 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.05.14 20:49:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI [2013.05.11 16:49:41 | 000,712,898 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\12-12-05-ov-hsp-21-4c-hd.pdf [2013.05.10 10:29:06 | 000,019,254 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\mit.bmp [2013.05.07 06:27:17 | 006,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2013.05.04 16:29:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013.05.03 13:14:00 | 000,000,515 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Verknüpfung mit fertig.lnk [2013.05.03 13:13:04 | 000,042,951 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\012429e28e0cc0bc2d396a0560a21144.jpg [2013.05.01 09:17:35 | 000,001,680 | ---- | M] () -- C:\WINDOWS\System32\esnecil.ind [2013.04.29 22:43:18 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Maxsea.ini [2013.04.29 22:40:53 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Arcs&SeafarerConfig.INI [2013.04.29 22:39:40 | 000,001,680 | ---- | M] () -- C:\WINDOWS\System32\esnecil.nlp [2013.04.29 22:37:52 | 000,000,040 | ---- | M] () -- C:\WINDOWS\Crypkey.ini [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.24 19:56:51 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\MBR.dat [2013.05.24 18:11:57 | 000,035,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [2013.05.23 16:57:58 | 000,000,320 | ---- | C] () -- C:\WINDOWS\tasks\Lpxincengj.job [2013.05.23 16:57:57 | 000,212,992 | RHS- | C] () -- C:\WINDOWS\System32\msvcrt7.dll [2013.05.22 11:59:05 | 000,000,226 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\li.html [2013.05.21 19:31:06 | 000,000,846 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Paint.NET.lnk [2013.05.21 19:31:06 | 000,000,840 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Paint.NET.lnk [2013.05.19 09:58:11 | 000,000,701 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\klap.html [2013.05.14 20:49:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI [2013.05.13 20:43:25 | 000,002,169 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Safari.lnk [2013.05.11 16:49:33 | 000,712,898 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\12-12-05-ov-hsp-21-4c-hd.pdf [2013.05.10 10:26:07 | 000,019,254 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\mit.bmp [2013.05.03 13:14:00 | 000,000,515 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Verknüpfung mit fertig.lnk [2013.05.03 13:12:07 | 000,042,951 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\012429e28e0cc0bc2d396a0560a21144.jpg [2013.04.29 22:40:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Arcs&SeafarerConfig.INI [2013.04.29 22:39:40 | 000,001,680 | ---- | C] () -- C:\WINDOWS\System32\esnecil.nlp [2013.04.29 22:39:40 | 000,001,680 | ---- | C] () -- C:\WINDOWS\System32\esnecil.ind [2013.04.29 22:38:00 | 000,000,392 | ---- | C] () -- C:\WINDOWS\Maxsea.ini [2013.04.29 22:37:52 | 000,000,040 | ---- | C] () -- C:\WINDOWS\Crypkey.ini [2013.04.29 22:37:50 | 000,027,648 | R--- | C] () -- C:\WINDOWS\Setup_ck.exe [2013.04.29 22:37:50 | 000,024,608 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys [2013.04.29 22:37:50 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll [2013.04.29 22:37:50 | 000,011,776 | ---- | C] () -- C:\WINDOWS\Ckrfresh.exe [2013.02.01 10:04:24 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2013.02.01 10:02:59 | 000,107,520 | RHS- | C] () -- C:\WINDOWS\System32\TAKDSDecoder.dll [2012.09.21 21:08:36 | 010,919,784 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll [2012.09.21 21:08:36 | 000,338,136 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll [2012.09.21 21:08:36 | 000,103,272 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe [2012.07.29 11:56:44 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\***\test.sql [2012.07.19 14:18:05 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\datedll.dll [2012.07.19 14:18:04 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\mutils40.dll [2012.06.21 16:36:05 | 000,001,281 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.recently-used.xbel [2012.05.22 17:38:15 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini [2012.03.20 12:03:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.02.16 12:19:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.11.26 16:22:59 | 000,262,242 | ---- | C] () -- C:\WINDOWS\System32\S5Lan++_V110.bin [2011.11.26 16:22:59 | 000,131,170 | ---- | C] () -- C:\WINDOWS\System32\S5Lan_V72.bin [2011.11.26 16:22:59 | 000,116,576 | ---- | C] () -- C:\WINDOWS\System32\IBHNETST_eng.dll [2011.11.26 16:22:59 | 000,083,808 | ---- | C] () -- C:\WINDOWS\System32\IBH_NETPDL_eng.dll [2011.11.26 16:22:58 | 000,132,960 | ---- | C] () -- C:\WINDOWS\System32\IBHLink_eng.dll [2011.10.07 22:30:12 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\PWiaExt.dll [2011.10.07 22:30:11 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\PSlide.dll [2011.10.07 22:30:11 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\daspi32u.dll [2011.10.07 22:30:11 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\IO_PORT.DLL [2011.10.07 22:30:11 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\FVC.DLL [2011.10.07 22:30:11 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\SQ1394.DLL [2011.10.07 22:30:11 | 000,010,624 | ---- | C] () -- C:\WINDOWS\System32\GENEUSB.SYS [2011.08.22 10:48:12 | 000,000,036 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.org.eclipse.epp.usagedata.recording.userId [2011.01.14 11:12:15 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\winscp.rnd [2010.11.18 15:04:58 | 000,000,091 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.vpsuite_installation.xml [2010.11.18 15:01:37 | 000,000,134 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.vpinstall.properties [2010.10.27 13:12:04 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND [2010.05.23 13:25:10 | 000,051,200 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.04.21 23:02:28 | 000,000,147 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2010.04.11 23:20:02 | 000,000,080 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib ========== ZeroAccess Check ========== [2010.04.21 23:01:01 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2010.12.21 00:14:52 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.08.21 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 144 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:E3E746AD @Alternate Data Stream - 133 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:29C60577 @Alternate Data Stream - 127 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:5BCD33F0 < End of report > --- --- --- OTL Logfile: OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 25.05.2013 01:22:13 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,24 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 74,93% Memory free 5,08 Gb Paging File | 4,27 Gb Available in Paging File | 83,97% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 70,62 Gb Total Space | 3,69 Gb Free Space | 5,22% Space Free | Partition Type: NTFS Drive F: | 1,83 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: *** | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [CEWE FOTOSCHAU] -- "C:\Programme\OnlineFotoservice\OnlineFotoservice\CEWE FOTOSCHAU.exe" -d "%1" () Directory [Digital Photo Professional] -- C:\Programme\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OnlineFotoservice] -- "C:\Programme\OnlineFotoservice\OnlineFotoservice\OnlineFotoservice.exe" "%1" () Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "5910:TCP" = 5910:TCP:*:Enabled:vnc5910 "5900:TCP" = 5900:TCP:*:Enabled:vnc5900 "5800:TCP" = 5800:TCP:*:Enabled:vnc5800 "3306:TCP" = 3306:TCP:*:Enabled:MySQL Server ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "C:\Programme\scanCONTROL Configuration Tools 2.2\scanCONTROL Configuration Tools 2.2.exe" = C:\Programme\scanCONTROL Configuration Tools 2.2\scanCONTROL Configuration Tools 2.2.exe:*:Enabled:scanCONTROL Configuration Tools 2.2 -- (Micro-Epsilon Messtechnik GmbH & Co. KG) "C:\Programme\scanCONTROL Configuration Tools 2.2\Ethernet Configurator.exe" = C:\Programme\scanCONTROL Configuration Tools 2.2\Ethernet Configurator.exe:*:Enabled:scanCONTROL Configuration Tools 2.2 Ethernet Configurator -- (MICRO-EPSILON Optronic GmbH) "C:\Programme\scanCONTROL 3D-View 2.1\scanCONTROL 3D-View 2.1.exe" = C:\Programme\scanCONTROL 3D-View 2.1\scanCONTROL 3D-View 2.1.exe:*:Enabled:scanCONTROL 3D-View 2.1 -- (Micro-Epsilon Messtechnik GmbH & Co. KG) "C:\Programme\scanCONTROL 3D-View 2.1\Ethernet Configurator.exe" = C:\Programme\scanCONTROL 3D-View 2.1\Ethernet Configurator.exe:*:Enabled:scanCONTROL 3D-View 2.1 Ethernet Configurator -- (MICRO-EPSILON Optronic GmbH) "C:\Programme\scanCONTROL Development 1.7\Iconnect.7.0\ICONNECT.exe" = C:\Programme\scanCONTROL Development 1.7\Iconnect.7.0\ICONNECT.exe:*:Enabled:scanCONTROL Development 1.7 -- (Micro-Epsilon Messtechnik GmbH & Co. KG) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Dokumente und Einstellungen\***\Eigene Dateien\Borland Studio-Projekte\Project1.exe" = C:\Dokumente und Einstellungen\***\Eigene Dateien\Borland Studio-Projekte\Project1.exe:*:Enabled:Project1 -- () "D:\hochladen\Project1.exe" = D:\hochladen\Project1.exe:*:Enabled:Project1 "C:\web\xampp\apache\bin\httpd.exe" = C:\web\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server "C:\web\xampp\mysql\bin\mysqld.exe" = C:\web\xampp\mysql\bin\mysqld.exe:*:Enabled:The MySQL Server "C:\delphi\projekte\Ostendorf Kunststoffe\werk 2\programme\watchdog\controll.exe" = C:\delphi\projekte\Ostendorf Kunststoffe\werk 2\programme\watchdog\controll.exe:*:Enabled:controll "C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Programme\eclipse\eclipse.exe" = C:\Programme\eclipse\eclipse.exe:*:Enabled:eclipse -- () "C:\Programme\RealVNC\VNC4\vncviewer.exe" = C:\Programme\RealVNC\VNC4\vncviewer.exe:*:Enabled:VNC Viewer Free Edition for Win32 -- (RealVNC Ltd.) "C:\Dokumente und Einstellungen\***\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\***\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.) "C:\Programme\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" = C:\Programme\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe:*:Enabled:VLC Streamer "C:\Programme\Hobbyist Software\VLC Streamer\mdnsresponder.exe" = C:\Programme\Hobbyist Software\VLC Streamer\mdnsresponder.exe:*:Enabled:VLC Streamer Bonjour Service "C:\Programme\Maple 14\jre\bin\maple.exe" = C:\Programme\Maple 14\jre\bin\maple.exe:*:Enabled:Maple 14 "C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- (Apple Inc.) "C:\WINDOWS\system32\IBHLink.exe" = C:\WINDOWS\system32\IBHLink.exe:*:Enabled:IBHLink Einstellungen -- (IBH softec Gesellschaft für Automatisierungstechnik mbH Turmstrasse 77 D-64743 Beerfelden / Odw. hxxp://www.ibhsoftec.de ) "C:\Programme\Unreal\System\UnrealTournament.exe" = C:\Programme\Unreal\System\UnrealTournament.exe:*:Enabled:UnrealTournament "C:\Programme\Unreal\GTA 2 2\gta2.exe" = C:\Programme\Unreal\GTA 2 2\gta2.exe:*:Enabled:GTA2 main executable "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen -- (Microsoft Corporation) "C:\Programme\WHS ProStation\WHS ProStation.exe" = C:\Programme\WHS ProStation\WHS ProStation.exe:*:Enabled:WHS ProStation "C:\Programme\scanCONTROL Configuration Tools 2.2\scanCONTROL Configuration Tools 2.2.exe" = C:\Programme\scanCONTROL Configuration Tools 2.2\scanCONTROL Configuration Tools 2.2.exe:*:Enabled:scanCONTROL Configuration Tools 2.2 -- (Micro-Epsilon Messtechnik GmbH & Co. KG) "C:\Programme\scanCONTROL Configuration Tools 2.2\Ethernet Configurator.exe" = C:\Programme\scanCONTROL Configuration Tools 2.2\Ethernet Configurator.exe:*:Enabled:scanCONTROL Configuration Tools 2.2 Ethernet Configurator -- (MICRO-EPSILON Optronic GmbH) "C:\Programme\scanCONTROL 3D-View 2.1\scanCONTROL 3D-View 2.1.exe" = C:\Programme\scanCONTROL 3D-View 2.1\scanCONTROL 3D-View 2.1.exe:*:Enabled:scanCONTROL 3D-View 2.1 -- (Micro-Epsilon Messtechnik GmbH & Co. KG) "C:\Programme\scanCONTROL 3D-View 2.1\Ethernet Configurator.exe" = C:\Programme\scanCONTROL 3D-View 2.1\Ethernet Configurator.exe:*:Enabled:scanCONTROL 3D-View 2.1 Ethernet Configurator -- (MICRO-EPSILON Optronic GmbH) "C:\Programme\scanCONTROL Development 1.7\Iconnect.7.0\ICONNECT.exe" = C:\Programme\scanCONTROL Development 1.7\Iconnect.7.0\ICONNECT.exe:*:Enabled:scanCONTROL Development 1.7 -- (Micro-Epsilon Messtechnik GmbH & Co. KG) "C:\Dokumente und Einstellungen\***\Anwendungsdaten\Wuala\Roaming\Wuala.exe" = C:\Dokumente und Einstellungen\***\Anwendungsdaten\Wuala\Roaming\Wuala.exe:*:Enabled:Wuala "C:\Dokumente und Einstellungen\***\Eigene Dateien\Borland Studio-Projekte\Project2.exe" = C:\Dokumente und Einstellungen\***\Eigene Dateien\Borland Studio-Projekte\Project2.exe:*:Enabled:Project2 -- () "C:\Dropbox\delphi\projekte\Airbus\Kommunikation\server\servertest.exe" = C:\Dropbox\delphi\projekte\Airbus\Kommunikation\server\servertest.exe:*:Enabled:servertest "\\192.168.1.44\pag\pag_vermessung.exe" = \\192.168.1.44\pag\pag_vermessung.exe:*:Enabled:pag_vermessung.exe "\\192.168.18.44\pag\pag_vermessung.exe" = \\192.168.18.44\pag\pag_vermessung.exe:*:Enabled:pag_vermessung.exe "C:\Dropbox\delphi\projekte\Airbus\vermessung\v5p9\pag_vermessung.exe" = C:\Dropbox\delphi\projekte\Airbus\vermessung\v5p9\pag_vermessung.exe:*:Enabled:pag_vermessung -- () "\\192.168.18.44\pag_software\pag_vermessung.exe" = \\192.168.18.44\pag_software\pag_vermessung.exe:*:Enabled:pag_vermessung.exe "C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p0\pag_vermessung.exe" = C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p0\pag_vermessung.exe:*:Enabled:pag_vermessung -- () "C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p1\pag_vermessung.exe" = C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p1\pag_vermessung.exe:*:Enabled:pag_vermessung -- () "C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p2\pag_vermessung.exe" = C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p2\pag_vermessung.exe:*:Enabled:pag_vermessung -- () "C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\OraInstall2012-11-06_12-38-05PM\jdk\jre\bin\javaw.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\OraInstall2012-11-06_12-38-05PM\jdk\jre\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary "C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p7\pag_vermessung.exe" = C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p7\pag_vermessung.exe:*:Enabled:pag_vermessung -- () "C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p8\pag_vermessung.exe" = C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p8\pag_vermessung.exe:*:Enabled:pag_vermessung -- () "C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p9\pag_vermessung.exe" = C:\Dropbox\delphi\projekte\Airbus\vermessung\v6p9\pag_vermessung.exe:*:Enabled:pag_vermessung -- () "C:\Dropbox\delphi\projekte\Airbus\vermessung\v7p1\pag_vermessung.exe" = C:\Dropbox\delphi\projekte\Airbus\vermessung\v7p1\pag_vermessung.exe:*:Enabled:pag_vermessung -- () "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Programme\uvnc bvba\UltraVNC\vncviewer.exe" = C:\Programme\uvnc bvba\UltraVNC\vncviewer.exe:*:Enabled:vncviewer.exe -- (UltraVNC) "\\192.168.255.44\pag_software\pag_vermessung.exe" = \\192.168.255.44\pag_software\pag_vermessung.exe:*:Disabled:pag_vermessung.exe "C:\Dokumente und Einstellungen\***\Eigene Dateien\Borland Studio-Projekte\Project3.exe" = C:\Dokumente und Einstellungen\***\Eigene Dateien\Borland Studio-Projekte\Project3.exe:*:Enabled:Project3 -- () "C:\Dropbox\delphi\sonstiges\webinterface\web.exe" = C:\Dropbox\delphi\sonstiges\webinterface\web.exe:*:Enabled:web -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{0402D28F-B9B7-4983-93FC-DBF673736D3F}" = Google Web Toolkit Developer Plugin for IE (x86) "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{176130BC-99A1-41FE-A78B-56045E33AD70}" = Cisco Systems VPN Client 4.8.02.0010 "{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1 "{1B6C0E95-182C-48E0-9C4B-4F916308249C}" = iTunes "{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1 "{26A24AE4-039D-4CA4-87B4-2F83216045FF}" = Java(TM) 6 Update 45 "{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15 "{2D504804-E9D3-4457-8768-B9AA0ABB69DC}" = SolidWorks eDrawings 2013 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{32A3A4F4-B792-11D6-A78A-00B0D0160450}" = Java(TM) SE Development Kit 6 Update 45 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support "{48CA752D-6147-4DAC-A98F-B8803037F336}" = S57W "{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU "{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C91729F-1C79-43CD-8614-170E1ECBA5A5}" = MaxSea v10.1.3.2 "{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10 "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01) "{59996900-0E6C-45B7-8C39-C64CB98462E4}" = Microsoft Web Platform Installer 2.0 "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 "{63E921D9-799A-44F9-A742-DE3DC968AFEF}" = Microsoft .NET Framework SDK (German) 1.1 "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK "{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7A46B192-2B49-42C2-8EB2-28890A0D0DC5}" = ActivePerl 5.6.1 Build 633 "{7ED5371F-F4EA-48F9-B8F7-C8777AD9DF69}" = Borland Developer Studio 2006 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EAC192B-1E5B-4276-A2D8-59A303ECD2DE}" = Visual J# .NET Redistributable 1.1- German Language Pack "{8F311E92-C29F-4DF9-8259-B739A1831669}_is1" = SUPER © v2012.build.54 (Nov 18, 2012) Version v2012.build.54 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel "{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{98C61F22-8B4F-416E-A4BF-54FCC10509E0}" = C-Map PCMCIA and USB drivers "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4 1.3 "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{B64B1EE7-8C59-45C4-8F47-3D91E33143FB}" = IBH_Net "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari "{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D6FC1D0B-791D-466E-B723-0F86938EFB4B}" = SketchUp Pro 8 "{DC9D88DA-1312-460D-8256-020262D0CF3D}" = MySQL Server 5.0 "{E1E58954-D885-44E7-B8C2-F0E9A6DA1652}" = O2Micro Flash Memory Card Windows Driver "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{EB2D81F7-2F55-49BF-95B1-05FE87603D05}" = FastCGI 1.5 (x86) RTW "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FAEE61D3-2A5E-4F7F-926F-77AAC08CE4DD}" = Sentinel System Driver Installer 7.5.0 "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Agere Systems Soft Modem" = Agere Systems HDA Modem "Avidemux 2.6" = Avidemux 2.6 (32-bit) "Avira AntiVir Desktop" = Avira Free Antivirus "BBAD1A7054D7B16ED03E62627C123F5CBA70A4E7" = Windows Driver Package - Intel (NETw3x32) net (09/27/2006 10.5.1.68) "CamStudio" = CamStudio "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX "Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX "Canon MOV Decoder" = Canon MOV Decoder "Canon MOV Encoder" = Canon MOV Encoder "ComDrvS76.21" = ComDrvS7 "D16AA00FE65B9D2C6E0A57F54400303BF3259CC3" = Windows Driver Package - Intel (w29n51) net (06/26/2006 9.0.4.17) "DAEMON Tools Lite" = DAEMON Tools Lite "Debenu Quick PDF Library Lite" = Debenu Quick PDF Library Lite "DPP" = Canon Utilities Digital Photo Professional 3.8 "DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei) "ElsterFormular für Privatanwender und Unternehmer 12.1.1.6214k" = ElsterFormular-Upgrade "EOS Utility" = Canon Utilities EOS Utility "FileZilla Client" = FileZilla Client 3.5.3 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 2.1.6.128 "FXCC - MetaTrader 4" = FXCC - MetaTrader 4 "GamesCenter" = GamesCenter "GExpertsBDS2006_is1" = GExperts for BDS 2006 "Google Desktop" = Google Desktop "HDMI" = Intel(R) Graphics Media Accelerator Driver "HeidiSQL_is1" = HeidiSQL 7.0.0.4218 "ie8" = Windows Internet Explorer 8 "InstallShield_{4C91729F-1C79-43CD-8614-170E1ECBA5A5}" = MaxSea v10.1.3.2 "InstallShield_{98C61F22-8B4F-416E-A4BF-54FCC10509E0}" = C-Map PCMCIA and USB drivers "InstallShield_{E1E58954-D885-44E7-B8C2-F0E9A6DA1652}" = O2Micro Flash Memory Card Windows Driver "LarrysAnyTextFileIndexer" = Larry's Any Text File Indexer "LarrysHelpFileIndexer" = Larry's Help File Indexer "LarrysOpenOfficeandStarOfficeIndexer" = Larry's OpenOffice and StarOffice Indexer "madCollection" = madshi's madCollection "Mazaika_is1" = Mazaika 3.3 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU "Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX "Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Notepad++" = Notepad++ "OnlineFotoservice" = OnlineFotoservice "Original Data Security Tools" = Canon Utilities Original Data Security Tools "PhotoStitch" = Canon Utilities PhotoStitch "Picasa 3" = Picasa 3 "Picture Style Editor" = Canon Utilities Picture Style Editor "Rainbow Sentinel Driver" = Sentinel System Driver "Redirection Port Monitor" = RedMon - Redirection Port Monitor "scanCONTROL 3D-View 2.1" = scanCONTROL 3D-View 2.1 "scanCONTROL Configuration Tools 2.2" = scanCONTROL Configuration Tools 2.2 "scanCONTROL Development 1.7" = scanCONTROL Development 1.7 "Slide_a6b15839b9912ebd11de5b7fef5d4a199b4eb430" = Windows Driver Package - Multiple Slides Scanner Vendor (scsiscan) Image 10/22/2002 1.1.1 "Ultravnc2_is1" = UltraVnc "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.1.6 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "WFTK" = Canon Utilities WFT Utility "WinMerge_is1" = WinMerge 2.12.4 "WinRAR archiver" = WinRAR "winscp3_is1" = WinSCP 5.1.4 "XnView_is1" = XnView 2.00 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 16.05.2013 08:46:10 | Computer Name = *** | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung webkit2webprocess.exe, Version 7534.57.2.4, fehlgeschlagenes Modul coregraphics.dll, Version 1.87.0.0, Fehleradresse 0x00096d9e. Error - 16.05.2013 08:46:14 | Computer Name = *** | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung webkit2webprocess.exe, Version 7534.57.2.4, fehlgeschlagenes Modul coregraphics.dll, Version 1.87.0.0, Fehleradresse 0x00096d9e. Error - 16.05.2013 08:46:29 | Computer Name = *** | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung webkit2webprocess.exe, Version 7534.57.2.4, fehlgeschlagenes Modul coregraphics.dll, Version 1.87.0.0, Fehleradresse 0x000a6780. Error - 16.05.2013 08:47:02 | Computer Name = *** | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung webkit2webprocess.exe, Version 7534.57.2.4, fehlgeschlagenes Modul coregraphics.dll, Version 1.87.0.0, Fehleradresse 0x00096d9e. Error - 20.05.2013 16:03:03 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 20.05.2013 16:03:03 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 11301969 Error - 20.05.2013 16:03:03 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 11301969 Error - 24.05.2013 18:49:35 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 24.05.2013 18:49:35 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 17488688 Error - 24.05.2013 18:49:35 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 17488688 [ Application Events ] Error - 16.05.2013 08:46:10 | Computer Name = *** | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung webkit2webprocess.exe, Version 7534.57.2.4, fehlgeschlagenes Modul coregraphics.dll, Version 1.87.0.0, Fehleradresse 0x00096d9e. Error - 16.05.2013 08:46:14 | Computer Name = *** | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung webkit2webprocess.exe, Version 7534.57.2.4, fehlgeschlagenes Modul coregraphics.dll, Version 1.87.0.0, Fehleradresse 0x00096d9e. Error - 16.05.2013 08:46:29 | Computer Name = *** | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung webkit2webprocess.exe, Version 7534.57.2.4, fehlgeschlagenes Modul coregraphics.dll, Version 1.87.0.0, Fehleradresse 0x000a6780. Error - 16.05.2013 08:47:02 | Computer Name = *** | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung webkit2webprocess.exe, Version 7534.57.2.4, fehlgeschlagenes Modul coregraphics.dll, Version 1.87.0.0, Fehleradresse 0x00096d9e. Error - 20.05.2013 16:03:03 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 20.05.2013 16:03:03 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 11301969 Error - 20.05.2013 16:03:03 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 11301969 Error - 24.05.2013 18:49:35 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 24.05.2013 18:49:35 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 17488688 Error - 24.05.2013 18:49:35 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 17488688 [ System Events ] Error - 24.05.2013 03:21:06 | Computer Name = *** | Source = Dhcp | ID = 1000 Description = Die Lease dieses Computers zu der IP-Adresse 134.106.110.132 über die Netzwerkkarte mit der Netzwerkadresse 0018DE6BB26B ist verloren gegangen. Error - 24.05.2013 06:05:41 | Computer Name = *** | Source = SRService | ID = 104 Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen. Error - 24.05.2013 06:07:01 | Computer Name = *** | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: sr Error - 24.05.2013 06:07:01 | Computer Name = *** | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Filtertreiber für Systemwiederherstellung" wurde aufgrund folgenden Fehlers nicht gestartet: %%2001 Error - 24.05.2013 06:07:01 | Computer Name = *** | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler beendet: %%2 Error - 24.05.2013 06:58:42 | Computer Name = *** | Source = Dhcp | ID = 1000 Description = Die Lease dieses Computers zu der IP-Adresse 134.106.110.132 über die Netzwerkkarte mit der Netzwerkadresse 0018DE6BB26B ist verloren gegangen. Error - 24.05.2013 09:13:33 | Computer Name = *** | Source = SRService | ID = 104 Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen. Error - 24.05.2013 09:14:48 | Computer Name = *** | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: sr Error - 24.05.2013 09:14:48 | Computer Name = *** | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Filtertreiber für Systemwiederherstellung" wurde aufgrund folgenden Fehlers nicht gestartet: %%2001 Error - 24.05.2013 09:14:48 | Computer Name = *** | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler beendet: %%2 < End of report > --- --- --- |
|
25.05.2013, 00:35
| #4 |
| /// TB-Ausbilder | Suchmaschinen Weiterleitung auf Werbeseiten Die Ark-Tools waren wohl tatsächlich ein wenig overkill.. Schritt 1 Fixen mit OTL
Code:
ATTFilter :OTL
[2013.05.23 16:57:58 | 000,000,320 | ---- | C] () -- C:\WINDOWS\tasks\Lpxincengj.job
[2013.05.23 16:57:57 | 000,212,992 | RHS- | C] () -- C:\WINDOWS\System32\msvcrt7.dll
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=gppc
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{6F76E322-963F-40B0-BC8C-3BA7492A080B}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=C0FC9B7B-C98A-4E4F-B31B-7D0BAEBFE917&apn_sauid=29458968-044E-41D7-BE23-72CA9C4235F3
:commands
[emptytemp]
Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Starte bitte die OTL.exe.
Bitte poste in deiner nächsten Antwort:
__________________ cheers, Leo |
|
25.05.2013, 00:54
| #5 |
| | Suchmaschinen Weiterleitung auf Werbeseiten Fixlog von OTL Code:
ATTFilter All processes killed
========== OTL ==========
C:\WINDOWS\tasks\Lpxincengj.job moved successfully.
C:\WINDOWS\system32\msvcrt7.dll moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6F76E322-963F-40B0-BC8C-3BA7492A080B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F76E322-963F-40B0-BC8C-3BA7492A080B}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: guest
->Temp folder emptied: 636887 bytes
->Temporary Internet Files folder emptied: 464539 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 26549563 bytes
->Flash cache emptied: 489 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 281175 bytes
User: ***
->Temp folder emptied: 3167507066 bytes
->Temporary Internet Files folder emptied: 637445237 bytes
->Java cache emptied: 9452562 bytes
->FireFox cache emptied: 63834562 bytes
->Google Chrome cache emptied: 226186718 bytes
->Apple Safari cache emptied: 4446208 bytes
->Flash cache emptied: 12818971 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 153292230 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 90112 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 95187613 bytes
RecycleBin emptied: 50538985 bytes
Total Files Cleaned = 4.243,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05252013_013807
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.301 - Datei am 25/05/2013 um 01:44:53 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : *** - ***
# Bootmodus : Normal
# Ausgeführt unter : C:\downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Programme\Mozilla Firefox\searchplugins\fcmdSrch.xml
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ask
Ordner Gelöscht : C:\Dokumente und Einstellungen\***\Anwendungsdaten\dvdvideosoftiehelpers
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\v4wqot01.default-1369394344187\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v26.0.1410.64
Datei : C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.49] : icon_url = "hxxp://www.ask.com/favicon.ico",
Gelöscht [l.52] : keyword = "ask.com",
Gelöscht [l.56] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=C0[...]
Gelöscht [l.57] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]
Gelöscht [l.2270] : homepage = "hxxp://start.facemoods.com/?a=gppc",
*************************
AdwCleaner[S1].txt - [8504 octets] - [25/05/2013 01:44:53]
########## EOF - C:\AdwCleaner[S1].txt - [8564 octets] ##########
Log von OTL OTL Logfile: Code:
ATTFilter OTL logfile created on: 25.05.2013 01:48:17 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,24 Gb Total Physical Memory | 2,54 Gb Available Physical Memory | 78,34% Memory free 5,08 Gb Paging File | 4,47 Gb Available in Paging File | 87,96% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 70,62 Gb Total Space | 7,87 Gb Free Space | 11,15% Space Free | Partition Type: NTFS Drive F: | 1,83 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: *** | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Dropbox\delphi\projekte\RML\PC Laufzeit\laufzeit.exe () PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\oracle\***\product\11.2.0\dbhome_1\BIN\omtsreco.exe (Oracle Corporation) PRC - C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe () PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems) PRC - C:\WINDOWS\system32\o2flash.exe (O2Micro International) PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\Crypserv.exe (Kenonic Controls Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Dropbox\delphi\projekte\RML\PC Laufzeit\laufzeit.exe () MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll () MOD - C:\oracle\***\product\11.2.0\dbhome_1\BIN\oraperf11.dll () MOD - C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe () MOD - C:\Programme\MySQL\MySQL Server 5.0\bin\libmySQL.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\WINDOWS\system32\vpnapi.dll () MOD - C:\WINDOWS\system32\redmonnt.dll () MOD - C:\WINDOWS\system32\pdfcmnnt.dll () ========== Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Rfc2IBHLink) -- C:\WINDOWS\system32\Rfc2IBHLink.exe (IBH softec Gesellschaft für Automatisierungstechnik mbH Turmstrasse 77 D-64743 Beerfelden / Odw. hxxp://www.ibhsoftec.de ) SRV - (OracleMTSRecoveryService) -- C:\oracle\***\product\11.2.0\dbhome_1\bin\omtsreco.exe (Oracle Corporation) SRV - (OracleOraDb11g_home1ClrAgent) -- C:\oracle\***\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe (Oracle Corporation) SRV - (MySQL) -- C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe () SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems) SRV - (O2Flash) -- C:\WINDOWS\system32\o2flash.exe (O2Micro International) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation) SRV - (Crypkey License) -- C:\WINDOWS\System32\Crypserv.exe (Kenonic Controls Ltd.) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (sentemul) -- C:\WINDOWS\system32\drivers\sentemul.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (LVUVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH) DRV - (Netaapl) -- C:\WINDOWS\system32\drivers\netaapl.sys (Apple Inc.) DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (PSSDKLBF) -- C:\WINDOWS\system32\drivers\pssdklbf.sys (microOLAP Technologies LTD) DRV - (PSSDK42) -- C:\WINDOWS\system32\drivers\pssdk42.sys (microOLAP Technologies LTD) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (PID_0928) -- C:\WINDOWS\system32\drivers\LV561AV.SYS (Logitech Inc.) DRV - (mv2) -- C:\WINDOWS\system32\drivers\mv2.sys (UVNC BVBA) DRV - (Udfs) -- C:\WINDOWS\System32\drivers\udfs.sys () DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec) DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems) DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (O2SDRDR) -- C:\WINDOWS\system32\drivers\o2sd.sys (O2Micro ) DRV - (O2MDRDR) -- C:\WINDOWS\system32\drivers\o2media.sys (O2Micro ) DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (OZSCR) -- C:\WINDOWS\system32\drivers\ozscr.sys (O2Micro) DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC) DRV - (FUJ02E3) -- C:\WINDOWS\system32\drivers\fuj02e3.sys (FUJITSU LIMITED) DRV - (Sentinel) -- C:\WINDOWS\system32\drivers\SENTINEL.SYS (Rainbow Technologies, Inc.) DRV - (Sntnlusb) -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS (Rainbow Technologies Inc.) DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC) DRV - (FUJ02B1) -- C:\WINDOWS\system32\drivers\fuj02b1.sys (FUJITSU LIMITED) DRV - (NetworkX) -- C:\WINDOWS\system32\Ckldrv.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-641613935-3379061909-3612515523-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-641613935-3379061909-3612515523-1004\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-641613935-3379061909-3612515523-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-641613935-3379061909-3612515523-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-641613935-3379061909-3612515523-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-641613935-3379061909-3612515523-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Programme\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npdeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.0: C:\Programme\Microsoft\Web Platform Installer\\npwpidetector.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gamescenter@gamescenter.com: C:\Programme\GamesCenter\GamesCenter.xpi [2013.02.01 10:03:00 | 000,037,470 | ---- | M] () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.05.24 10:31:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.05.24 10:31:41 | 000,000,000 | ---D | M] [2010.04.06 12:55:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions [2013.05.24 10:31:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.05.24 10:31:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2013.05.24 10:31:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.05.24 10:31:47 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.03.08 00:29:38 | 000,244,736 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Programme\mozilla firefox\plugins\npEModelPlugin.dll ========== Chrome ========== CHR - default_search_provider: Ask (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\26.0.1410.64\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: GWT DMP Plugin (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jpjpnpmbddbjkfaccnmhnkdgjideieim\1.0.9738_0\WINNT_x86-msvc/npGwtDevPlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: NPCIG.dll (Enabled) = C:\Programme\Canon\ZoomBrowser EX\Program\NPCIG.dll CHR - plugin: Picasa (Enabled) = C:\Programme\Google\Picasa3\npPicasa3.dll CHR - plugin: WPI Detector 1.1 (Enabled) = C:\Programme\Microsoft\Web Platform Installer\\npwpidetector.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Programme\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Programme\Veetle\plugins\npVeetle.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: Google Drive = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Games Center = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dehjbbcmklelglapfndfbomoaooippkb\1.0_1\ CHR - Extension: GWT Developer Plugin = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jpjpnpmbddbjkfaccnmhnkdgjideieim\1.0.11338_0\ CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2008.08.21 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - Startup: C:\Dokumente und Einstellungen\guest\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\laufzeit.lnk = C:\Dropbox\delphi\projekte\RML\PC Laufzeit\laufzeit.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-641613935-3379061909-3612515523-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45) O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.7.0_15) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.255.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{55CFB9DD-BD76-46DF-9437-953FDAC44774}: DhcpNameServer = 192.168.255.254 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2003.02.11 09:08:34 | 000,000,045 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{dc2ef15f-6e86-11e1-8301-0018de6bb26b}\Shell - "" = AutoRun O33 - MountPoints2\{dc2ef15f-6e86-11e1-8301-0018de6bb26b}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{dc2ef15f-6e86-11e1-8301-0018de6bb26b}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{f18f320e-c96b-11df-8246-0018de6bb26b}\Shell - "" = AutoRun O33 - MountPoints2\{f18f320e-c96b-11df-8246-0018de6bb26b}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{f18f320e-c96b-11df-8246-0018de6bb26b}\Shell\AutoRun\command - "" = "D:\WD SmartWare.exe" autoplay=true O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.05.25 01:38:07 | 000,000,000 | ---D | C] -- C:\_OTL [2013.05.24 18:11:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2013.05.24 13:20:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads [2013.05.24 13:19:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Alte Firefox-Daten [2013.05.24 10:31:40 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2013.05.21 19:30:57 | 000,000,000 | ---D | C] -- C:\Programme\Paint.NET [2013.05.21 19:30:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Paint.NET [2013.05.21 12:36:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\XnView [2013.05.21 12:36:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\XnView [2013.05.21 12:36:36 | 000,000,000 | ---D | C] -- C:\Programme\XnView [2013.05.17 13:23:19 | 000,000,000 | ---D | C] -- C:\Programme\Western Digital Corporation [2013.05.16 13:07:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\GExperts [2013.05.16 13:06:52 | 000,000,000 | ---D | C] -- C:\Programme\GExperts for BDS 2006 [2013.05.16 13:06:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\GExperts for BDS 2006 [2013.05.15 19:57:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Notepad++ [2013.05.15 19:57:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Notepad++ [2013.05.15 19:57:22 | 000,000,000 | ---D | C] -- C:\Programme\Notepad++ [2013.05.15 19:57:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Notepad++ [2013.05.14 20:53:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\EDrawings [2013.05.14 20:49:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SolidWorks 2013 [2013.05.14 20:49:42 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\eDrawings2013 [2013.05.13 20:43:18 | 000,000,000 | ---D | C] -- C:\Programme\Safari [2013.05.11 19:29:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\meyer [2013.05.07 15:49:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\workspace [2013.05.07 15:03:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Studie [2013.05.06 21:54:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\me [2013.05.02 11:27:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Oracle SQL Developer Data Modeler [2013.04.29 22:41:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Sentinel Emulator [2013.04.29 22:41:34 | 000,000,000 | ---D | C] -- C:\Programme\SentEmul [2013.04.29 22:38:38 | 000,020,000 | ---- | C] (C-Map) -- C:\WINDOWS\System32\drivers\cmapusb.sys [2013.04.29 22:38:37 | 000,018,013 | ---- | C] (C-Map) -- C:\WINDOWS\System32\drivers\cmap_pc2.sys [2013.04.29 22:38:37 | 000,016,088 | ---- | C] (C-Map) -- C:\WINDOWS\System32\drivers\cmapldr.sys [2013.04.29 22:38:37 | 000,000,000 | ---D | C] -- C:\Programme\C-Map [2013.04.29 22:37:53 | 000,192,512 | ---- | C] (C-Map Russia) -- C:\WINDOWS\System32\CMGBase.dll [2013.04.29 22:37:50 | 000,165,888 | ---- | C] (Kenonic Controls) -- C:\WINDOWS\Ckconfig.exe [2013.04.29 22:37:50 | 000,052,224 | ---- | C] (Kenonic Controls Ltd.) -- C:\WINDOWS\System32\Crypserv.exe [2013.04.29 22:37:48 | 000,026,120 | ---- | C] (Rainbow Technologies Inc.) -- C:\WINDOWS\System32\drivers\SNTNLUSB.SYS [2013.04.29 22:37:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RNBOSENT [2013.04.29 22:37:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MaxSea Dienstprogramme [2013.04.29 22:37:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Drivers [2013.04.29 22:36:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Polar [2013.04.29 22:36:25 | 000,000,000 | ---D | C] -- C:\Programme\I&M [2013.04.25 13:23:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\SQL Developer [2013.04.25 13:22:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Oracle SQL Developer Data Modeler [2013.04.25 13:05:02 | 000,000,000 | ---D | C] -- C:\Programme\Sun [2013.04.25 12:53:11 | 000,000,000 | ---D | C] -- C:\Programme\WinSCP [2013.04.25 12:53:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\WinSCP ========== Files - Modified Within 30 Days ========== [2013.05.25 01:47:12 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.05.25 01:46:45 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.05.25 01:46:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.05.25 01:46:39 | 3479,162,880 | -HS- | M] () -- C:\hiberfil.sys [2013.05.25 01:44:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.05.25 01:38:09 | 000,518,600 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.05.25 01:38:09 | 000,496,448 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.05.25 01:38:09 | 000,099,740 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.05.25 01:38:09 | 000,083,770 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.05.25 01:29:00 | 000,001,246 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-641613935-3379061909-3612515523-1004UA.job [2013.05.25 01:19:00 | 000,001,106 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.05.24 19:56:51 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\MBR.dat [2013.05.24 09:29:00 | 000,001,194 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-641613935-3379061909-3612515523-1004Core.job [2013.05.23 17:51:10 | 000,000,600 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\winscp.rnd [2013.05.22 14:18:47 | 000,000,226 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\li.html [2013.05.21 19:31:06 | 000,000,840 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Paint.NET.lnk [2013.05.19 11:06:08 | 000,000,701 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\klap.html [2013.05.17 15:44:29 | 000,000,210 | -HS- | M] () -- C:\boot.ini [2013.05.17 13:45:17 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013.05.17 13:45:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013.05.16 14:46:07 | 000,068,440 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat [2013.05.16 10:42:23 | 000,320,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.05.15 23:49:43 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.05.14 20:49:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI [2013.05.11 16:49:41 | 000,712,898 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\12-12-05-ov-hsp-21-4c-hd.pdf [2013.05.10 10:29:06 | 000,019,254 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\mit.bmp [2013.05.07 06:27:17 | 006,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2013.05.04 16:29:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013.05.03 13:14:00 | 000,000,515 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Verknüpfung mit fertig.lnk [2013.05.03 13:13:04 | 000,042,951 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\012429e28e0cc0bc2d396a0560a21144.jpg [2013.05.01 09:17:35 | 000,001,680 | ---- | M] () -- C:\WINDOWS\System32\esnecil.ind [2013.04.29 22:43:18 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Maxsea.ini [2013.04.29 22:40:53 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Arcs&SeafarerConfig.INI [2013.04.29 22:39:40 | 000,001,680 | ---- | M] () -- C:\WINDOWS\System32\esnecil.nlp [2013.04.29 22:37:52 | 000,000,040 | ---- | M] () -- C:\WINDOWS\Crypkey.ini ========== Files Created - No Company Name ========== [2013.05.24 19:56:51 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\MBR.dat [2013.05.22 11:59:05 | 000,000,226 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\li.html [2013.05.21 19:31:06 | 000,000,846 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Paint.NET.lnk [2013.05.21 19:31:06 | 000,000,840 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Paint.NET.lnk [2013.05.19 09:58:11 | 000,000,701 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\klap.html [2013.05.14 20:49:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI [2013.05.13 20:43:25 | 000,002,169 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Safari.lnk [2013.05.11 16:49:33 | 000,712,898 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\12-12-05-ov-hsp-21-4c-hd.pdf [2013.05.10 10:26:07 | 000,019,254 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\mit.bmp [2013.05.03 13:14:00 | 000,000,515 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Verknüpfung mit fertig.lnk [2013.05.03 13:12:07 | 000,042,951 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\012429e28e0cc0bc2d396a0560a21144.jpg [2013.04.29 22:40:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Arcs&SeafarerConfig.INI [2013.04.29 22:39:40 | 000,001,680 | ---- | C] () -- C:\WINDOWS\System32\esnecil.nlp [2013.04.29 22:39:40 | 000,001,680 | ---- | C] () -- C:\WINDOWS\System32\esnecil.ind [2013.04.29 22:38:00 | 000,000,392 | ---- | C] () -- C:\WINDOWS\Maxsea.ini [2013.04.29 22:37:52 | 000,000,040 | ---- | C] () -- C:\WINDOWS\Crypkey.ini [2013.04.29 22:37:50 | 000,027,648 | R--- | C] () -- C:\WINDOWS\Setup_ck.exe [2013.04.29 22:37:50 | 000,024,608 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys [2013.04.29 22:37:50 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll [2013.04.29 22:37:50 | 000,011,776 | ---- | C] () -- C:\WINDOWS\Ckrfresh.exe [2013.02.01 10:04:24 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2013.02.01 10:02:59 | 000,107,520 | RHS- | C] () -- C:\WINDOWS\System32\TAKDSDecoder.dll [2012.09.21 21:08:36 | 010,919,784 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll [2012.09.21 21:08:36 | 000,338,136 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll [2012.09.21 21:08:36 | 000,103,272 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe [2012.07.29 11:56:44 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\***\test.sql [2012.07.19 14:18:05 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\datedll.dll [2012.07.19 14:18:04 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\mutils40.dll [2012.06.21 16:36:05 | 000,001,281 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.recently-used.xbel [2012.05.22 17:38:15 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini [2012.03.20 12:03:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.02.16 12:19:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.11.26 16:22:59 | 000,262,242 | ---- | C] () -- C:\WINDOWS\System32\S5Lan++_V110.bin [2011.11.26 16:22:59 | 000,131,170 | ---- | C] () -- C:\WINDOWS\System32\S5Lan_V72.bin [2011.11.26 16:22:59 | 000,116,576 | ---- | C] () -- C:\WINDOWS\System32\IBHNETST_eng.dll [2011.11.26 16:22:59 | 000,083,808 | ---- | C] () -- C:\WINDOWS\System32\IBH_NETPDL_eng.dll [2011.11.26 16:22:58 | 000,132,960 | ---- | C] () -- C:\WINDOWS\System32\IBHLink_eng.dll [2011.10.07 22:30:12 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\PWiaExt.dll [2011.10.07 22:30:11 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\PSlide.dll [2011.10.07 22:30:11 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\daspi32u.dll [2011.10.07 22:30:11 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\IO_PORT.DLL [2011.10.07 22:30:11 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\FVC.DLL [2011.10.07 22:30:11 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\SQ1394.DLL [2011.10.07 22:30:11 | 000,010,624 | ---- | C] () -- C:\WINDOWS\System32\GENEUSB.SYS [2011.08.22 10:48:12 | 000,000,036 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.org.eclipse.epp.usagedata.recording.userId [2011.01.14 11:12:15 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\winscp.rnd [2010.11.18 15:04:58 | 000,000,091 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.vpsuite_installation.xml [2010.11.18 15:01:37 | 000,000,134 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.vpinstall.properties [2010.10.27 13:12:04 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND [2010.05.23 13:25:10 | 000,051,200 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.04.21 23:02:28 | 000,000,147 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2010.04.11 23:20:02 | 000,000,080 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib ========== ZeroAccess Check ========== [2010.04.21 23:01:01 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2010.12.21 00:14:52 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.08.21 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 144 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:E3E746AD @Alternate Data Stream - 133 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:29C60577 @Alternate Data Stream - 127 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:5BCD33F0 < End of report > |
|
25.05.2013, 00:58
| #6 |
| /// TB-Ausbilder | Suchmaschinen Weiterleitung auf Werbeseiten Treten die Umleitungen noch auf oder sind sie weg? Schritt 1 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte  SecurityCheck und:
Bitte poste in deiner nächsten Antwort:
__________________ --> Suchmaschinen Weiterleitung auf Werbeseiten |
|
25.05.2013, 08:22
| #7 |
| | Suchmaschinen Weiterleitung auf Werbeseiten Die Weiterleitung ist weg  Code:
ATTFilter alwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.05.24.09
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
*** :: *** [Administrator]
Schutz: Aktiviert
25.05.2013 02:05:38
mbam-log-2013-05-25 (02-05-38).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 275193
Laufzeit: 3 Minute(n), 46 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=145e7a5ecd703c4f8dcb59a211a90d89
# engine=13907
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-25 12:52:36
# local_time=2013-05-25 02:52:36 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1799 16775165 100 99 4265 234866446 24560 0
# scanned=238911
# found=1
# cleaned=0
# scan_time=2234
sh=931221DAF34742FFD2B9087099DDC6C8B963FA53 ft=1 fh=df513262d0efc58b vn="a variant of Win32/Ponmocup.GN trojan" ac=I fn="C:\_OTL\MovedFiles\05252013_013807\C_WINDOWS\system32\msvcrt7.dll"
Code:
ATTFilter Results of screen317's Security Check version 0.99.63 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 JavaFX 2.1.1 Java(TM) 6 Update 45 Java 7 Update 15 Java(TM) SE Development Kit 6 Update 45 Java DB 10.6.2.1 Java version out of Date! Adobe Flash Player 11.7.700.202 Adobe Reader XI Mozilla Firefox (21.0) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log`````````````````````` |
|
25.05.2013, 12:17
| #8 |
| /// TB-Ausbilder | Suchmaschinen Weiterleitung auf Werbeseiten Prima, ESET hat nur noch das verantwortliche File gefunden, welches wir aber zuvor schon in Quarantäne gesteckt haben. Bring noch deine Java-Installationen auf den neusten Stand und wir räumen auf. Schritt 1
Code:
ATTFilter sc config wscsvc start= auto /c
Schritt 2 Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware zur Infizierung per Drive-by Download missbraucht werden können. Die aktuelle Version ist Java 7 Update 21.
Überleg dir also, ob du eine Java-Installation wirklich brauchst. Falls du Java weiterhin verwenden möchtest, dann:
Überprüfe dann mit diesem Plugin-Check, ob nun alle deine verwendeten Versionen aktuell sind und update sie anderenfalls. Cleanup Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.
>> OK << Wir sind durch, deine Logs sehen für mich im Moment sauber aus.  Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst. Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann. Epilog: Tipps, Dos & Don'ts Aktualität von System und SoftwareDas Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
Auch die installierte Software sollte immer in der aktuellsten Version vorliegen. Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
Sicherheits-SoftwareEine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt). Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt. Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
(Un-)Sicheres Verhalten im InternetNebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Allgemeine HinweiseAbschliessend noch ein paar grundsätzliche Bemerkungen:
Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen. Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. 
__________________ cheers, Leo |
|
07.06.2013, 10:44
| #9 |
| /// TB-Ausbilder | Suchmaschinen Weiterleitung auf Werbeseiten Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
|
| Themen zu Suchmaschinen Weiterleitung auf Werbeseiten |
| administrator, avast, boot, c:\windows, classpnp.sys, code, computer, desktop, detected, einstellungen, explorer, file, fontcache, google, hal.dll, harddisk, ide, klicke, log file, malwarebytes, policyagent, registry, service pack 3, sigcheck, suchmaschine, system, system32, version, weitergeleitet, weiterleitung |
Textbox. 
Linear-Darstellung
