ZeuS/ZBot Warnung, aber bisher kein Fund

julihe · 29.05.2013, 07:56

Liebe Helfer in der Not,

mir ist schon seit längerem aufgefallen, dass mein PC extrem langsam ist - ich dachte aber, dass ich hier einfach mal aufräumen muss oder mir ein Programm besorgen muss, dass den PC wieder schneller macht. Nun habe ich ein Schreiben meines Providers erhalten mit dem Hinweis, dass mein PC (oder Laptop) mit dem Trojaner ZeusZbot infiziert sei. Daraufhin habe ich mir den Decleaner von Avira heruntergeladen, der aber nichts gefunden hat. Mein regulärer Avira-Scanner hat diese Programme kürzlich gefunden und in die Quarantäne verschoben:

TR/BUZUS.JN1118 (2xgefunden),
EXP/CVE2013-24-23,
ADWARE/Rogue.446464.2

Da ich IT-technisch nicht so firm bin und gerne sicher sein möchte, dass dieser Trojaner sich nicht auf diesem PC befindet, wende ich mich an euch, mit der Bitte um Hilfe! Hier kommen die Logfiles zu meinem PC:

OTL logfile created on: 29.05.2013 08:25:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\julia\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,99 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,59% Memory free
3,84 Gb Paging File | 2,92 Gb Available in Paging File | 76,09% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 53,19 Gb Free Space | 22,84% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive E: | 149,04 Gb Total Space | 38,26 Gb Free Space | 25,67% Space Free | Partition Type: NTFS
Drive F: | 1,95 Gb Total Space | 0,78 Gb Free Space | 39,80% Space Free | Partition Type: FAT

Computer Name: JULE | User Name: julia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.05.29 08:25:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\julia\Eigene Dateien\Downloads\OTL.exe
PRC - [2013.05.22 21:10:46 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2013.05.07 13:37:26 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013.05.07 13:37:25 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\PROGRAM FILES\Programme\java\bin\jqs.exe
PRC - [2013.03.30 10:47:08 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.30 10:47:00 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.03.30 10:46:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Dropbox\bin\Dropbox.exe
PRC - [2013.03.12 07:32:50 | 000,253,816 | ---- | M] (Oracle Corporation) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2013.02.23 20:16:58 | 001,297,728 | ---- | M] (Spigot, Inc.) -- C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
PRC - [2013.02.23 17:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe
PRC - [2013.02.05 17:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013.01.14 13:40:56 | 005,385,048 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mikogo 4\mikogo-host.exe
PRC - [2012.11.30 04:06:58 | 001,263,512 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2012.11.29 17:06:12 | 001,926,496 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
PRC - [2012.11.29 17:06:10 | 001,723,744 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
PRC - [2012.06.20 13:18:08 | 001,568,976 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011.10.24 09:53:38 | 002,565,632 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
PRC - [2011.07.20 13:37:54 | 000,206,336 | ---- | M] () -- C:\Programme\PC Beschleunigen\PCSUService.exe
PRC - [2010.11.08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
PRC - [2010.09.06 09:11:32 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.31 15:01:38 | 000,159,744 | R--- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2006.11.16 20:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.11.16 19:58:32 | 000,884,736 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006.10.19 14:52:24 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe

========== Modules (No Company Name) ==========

MOD - [2013.05.22 21:10:45 | 003,128,728 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2013.05.17 14:25:57 | 017,403,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b6efe2639cf6d0f305cf4cb8d0a34304\System.ServiceModel.ni.dll
MOD - [2013.05.17 14:25:37 | 001,071,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e8172ec65cbfc6cb540889acb30f44a7\System.IdentityModel.ni.dll
MOD - [2013.05.16 21:34:42 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll
MOD - [2013.03.02 10:21:22 | 000,397,704 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2013.02.14 01:44:56 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll
MOD - [2013.02.14 01:44:01 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dll
MOD - [2013.02.14 01:43:15 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll
MOD - [2013.02.14 01:39:46 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll
MOD - [2013.02.14 01:38:53 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013.02.14 01:35:26 | 005,457,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\edec0bc06ef52e1842953fd90020e190\System.Xml.ni.dll
MOD - [2013.02.14 01:35:07 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2013.01.14 13:40:56 | 005,385,048 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mikogo 4\mikogo-host.exe
MOD - [2012.11.30 04:07:48 | 000,100,248 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2012.11.30 04:06:58 | 001,263,512 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.20 13:37:54 | 000,206,336 | ---- | M] () -- C:\Programme\PC Beschleunigen\PCSUService.exe
MOD - [2010.11.08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
MOD - [2010.11.04 12:21:28 | 000,635,904 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MFL_U_VC9.DLL
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.09.05 16:42:10 | 000,638,976 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\PlayRIpl.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll

========== Services (SafeList) ==========

SRV - [2013.05.22 21:10:46 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.15 08:02:29 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.07 13:37:26 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\PROGRAM FILES\Programme\java\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.03.30 10:47:08 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.30 10:46:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.23 17:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013.02.05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2013.01.14 13:13:40 | 001,008,984 | ---- | M] () [Auto | Stopped] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mikogo 4\M4-Service.exe -- (M4-Service)
SRV - [2012.11.29 17:06:10 | 001,723,744 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011.10.24 09:53:38 | 002,565,632 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service)
SRV - [2011.07.20 13:37:54 | 000,206,336 | ---- | M] () [Auto | Running] -- C:\Programme\PC Beschleunigen\PCSUService.exe -- (PCSUService)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.11.04 12:45:14 | 000,186,368 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe -- (MAGIX StartUp Analyze Service)
SRV - [2010.09.06 09:11:32 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.04.28 10:23:08 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.10.19 14:52:24 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PDNSp50.sys -- (PDNSp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PDNMp50.sys -- (PDNMp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Running] -- C:\DOKUME~1\julia\LOKALE~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla)
DRV - [2013.05.28 20:25:22 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2013.03.30 10:47:10 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.03.30 10:47:10 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.03.30 10:47:10 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.03.02 10:21:32 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.11.16 17:38:46 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.05.10 08:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010.09.16 17:02:33 | 000,035,040 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys -- (TelekomNM3)
DRV - [2010.09.06 09:11:32 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008.02.14 11:04:06 | 004,676,096 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.01.03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher={Publisher}&dpid={DownloadProvider}&co={CountryTwoLettersISO}&userid={InstallationHashID}&affid={affid}&searchtype=ds&babsrc=lnkry&q={searc hTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=hp&exp=true
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=ds&q={searchTerms}
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\7.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=ds&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
IE - HKCU\..\SearchScopes\{1E2ECAF3-66E0-4385-A499-AB68B500433A}: "URL" = hxxp://de.search.yahoo.com/search?ei=utf-8&fr=chr-greentree_ie&type=971163&ilc=12&p={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes\{F7D9008E-FD82-417F-96C2-7D60B52B9B48}: "URL" = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
IE - HKCU\..\SearchScopes\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}: "URL" = hxxp://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=de&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3 A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com Search"
FF - prefs.js..browser.search.defaultenginename: "Ask.com Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com/webhp?hl=de&tab=Xw"
FF - prefs.js..extensions.enabledAddons: save-as-pdf-ff%40pdfcrowd.com:1.5
FF - prefs.js..extensions.enabledAddons: %7B872b5b88-9db5-4310-bdd0-ac189557e5f5%7D:3.18.0.7
FF - prefs.js..extensions.enabledAddons: printPages2Pdf%40reinhold.ripper:0.1.9.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\PROGRAM FILES\Programme\java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Programme\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\opencandy.com/Ignite: C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Ignite\npOCDM.1.1.4.0.dll (OpenCandy, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.02.10 12:48:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\ff\ [2013.03.01 16:58:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.05.22 21:10:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.05.28 20:43:46 | 000,000,000 | ---D | M]

[2009.03.02 09:41:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Extensions
[2013.05.28 21:01:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions
[2013.02.12 08:01:11 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.05.28 12:49:16 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\engine@conduit.com
[2013.03.29 16:25:43 | 000,000,000 | ---D | M] (Print pages to PDF) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\printPages2Pdf@reinhold.ripper
[2012.11.04 19:29:14 | 000,057,194 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\save-as-pdf-ff@pdfcrowd.com.xpi
[2012.12.15 14:39:42 | 000,036,139 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.05.28 21:01:03 | 000,870,680 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.14 13:48:53 | 000,002,306 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\searchplugins\askcomsearch.xml
[2010.06.29 10:18:14 | 000,000,873 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\searchplugins\conduit.xml
[2012.06.27 08:23:57 | 000,015,693 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\searchplugins\Web Search.xml
[2013.05.22 21:10:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.22 21:10:48 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google

riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U18 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Move Networks\plugins\071803000001\npqmp071803000001.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Programme\Panda Security\ActiveScan 2.0\npwrapper.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programme\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.24169_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2002.12.31 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\PROGRAM FILES\Programme\java\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\7.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\PROGRAM FILES\Programme\java\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\7.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [GEST] m’|\ü File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SearchSettings] C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Mikogo] C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mikogo 4\mikogo-host.exe ()
O4 - HKCU..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\julia\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7D46865-2141-454F-82C8-CD80D9C5D3EE}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - file:///C:/DOKUME~1/julia/LOKALE~1/Temp/msohtml1/01/clip_image001.jpg
O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.02.28 17:08:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005.11.17 19:19:46 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.05.28 20:29:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HitmanPro
[2013.05.24 11:27:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Desktop\Neuer Ordner
[2013.05.23 23:12:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\dm-Fotowelt
[2013.05.23 22:55:51 | 000,000,000 | ---D | C] -- C:\Programme\dm
[2013.05.23 22:51:57 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2013.05.23 22:51:28 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.05.23 22:51:28 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.05.23 22:51:28 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.05.23 19:57:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Desktop\LONDON
[2013.05.22 21:41:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Eigene Dateien\PCSpeedUp
[2013.05.22 21:40:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Eigene Dateien\MAGIX_MxTray
[2013.05.22 21:35:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Eigene Dateien\OnDemandDump
[2013.05.22 21:35:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Eigene Dateien\CrashLog
[2013.05.22 21:34:42 | 000,000,000 | ---D | C] -- C:\Programme\MAGIX
[2013.05.22 21:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAGIX
[2013.05.22 21:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2013.05.22 21:10:34 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2013.05.07 21:21:08 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[37 C:\Dokumente und Einstellungen\julia\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\julia\Desktop\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.05.29 08:28:00 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013.05.29 08:23:53 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\defogger_reenable
[2013.05.29 08:02:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.29 07:59:01 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.29 07:58:58 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\PCCT - MAGIX AG.job
[2013.05.29 07:58:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.28 20:50:04 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.28 20:43:47 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2013.05.28 20:25:22 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2013.05.28 20:25:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.24 14:20:22 | 000,001,885 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2013.05.24 14:20:22 | 000,001,814 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Desktop\Avira DE-Cleaner.lnk
[2013.05.24 11:20:27 | 000,002,495 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Desktop\Microsoft Word.lnk
[2013.05.23 23:12:20 | 000,000,766 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CEWE FOTOSCHAU.lnk
[2013.05.23 23:12:20 | 000,000,751 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\dm-Fotowelt.lnk
[2013.05.23 10:14:26 | 000,000,432 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2013.05.23 08:09:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.05.22 21:35:06 | 000,000,782 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2013.05.17 14:17:17 | 001,610,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.05.16 21:34:16 | 000,535,028 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.05.16 21:34:16 | 000,508,616 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.05.16 21:34:16 | 000,108,786 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.05.16 21:34:16 | 000,090,202 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.05.16 21:28:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.05.15 08:02:29 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.05.15 08:02:29 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.05.07 21:21:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2013.05.07 21:21:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013.05.07 06:27:17 | 006,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[37 C:\Dokumente und Einstellungen\julia\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\julia\Desktop\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.05.29 08:23:53 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\julia\defogger_reenable
[2013.05.28 20:43:47 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2013.05.28 20:43:46 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk
[2013.05.24 14:20:22 | 000,001,885 | ---- | C] () -- C:\Dokumente und Einstellungen\julia\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2013.05.24 14:20:22 | 000,001,814 | ---- | C] () -- C:\Dokumente und Einstellungen\julia\Desktop\Avira DE-Cleaner.lnk
[2013.05.23 23:12:20 | 000,000,766 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CEWE FOTOSCHAU.lnk
[2013.05.23 23:12:20 | 000,000,751 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\dm-Fotowelt.lnk
[2013.05.22 21:35:10 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\PCCT - MAGIX AG.job
[2013.05.22 21:35:06 | 000,000,782 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2013.05.07 21:21:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2013.05.07 21:21:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.12.01 11:45:39 | 000,010,455 | ---- | C] () -- C:\Dokumente und Einstellungen\julia\JuliHe_elster_2048.pfx
[2012.10.20 19:08:28 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll
[2012.02.15 20:39:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.31 18:15:42 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012.01.31 18:15:42 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012.01.31 18:15:42 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012.01.31 18:15:42 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012.01.02 13:40:40 | 000,043,684 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.10.03 18:33:15 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.08.21 22:37:19 | 001,376,818 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1229272821-1979792683-839522115-1003-0.dat
[2011.08.21 22:37:18 | 000,344,410 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011.08.21 10:21:22 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.08.21 10:21:22 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.04.11 19:02:43 | 000,004,343 | ---- | C] () -- C:\Dokumente und Einstellungen\julia\default.pls
[2009.05.13 12:44:27 | 000,026,624 | ---- | C] () -- C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2012.05.26 09:34:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

OTL Extras logfile created on: 29.05.2013 08:25:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\julia\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,99 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,59% Memory free
3,84 Gb Paging File | 2,92 Gb Available in Paging File | 76,09% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 53,19 Gb Free Space | 22,84% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive E: | 149,04 Gb Total Space | 38,26 Gb Free Space | 25,67% Space Free | Partition Type: NTFS
Drive F: | 1,95 Gb Total Space | 0,78 Gb Free Space | 39,80% Space Free | Partition Type: FAT

Computer Name: JULE | User Name: julia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Programme\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [dm-Fotowelt] -- "C:\Programme\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet

isabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet

isabled:@xpsp2res.dll,-22008
"16040:UDP" = 16040:UDP:*:Enabled:UDP 16040
"15271:TCP" = 15271:TCP:*:Enabled:TCP 15271

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*

isabled:Kodak Software Updater
"C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled

ropbox -- (Dropbox, Inc.)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"D:\DVD-Start.exe" = D:\DVD-Start.exe:*:Enabled:Schnellstart-DVD

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{008F9A3A-24A0-408B-AD7F-95C414219A00}" = Adobe Setup
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{3055CB72-68BC-4D81-9561-5F33AEC1EC12}" = MAGIX PC Check & Tuning Free 2011
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37BA50EE-C851-4394-93DD-A0A611891031}" = Nero 7 Essentials
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{43B74FAB-FB58-447D-8D3A-5F638AF36FD1}" = Netzmanager
"{46E1B1F2-A279-4356-9B17-029F9CC72EAE}" = Brother MFL-Pro Suite
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D826618-59C6-11D4-976E-00C04F8EEB39}" = Macromedia FreeHand 10
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup
"{604B2A5C-B1CE-45B2-ADCC-6B7C721AC3AC}" = LibreOffice 4.0.1.2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX
"{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{930B2432-43D4-11D5-9871-00C04F8EEB39}" = Macromedia Fireworks MX
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AE585DDE-7230-4B57-926B-428C94AA5850}" = Adobe Setup
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B63DFA23-5C10-44B4-881D-45EFBF4A4761}" = MAGIX Screenshare
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder
"{BE7785D6-045F-44FB-A1E4-3FA555874415}" = pdfforge Toolbar v7.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{EA2D9BC0-75E9-4975-9A0A-DD82198DDC53}" = MSXML 6.0 Parser
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C9C7F7-0D56-40B2-A276-152762D39BCA}" = Adobe Setup
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"7-PDF Split & Merge_is1" = 7-PDF Split & Merge Version 2.0.3 (Build 264)
"7-PDF Website Converter_is1" = 7-PDF Website Converter Version 1.0.6 (Build 164)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adobe_2225677e524ae91efb80c700be972bf" = Adobe Flash CS3
"Adobe_32fdd767b4383606e8168e834af5d90" = Adobe Premiere Pro CS3
"Adobe_5d83aea83f5009a0d267d337e3f55fe" = Adobe After Effects CS3
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Adobe_8fbf74eb27c84640370f87306e8981b" = Adobe InDesign CS3
"AnswerWorks" = AnswerWorks Runtime
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon iP4300 Benutzerregistrierung" = Canon iP4300 Benutzerregistrierung
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"dm-Fotowelt" = dm-Fotowelt
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"Easy-WebPrint" = Easy-WebPrint
"ElsterFormular" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"MAGIX_MSI_PC_Check_Tuning_Free_2011" = MAGIX PC Check & Tuning Free 2011
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Netzmanager" = Netzmanager
"PCSU-SL_is1" = PC Beschleunigen - Vollständige Deinstallation
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.2
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"4115349905.www.pcspeedup.com" = PCSpeedUp Application
"Dropbox" = Dropbox
"Ignite" = Ignite
"Mikogo 4" = Mikogo 4

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.05.2013 06:06:11 | Computer Name = JULE | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 24.05.2013 06:06:11 | Computer Name = JULE | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 24.05.2013 06:06:11 | Computer Name = JULE | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 24.05.2013 06:06:11 | Computer Name = JULE | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 24.05.2013 06:06:11 | Computer Name = JULE | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 24.05.2013 06:06:11 | Computer Name = JULE | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 24.05.2013 06:06:11 | Computer Name = JULE | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 24.05.2013 06:06:11 | Computer Name = JULE | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 24.05.2013 06:06:11 | Computer Name = JULE | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 24.05.2013 06:06:11 | Computer Name = JULE | Source = Adobe Version Cue CS3 | ID = 3
Description =

[ OSession Events ]
Error - 05.05.2009 09:16:00 | Computer Name = JULE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 57 seconds with 0 seconds of active time. This session ended with a crash.

Error - 13.05.2009 06:45:43 | Computer Name = JULE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 230 seconds with 180 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 24.05.2013 08:17:56 | Computer Name = JULE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "M4-Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193

Error - 24.05.2013 08:18:37 | Computer Name = JULE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "M4-Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193

Error - 26.05.2013 14:47:15 | Computer Name = JULE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "M4-Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193

Error - 26.05.2013 14:47:54 | Computer Name = JULE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "M4-Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193

Error - 28.05.2013 14:26:17 | Computer Name = JULE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "M4-Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193

Error - 28.05.2013 14:27:16 | Computer Name = JULE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "M4-Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193

Error - 28.05.2013 14:50:46 | Computer Name = JULE | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort2 hat innerhalb der Fehlerwartezeit nicht
geantwortet.

Error - 28.05.2013 14:51:50 | Computer Name = JULE | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort2 hat innerhalb der Fehlerwartezeit nicht
geantwortet.

Error - 29.05.2013 01:59:48 | Computer Name = JULE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "M4-Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193

Error - 29.05.2013 02:01:05 | Computer Name = JULE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "M4-Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193

< End of report >

schrauber · 29.05.2013, 09:13

Hi,

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Combofix wird überprüfen, ob die Microsoft Windows Wiederherstellungskonsole installiert ist.
Ist diese nicht installiert, erlaube Combofix diese herunter zu laden und zu installieren. Folge dazu einfach den Anweisungen und aktzeptiere die End Nutzer Lizenz.
Bei heutiger Malware ist dies sehr empfehlenswert, da diese uns eine Möglichkeit bietet, dein System zu reparieren, falls was schief geht.
Bestätige die Information, dass die Wiederherstellungskonsole installiert wurde mit Ja.

Hinweis: Ist diese bereits installiert, wird Combofix mit der Malwareentfernung fortfahren.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

julihe · 29.05.2013, 15:29

Hallo Schrauber;

vielen Dank für deine Antwort (und sorry, dass ich die Logfiles komplett in meine Nachricht kopiert habe, da gibt es offenbar auch noch elegenatere Alternativen...)!

Ich habe mir Combofix heruntergeladen und es lief auch (mehrmals) komplett durch, aber irgendwann wird das System dann plötzlich neu gestartet und die Logfiles sind nirgends ersichtlich. Das ist bestimmt eine doofe Frage, aber: Wie komme ich an die Logfiles, wenn sie mir nicht angezeigt werden?

Gruß,
Julia

schrauber · 29.05.2013, 19:05

Schau mal unter C:\Combofix.txt oder ob es einen Ordner gibt C:\Qoobox.

julihe · 29.05.2013, 21:01

Nein, leider gibt es c:/Combifix.txt nicht. Es gibt jetzt unter C: das Symbol eines Laufwerks mit dem Namen Combofix, aber wenn ich darauf klicke, erhalte ich die Ansicht, wie wenn ich auf dem Arbeitsplatz bin (Laufwerke zur Auswahl und eigene Dateien). Die Suche hat leider auch nichts ergeben.

Den Ordner C:/Qoobox gibt es allerdings. Mit den Ordnern: Qurantine, Backend, Test, TestC und Lastrun. Welche Datei ist da darin von Interesse?

Grüße, Julia

schrauber · 29.05.2013, 21:31

Hossa Julia

dann bitte wie folgt:

Combofix löschen, neu laden, umbenennen in NoMbr.exe und laufen lassen.

julihe · 30.05.2013, 17:15

Hallo Schrauber,

das hat besser geklappt!

Nun habe ich einen Ordner NoMbr.exe mit so einigen Daten... Und nun?

Viele Grüße
Julia

PS: Mein Computer hat so einige Probleme nach den Suchläufen gehabt - es gab irgendeinen "schwerwiegenden" Fehler bei Windows und mein Desktop sah nach den Suchläufen irgendwie auch immer ganz merkwürdig aus (der musste dann jedes Mal erst wiederhergestellt werden). Das ist doch auch nicht ganz normal, oder?

schrauber · 30.05.2013, 17:21

Nee. Schau mal ob du jetzt C:\Combofix.txt findest.

julihe · 31.05.2013, 15:12

hmmm..., also das einzige Combofix-Textdokument, das ich hier finde, hat nicht so wirklich viel Inhalt:

ComboFix 13-05-30.02 - julia 30.05.2013 19:51:12.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2037.813 [GMT 2:00]
ausgeführt von:: C:\Dokumente und Einstellungen\julia\Eigene Dateien\Downloads\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

Aber insgesamt ist es doch komisch, dass mein PC sich immer herunterfährt, sobald das Programm durchgelaufen ist und immer einen Systemfehler anzeigt, oder?

Viele Grüße
Julia

schrauber · 31.05.2013, 15:45

Downloade dir bitte Rogue Killer von hier.

Speichere das Tool auf deinem Desktop !
Schließe alle laufenden Programme.
Starte die RogueKiller.exe
Warte bis Prescan abgeschlossen erscheint und klicke dann auf Scannen.
Wenn der Scan beendet wurde, klicke auf Bericht und poste diesen hier.
Du findest die Logdatei RKreport[1].txt auch auf deinem Desktop.

Nach dem Suchlauf auch auf Löschen klicken, Logfile posten.

julihe · 31.05.2013, 16:36

Hi Schrauber,

das hier ist der Bericht:

RogueKiller V8.5.4 [Mar 18 2013] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : RogueKiller - Geeks to Go Forums
Webseite : Download RogueKiller (Official website)
Blog : tigzy-RK

Betriebssystem : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Gestartet in : Normaler Modus
Benutzer : julia [Admin Rechte]
Funktion : Scannen -- Datum : 05/31/2013 17:32:57
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 1 ¤¤¤
[SUSP PATH] mikogo-host.exe -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mikogo 4\mikogo-host.exe [7] -> GELÖSCHT [TermProc]

¤¤¤ Registry-Einträge : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Mikogo ("C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mikogo 4\mikogo-host.exe" -asp) [7] -> GEFUNDEN
[RUN][SUSP PATH] HKUS\S-1-5-21-1229272821-1979792683-839522115-1003[...]\Run : Mikogo ("C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mikogo 4\mikogo-host.exe" -asp) [7] -> GEFUNDEN
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> GEFUNDEN
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> GEFUNDEN
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> GEFUNDEN

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [GELADEN] ¤¤¤
SSDT[25] : NtClose @ 0x805BC538 -> HOOKED (Unknown @ 0xBA6C7A4C)
SSDT[41] : NtCreateKey @ 0x8062423A -> HOOKED (Unknown @ 0xBA6C7A06)
SSDT[50] : NtCreateSection @ 0x805AB3D0 -> HOOKED (Unknown @ 0xBA6C7A56)
SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0xBA6C79FC)
SSDT[63] : NtDeleteKey @ 0x806246D6 -> HOOKED (Unknown @ 0xBA6C7A0B)
SSDT[65] : NtDeleteValueKey @ 0x806248A6 -> HOOKED (Unknown @ 0xBA6C7A15)
SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0xBA6C7A47)
SSDT[98] : NtLoadKey @ 0x8062645E -> HOOKED (Unknown @ 0xBA6C7A1A)
SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0xBA6C79E8)
SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0xBA6C79ED)
SSDT[177] : NtQueryValueKey @ 0x8062245E -> HOOKED (Unknown @ 0xBA6C7A6F)
SSDT[193] : NtReplaceKey @ 0x8062630E -> HOOKED (Unknown @ 0xBA6C7A24)
SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D7E -> HOOKED (Unknown @ 0xBA6C7A60)
SSDT[204] : NtRestoreKey @ 0x80625C1A -> HOOKED (Unknown @ 0xBA6C7A1F)
SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0xBA6C7A5B)
SSDT[237] : NtSetSecurityObject @ 0x805C0636 -> HOOKED (Unknown @ 0xBA6C7A65)
SSDT[247] : NtSetValueKey @ 0x806227AC -> HOOKED (Unknown @ 0xBA6C7A10)
SSDT[255] : NtSystemDebugControl @ 0x8061820E -> HOOKED (Unknown @ 0xBA6C7A6A)
SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0xBA6C79F7)
S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xBA6C7A7E)
S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xBA6C7A83)

¤¤¤ Externe Hives: ¤¤¤
-> E:\windows\system32\config\SOFTWARE
-> E:\windows\system32\config\SYSTEM

¤¤¤ Hosts-Datei: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR überprüfen: ¤¤¤

+++++ PhysicalDrive0: ST3160021A +++++
--- User ---
[MBR] 4f211e0514e8fd25b05cd21b049262bf
[BSP] a09e5c4f6eb6dfeba654903a44181902 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: MAXTOR STM3250310AS +++++
--- User ---
[MBR] a531a982b247835d11e291723a104e8e
[BSP] 0162753fc4ab5892a7c476ba2e6574fc : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238464 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: PI-239 USB 2.0 Drive USB Device +++++
--- User ---
[MBR] 222a6a7551e807cb5b3d7613ca0611e9
[BSP] b0cba4afb3c453906be4ea7d16ac94d8 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 2048 | Size: 476936 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Abgeschlossen : << RKreport[1]_S_05312013_02d1732.txt >>
RKreport[1]_S_05312013_02d1732.txt

schrauber · 31.05.2013, 18:32

Hi,

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

julihe · 31.05.2013, 19:22

...hier das 20km-lange Ergebnis (sorry, ich habe noch immer nicht verstanden, wie man Logfile ordentlich formatiert...):

20:11:12.0562 3132 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:11:12.0906 3132 ============================================================
20:11:12.0906 3132 Current date / time: 2013/05/31 20:11:12.0906
20:11:12.0906 3132 SystemInfo:
20:11:12.0906 3132
20:11:12.0906 3132 OS Version: 5.1.2600 ServicePack: 3.0
20:11:12.0906 3132 Product type: Workstation
20:11:12.0906 3132 ComputerName: JULE
20:11:12.0906 3132 UserName: julia
20:11:12.0906 3132 Windows directory: C:\WINDOWS
20:11:12.0906 3132 System windows directory: C:\WINDOWS
20:11:12.0906 3132 Processor architecture: Intel x86
20:11:12.0906 3132 Number of processors: 2
20:11:12.0906 3132 Page size: 0x1000
20:11:12.0906 3132 Boot type: Normal boot
20:11:12.0906 3132 ============================================================
20:11:14.0359 3132 Drive \Device\Harddisk0\DR0 - Size: 0x25432CDE00 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:11:14.0359 3132 Drive \Device\Harddisk1\DR1 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:11:14.0359 3132 Drive \Device\Harddisk2\DR4 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:11:16.0140 3132 ============================================================
20:11:16.0140 3132 \Device\Harddisk0\DR0:
20:11:16.0140 3132 MBR partitions:
20:11:16.0140 3132 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
20:11:16.0140 3132 \Device\Harddisk1\DR1:
20:11:16.0171 3132 MBR partitions:
20:11:16.0171 3132 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
20:11:16.0171 3132 \Device\Harddisk2\DR4:
20:11:16.0171 3132 MBR partitions:
20:11:16.0171 3132 \Device\Harddisk2\DR4\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x3A384441
20:11:16.0171 3132 ============================================================
20:11:16.0203 3132 C: <-> \Device\Harddisk1\DR1\Partition1
20:11:16.0218 3132 E: <-> \Device\Harddisk0\DR0\Partition1
20:11:16.0234 3132 F: <-> \Device\Harddisk2\DR4\Partition1
20:11:16.0234 3132 ============================================================
20:11:16.0234 3132 Initialize success
20:11:16.0234 3132 ============================================================
20:11:28.0609 3824 ============================================================
20:11:28.0609 3824 Scan started
20:11:28.0609 3824 Mode: Manual;
20:11:28.0609 3824 ============================================================
20:11:29.0515 3824 ================ Scan system memory ========================
20:11:29.0515 3824 System memory - ok
20:11:29.0515 3824 ================ Scan services =============================
20:11:29.0593 3824 Abiosdsk - ok
20:11:29.0593 3824 abp480n5 - ok
20:11:29.0656 3824 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:11:29.0656 3824 ACPI - ok
20:11:29.0718 3824 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:11:29.0718 3824 ACPIEC - ok
20:11:29.0828 3824 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:11:29.0828 3824 AdobeFlashPlayerUpdateSvc - ok
20:11:29.0828 3824 adpu160m - ok
20:11:29.0890 3824 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:11:29.0890 3824 aec - ok
20:11:29.0937 3824 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:11:29.0937 3824 AFD - ok
20:11:29.0953 3824 Aha154x - ok
20:11:29.0953 3824 aic78u2 - ok
20:11:29.0953 3824 aic78xx - ok
20:11:30.0015 3824 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:11:30.0015 3824 Alerter - ok
20:11:30.0031 3824 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
20:11:30.0046 3824 ALG - ok
20:11:30.0046 3824 AliIde - ok
20:11:30.0046 3824 amsint - ok
20:11:30.0203 3824 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
20:11:30.0250 3824 AntiVirSchedulerService - ok
20:11:30.0281 3824 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:11:30.0281 3824 AntiVirService - ok
20:11:30.0296 3824 [ 9EDAE2D1CA368E8D01BEE8BFBC9488E4 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:11:30.0296 3824 AntiVirWebService - ok
20:11:30.0468 3824 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:11:30.0468 3824 Apple Mobile Device - ok
20:11:30.0546 3824 [ 5234837DFEC4092E235594B25CF02865 ] Application Updater C:\Programme\Application Updater\ApplicationUpdater.exe
20:11:30.0546 3824 Application Updater - ok
20:11:30.0593 3824 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:11:30.0593 3824 AppMgmt - ok
20:11:30.0593 3824 asc - ok
20:11:30.0609 3824 asc3350p - ok
20:11:30.0609 3824 asc3550 - ok
20:11:30.0687 3824 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:11:30.0734 3824 aspnet_state - ok
20:11:30.0781 3824 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:11:30.0781 3824 AsyncMac - ok
20:11:30.0796 3824 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:11:30.0796 3824 atapi - ok
20:11:30.0796 3824 Atdisk - ok
20:11:30.0828 3824 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:11:30.0828 3824 Atmarpc - ok
20:11:30.0875 3824 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:11:30.0875 3824 AudioSrv - ok
20:11:30.0921 3824 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:11:30.0921 3824 audstub - ok
20:11:30.0937 3824 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:11:30.0937 3824 avgntflt - ok
20:11:30.0984 3824 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:11:30.0984 3824 avipbb - ok
20:11:31.0000 3824 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:11:31.0000 3824 avkmgr - ok
20:11:31.0062 3824 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:11:31.0062 3824 Beep - ok
20:11:31.0125 3824 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
20:11:31.0203 3824 BITS - ok
20:11:31.0312 3824 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
20:11:31.0312 3824 Bonjour Service - ok
20:11:31.0359 3824 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
20:11:31.0375 3824 Browser - ok
20:11:31.0421 3824 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
20:11:31.0421 3824 BrScnUsb - ok
20:11:31.0468 3824 [ 1A5FC78E41840EDF79D65EC16EFF2787 ] BrSerIf C:\WINDOWS\system32\Drivers\BrSerIf.sys
20:11:31.0468 3824 BrSerIf - ok
20:11:31.0468 3824 [ A24C7B39602218F8DBDB2B6704325FC7 ] BrUsbSer C:\WINDOWS\system32\Drivers\BrUsbSer.sys
20:11:31.0468 3824 BrUsbSer - ok
20:11:31.0468 3824 C-Dilla - ok
20:11:31.0625 3824 catchme - ok
20:11:31.0671 3824 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:11:31.0671 3824 cbidf2k - ok
20:11:31.0687 3824 cd20xrnt - ok
20:11:31.0734 3824 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:11:31.0734 3824 Cdaudio - ok
20:11:31.0750 3824 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:11:31.0750 3824 Cdfs - ok
20:11:31.0796 3824 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:11:31.0796 3824 Cdrom - ok
20:11:31.0796 3824 Changer - ok
20:11:31.0859 3824 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:11:31.0859 3824 CiSvc - ok
20:11:31.0875 3824 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:11:31.0875 3824 ClipSrv - ok
20:11:31.0953 3824 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:11:32.0000 3824 clr_optimization_v2.0.50727_32 - ok
20:11:32.0031 3824 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:11:32.0156 3824 clr_optimization_v4.0.30319_32 - ok
20:11:32.0156 3824 CmdIde - ok
20:11:32.0171 3824 COMSysApp - ok
20:11:32.0171 3824 Cpqarray - ok
20:11:32.0187 3824 cpuz132 - ok
20:11:32.0218 3824 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:11:32.0218 3824 CryptSvc - ok
20:11:32.0234 3824 dac2w2k - ok
20:11:32.0234 3824 dac960nt - ok
20:11:32.0296 3824 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:11:32.0312 3824 DcomLaunch - ok
20:11:32.0328 3824 dgderdrv - ok
20:11:32.0359 3824 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:11:32.0359 3824 Dhcp - ok
20:11:32.0375 3824 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:11:32.0375 3824 Disk - ok
20:11:32.0390 3824 dmadmin - ok
20:11:32.0421 3824 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:11:32.0421 3824 dmboot - ok
20:11:32.0437 3824 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:11:32.0437 3824 dmio - ok
20:11:32.0453 3824 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:11:32.0453 3824 dmload - ok
20:11:32.0500 3824 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:11:32.0500 3824 dmserver - ok
20:11:32.0515 3824 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:11:32.0515 3824 DMusic - ok
20:11:32.0562 3824 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:11:32.0562 3824 Dnscache - ok
20:11:32.0609 3824 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:11:32.0609 3824 Dot3svc - ok
20:11:32.0609 3824 dpti2o - ok
20:11:32.0640 3824 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:11:32.0640 3824 drmkaud - ok
20:11:32.0671 3824 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:11:32.0671 3824 EapHost - ok
20:11:32.0671 3824 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:11:32.0671 3824 ERSvc - ok
20:11:32.0718 3824 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
20:11:32.0718 3824 Eventlog - ok
20:11:32.0781 3824 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
20:11:32.0781 3824 EventSystem - ok
20:11:32.0796 3824 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:11:32.0796 3824 Fastfat - ok
20:11:32.0859 3824 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:11:32.0859 3824 FastUserSwitchingCompatibility - ok
20:11:32.0906 3824 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:11:32.0906 3824 Fdc - ok
20:11:32.0921 3824 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:11:32.0921 3824 Fips - ok
20:11:32.0984 3824 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:11:32.0984 3824 FLEXnet Licensing Service - ok
20:11:32.0984 3824 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:11:32.0984 3824 Flpydisk - ok
20:11:33.0031 3824 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:11:33.0031 3824 FltMgr - ok
20:11:33.0125 3824 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:11:33.0125 3824 FontCache3.0.0.0 - ok
20:11:33.0156 3824 [ B07663A810E861EEBFD0EAC7E82CA62D ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
20:11:33.0156 3824 FsUsbExDisk - ok
20:11:33.0203 3824 [ F96C429788350DB4BA6771C3034DFD88 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
20:11:33.0203 3824 FsUsbExService - ok
20:11:33.0218 3824 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:11:33.0218 3824 Fs_Rec - ok
20:11:33.0234 3824 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:11:33.0234 3824 Ftdisk - ok
20:11:33.0296 3824 [ 5C230948DD6652228F88CA7AE6CB276C ] gdrv C:\WINDOWS\gdrv.sys
20:11:33.0296 3824 gdrv - ok
20:11:33.0328 3824 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:11:33.0328 3824 GEARAspiWDM - ok
20:11:33.0375 3824 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:11:33.0375 3824 Gpc - ok
20:11:33.0500 3824 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca9901ce7e34b8 C:\Programme\Google\Update\GoogleUpdate.exe
20:11:33.0500 3824 gupdate1ca9901ce7e34b8 - ok
20:11:33.0500 3824 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
20:11:33.0500 3824 gupdatem - ok
20:11:33.0515 3824 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:11:33.0515 3824 HDAudBus - ok
20:11:33.0609 3824 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:11:33.0609 3824 helpsvc - ok
20:11:33.0640 3824 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
20:11:33.0640 3824 HidServ - ok
20:11:33.0656 3824 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:11:33.0656 3824 hidusb - ok
20:11:33.0703 3824 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:11:33.0703 3824 hkmsvc - ok
20:11:33.0703 3824 hpn - ok
20:11:33.0750 3824 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:11:33.0750 3824 HTTP - ok
20:11:33.0781 3824 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:11:33.0781 3824 HTTPFilter - ok
20:11:33.0796 3824 i2omgmt - ok
20:11:33.0796 3824 i2omp - ok
20:11:33.0828 3824 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:11:33.0828 3824 i8042prt - ok
20:11:34.0015 3824 [ BFFA387180121DF1E4646C4CED3E16CA ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
20:11:34.0046 3824 ialm - ok
20:11:34.0140 3824 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:11:34.0171 3824 idsvc - ok
20:11:34.0187 3824 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:11:34.0187 3824 Imapi - ok
20:11:34.0234 3824 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
20:11:34.0234 3824 ImapiService - ok
20:11:34.0234 3824 ini910u - ok
20:11:34.0406 3824 [ 08BAF30F6DE95814F58AF9CE7BBC5614 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:11:34.0437 3824 IntcAzAudAddService - ok
20:11:34.0437 3824 IntelIde - ok
20:11:34.0500 3824 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:11:34.0500 3824 intelppm - ok
20:11:34.0515 3824 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:11:34.0531 3824 Ip6Fw - ok
20:11:34.0546 3824 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:11:34.0546 3824 IpFilterDriver - ok
20:11:34.0562 3824 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:11:34.0562 3824 IpInIp - ok
20:11:34.0593 3824 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:11:34.0593 3824 IpNat - ok
20:11:34.0671 3824 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Programme\iPod\bin\iPodService.exe
20:11:34.0671 3824 iPod Service - ok
20:11:34.0718 3824 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:11:34.0718 3824 IPSec - ok
20:11:34.0750 3824 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:11:34.0750 3824 IRENUM - ok
20:11:34.0781 3824 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:11:34.0781 3824 isapnp - ok
20:11:34.0937 3824 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\PROGRAM FILES\Programme\java\bin\jqs.exe
20:11:34.0937 3824 JavaQuickStarterService - ok
20:11:34.0953 3824 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:11:34.0953 3824 Kbdclass - ok
20:11:34.0968 3824 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:11:34.0968 3824 kbdhid - ok
20:11:34.0984 3824 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:11:34.0984 3824 kmixer - ok
20:11:35.0031 3824 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:11:35.0031 3824 KSecDD - ok
20:11:35.0062 3824 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:11:35.0062 3824 lanmanserver - ok
20:11:35.0125 3824 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:11:35.0140 3824 lanmanworkstation - ok
20:11:35.0140 3824 lbrtfdc - ok
20:11:35.0218 3824 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
20:11:35.0218 3824 LightScribeService - ok
20:11:35.0265 3824 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:11:35.0265 3824 LmHosts - ok
20:11:35.0406 3824 [ 6BA4B7D9FB5B73FE3ADA1319EADA2210 ] M4-Service C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mikogo 4\M4-Service.exe
20:11:35.0406 3824 M4-Service - ok
20:11:35.0500 3824 [ 8665FA986641C854B1A05AD09CEF7372 ] MAGIX StartUp Analyze Service C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe
20:11:35.0500 3824 MAGIX StartUp Analyze Service - ok
20:11:35.0500 3824 massfilter - ok
20:11:35.0515 3824 massfilter_hs - ok
20:11:35.0546 3824 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
20:11:35.0546 3824 MBAMProtector - ok
20:11:35.0593 3824 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:11:35.0593 3824 MBAMScheduler - ok
20:11:35.0625 3824 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
20:11:35.0625 3824 MBAMService - ok
20:11:35.0734 3824 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe
20:11:35.0734 3824 McComponentHostService - ok
20:11:35.0765 3824 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:11:35.0765 3824 Messenger - ok
20:11:35.0843 3824 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
20:11:35.0843 3824 Microsoft Office Groove Audit Service - ok
20:11:35.0890 3824 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:11:35.0890 3824 mnmdd - ok
20:11:35.0921 3824 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:11:35.0921 3824 mnmsrvc - ok
20:11:35.0937 3824 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:11:35.0937 3824 Modem - ok
20:11:35.0968 3824 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:11:35.0968 3824 Mouclass - ok
20:11:36.0031 3824 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:11:36.0031 3824 mouhid - ok
20:11:36.0031 3824 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:11:36.0031 3824 MountMgr - ok
20:11:36.0125 3824 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
20:11:36.0125 3824 MozillaMaintenance - ok
20:11:36.0125 3824 mraid35x - ok
20:11:36.0140 3824 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:11:36.0140 3824 MRxDAV - ok
20:11:36.0187 3824 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:11:36.0187 3824 MRxSmb - ok
20:11:36.0234 3824 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:11:36.0234 3824 MSDTC - ok
20:11:36.0234 3824 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:11:36.0234 3824 Msfs - ok
20:11:36.0250 3824 MSIServer - ok
20:11:36.0265 3824 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:11:36.0265 3824 MSKSSRV - ok
20:11:36.0281 3824 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:11:36.0281 3824 MSPCLOCK - ok
20:11:36.0312 3824 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:11:36.0312 3824 MSPQM - ok
20:11:36.0343 3824 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:11:36.0343 3824 mssmbios - ok
20:11:36.0375 3824 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:11:36.0375 3824 Mup - ok
20:11:36.0406 3824 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
20:11:36.0421 3824 napagent - ok
20:11:36.0562 3824 [ 87A00FAEDD703D8D2BDCB29CE5EEEA6B ] NBService C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
20:11:36.0562 3824 NBService - ok
20:11:36.0609 3824 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:11:36.0609 3824 NDIS - ok
20:11:36.0656 3824 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:11:36.0656 3824 NdisTapi - ok
20:11:36.0703 3824 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:11:36.0703 3824 Ndisuio - ok
20:11:36.0703 3824 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:11:36.0703 3824 NdisWan - ok
20:11:36.0750 3824 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:11:36.0750 3824 NDProxy - ok
20:11:36.0796 3824 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\WINDOWS\system32\DRIVERS\netaapl.sys
20:11:36.0796 3824 Netaapl - ok
20:11:36.0828 3824 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:11:36.0828 3824 NetBIOS - ok
20:11:36.0843 3824 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:11:36.0843 3824 NetBT - ok
20:11:36.0906 3824 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
20:11:36.0906 3824 NetDDE - ok
20:11:36.0906 3824 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:11:36.0906 3824 NetDDEdsdm - ok
20:11:36.0953 3824 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:11:36.0953 3824 Netlogon - ok
20:11:36.0968 3824 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
20:11:36.0968 3824 Netman - ok
20:11:37.0031 3824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:11:37.0078 3824 NetTcpPortSharing - ok
20:11:37.0234 3824 [ 70B5B4E69A07895DF30291CAB6ABDA54 ] Netzmanager Service C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
20:11:37.0250 3824 Netzmanager Service - ok
20:11:37.0296 3824 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
20:11:37.0296 3824 Nla - ok
20:11:37.0312 3824 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:11:37.0312 3824 Npfs - ok
20:11:37.0375 3824 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:11:37.0375 3824 Ntfs - ok
20:11:37.0421 3824 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:11:37.0421 3824 NtLmSsp - ok
20:11:37.0468 3824 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:11:37.0468 3824 NtmsSvc - ok
20:11:37.0515 3824 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:11:37.0515 3824 Null - ok
20:11:37.0546 3824 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:11:37.0546 3824 NwlnkFlt - ok
20:11:37.0562 3824 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:11:37.0562 3824 NwlnkFwd - ok
20:11:37.0687 3824 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
20:11:37.0687 3824 odserv - ok
20:11:37.0703 3824 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
20:11:37.0718 3824 ose - ok
20:11:37.0750 3824 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:11:37.0750 3824 Parport - ok
20:11:37.0812 3824 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:11:37.0812 3824 PartMgr - ok
20:11:37.0875 3824 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:11:37.0875 3824 ParVdm - ok
20:11:37.0875 3824 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:11:37.0875 3824 PCI - ok
20:11:37.0875 3824 PCIDump - ok
20:11:37.0921 3824 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:11:37.0921 3824 PCIIde - ok
20:11:37.0968 3824 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:11:37.0968 3824 Pcmcia - ok
20:11:38.0062 3824 [ 7EB95AA73D657A2DA9D8CFC336F4F48F ] PCSUService C:\Programme\PC Beschleunigen\PCSUService.exe
20:11:38.0062 3824 PCSUService - ok
20:11:38.0062 3824 PDCOMP - ok
20:11:38.0078 3824 PDFRAME - ok
20:11:38.0078 3824 PDNMp50 - ok
20:11:38.0078 3824 PDNSp50 - ok
20:11:38.0078 3824 PDRELI - ok
20:11:38.0093 3824 PDRFRAME - ok
20:11:38.0093 3824 perc2 - ok
20:11:38.0093 3824 perc2hib - ok
20:11:38.0343 3824 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
20:11:38.0453 3824 PEVSystemStart - ok
20:11:38.0484 3824 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
20:11:38.0500 3824 PlugPlay - ok
20:11:38.0500 3824 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:11:38.0500 3824 PolicyAgent - ok
20:11:38.0546 3824 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:11:38.0546 3824 PptpMiniport - ok
20:11:38.0562 3824 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:11:38.0562 3824 ProtectedStorage - ok
20:11:38.0562 3824 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:11:38.0562 3824 PSched - ok
20:11:38.0593 3824 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:11:38.0593 3824 Ptilink - ok
20:11:38.0640 3824 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:11:38.0640 3824 PxHelp20 - ok
20:11:38.0640 3824 ql1080 - ok
20:11:38.0640 3824 Ql10wnt - ok
20:11:38.0656 3824 ql12160 - ok
20:11:38.0656 3824 ql1240 - ok
20:11:38.0656 3824 ql1280 - ok
20:11:38.0703 3824 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:11:38.0703 3824 RasAcd - ok
20:11:38.0734 3824 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:11:38.0734 3824 RasAuto - ok
20:11:38.0734 3824 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:11:38.0734 3824 Rasl2tp - ok
20:11:38.0781 3824 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:11:38.0796 3824 RasMan - ok
20:11:38.0796 3824 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:11:38.0796 3824 RasPppoe - ok
20:11:38.0796 3824 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:11:38.0796 3824 Raspti - ok
20:11:38.0843 3824 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:11:38.0843 3824 Rdbss - ok
20:11:38.0859 3824 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:11:38.0859 3824 RDPCDD - ok
20:11:38.0859 3824 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:11:38.0859 3824 rdpdr - ok
20:11:38.0921 3824 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:11:38.0921 3824 RDPWD - ok
20:11:38.0937 3824 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:11:38.0937 3824 RDSessMgr - ok
20:11:38.0984 3824 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:11:38.0984 3824 redbook - ok
20:11:39.0031 3824 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:11:39.0031 3824 RemoteAccess - ok
20:11:39.0078 3824 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:11:39.0078 3824 RemoteRegistry - ok
20:11:39.0109 3824 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
20:11:39.0109 3824 ROOTMODEM - ok
20:11:39.0125 3824 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:11:39.0125 3824 RpcLocator - ok
20:11:39.0171 3824 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:11:39.0171 3824 RpcSs - ok
20:11:39.0203 3824 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:11:39.0218 3824 RSVP - ok
20:11:39.0265 3824 [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
20:11:39.0265 3824 RTLE8023xp - ok
20:11:39.0265 3824 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
20:11:39.0265 3824 SamSs - ok
20:11:39.0312 3824 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:11:39.0312 3824 SCardSvr - ok
20:11:39.0359 3824 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:11:39.0359 3824 Schedule - ok
20:11:39.0390 3824 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:11:39.0390 3824 Secdrv - ok
20:11:39.0421 3824 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
20:11:39.0421 3824 seclogon - ok
20:11:39.0421 3824 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
20:11:39.0421 3824 SENS - ok
20:11:39.0437 3824 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:11:39.0437 3824 serenum - ok
20:11:39.0437 3824 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:11:39.0437 3824 Serial - ok
20:11:39.0468 3824 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:11:39.0468 3824 Sfloppy - ok
20:11:39.0531 3824 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:11:39.0531 3824 SharedAccess - ok
20:11:39.0578 3824 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:11:39.0578 3824 ShellHWDetection - ok
20:11:39.0578 3824 Simbad - ok
20:11:39.0593 3824 Sparrow - ok
20:11:39.0625 3824 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:11:39.0625 3824 splitter - ok
20:11:39.0671 3824 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:11:39.0671 3824 Spooler - ok
20:11:39.0687 3824 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:11:39.0687 3824 sr - ok
20:11:39.0703 3824 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
20:11:39.0718 3824 srservice - ok
20:11:39.0765 3824 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:11:39.0781 3824 Srv - ok
20:11:39.0812 3824 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:11:39.0812 3824 SSDPSRV - ok
20:11:39.0875 3824 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:11:39.0875 3824 ssmdrv - ok
20:11:39.0890 3824 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:11:39.0890 3824 stisvc - ok
20:11:39.0937 3824 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:11:39.0937 3824 swenum - ok
20:11:40.0203 3824 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:11:40.0203 3824 swmidi - ok
20:11:40.0203 3824 SwPrv - ok
20:11:40.0218 3824 symc810 - ok
20:11:40.0218 3824 symc8xx - ok
20:11:40.0218 3824 sym_hi - ok
20:11:40.0234 3824 sym_u3 - ok
20:11:40.0250 3824 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:11:40.0250 3824 sysaudio - ok
20:11:40.0281 3824 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:11:40.0281 3824 SysmonLog - ok
20:11:40.0296 3824 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:11:40.0296 3824 TapiSrv - ok
20:11:40.0343 3824 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:11:40.0343 3824 Tcpip - ok
20:11:40.0390 3824 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:11:40.0390 3824 TDPIPE - ok
20:11:40.0390 3824 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:11:40.0390 3824 TDTCP - ok
20:11:40.0437 3824 [ 5D528200679C3B4595B4237E02C077D5 ] TelekomNM3 C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys
20:11:40.0437 3824 TelekomNM3 - ok
20:11:40.0468 3824 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:11:40.0468 3824 TermDD - ok
20:11:40.0515 3824 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
20:11:40.0515 3824 TermService - ok
20:11:40.0546 3824 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:11:40.0562 3824 Themes - ok
20:11:40.0593 3824 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:11:40.0593 3824 TlntSvr - ok
20:11:40.0593 3824 TosIde - ok
20:11:40.0625 3824 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:11:40.0625 3824 TrkWks - ok
20:11:40.0656 3824 [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight C:\WINDOWS\system32\drivers\TrueSight.sys
20:11:40.0656 3824 TrueSight - ok
20:11:40.0781 3824 [ 75E9D9B9E1C268697DA56EFF1A578F68 ] TuneUp.UtilitiesSvc C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
20:11:40.0796 3824 TuneUp.UtilitiesSvc - ok
20:11:40.0828 3824 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
20:11:40.0828 3824 TuneUpUtilitiesDrv - ok
20:11:40.0843 3824 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:11:40.0843 3824 Udfs - ok
20:11:40.0843 3824 ultra - ok
20:11:40.0890 3824 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:11:40.0890 3824 Update - ok
20:11:40.0937 3824 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:11:40.0937 3824 upnphost - ok
20:11:40.0953 3824 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
20:11:40.0953 3824 UPS - ok
20:11:40.0984 3824 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
20:11:40.0984 3824 USBAAPL - ok
20:11:40.0984 3824 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:11:41.0000 3824 usbccgp - ok
20:11:41.0031 3824 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:11:41.0031 3824 usbehci - ok
20:11:41.0046 3824 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:11:41.0046 3824 usbhub - ok
20:11:41.0078 3824 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:11:41.0078 3824 usbprint - ok
20:11:41.0078 3824 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:11:41.0078 3824 usbscan - ok
20:11:41.0109 3824 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:11:41.0109 3824 USBSTOR - ok
20:11:41.0125 3824 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:11:41.0125 3824 usbuhci - ok
20:11:41.0125 3824 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:11:41.0125 3824 VgaSave - ok
20:11:41.0140 3824 ViaIde - ok
20:11:41.0140 3824 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:11:41.0140 3824 VolSnap - ok
20:11:41.0187 3824 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
20:11:41.0203 3824 VSS - ok
20:11:41.0234 3824 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
20:11:41.0234 3824 W32Time - ok
20:11:41.0281 3824 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:11:41.0281 3824 Wanarp - ok
20:11:41.0328 3824 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:11:41.0328 3824 Wdf01000 - ok
20:11:41.0343 3824 WDICA - ok
20:11:41.0375 3824 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:11:41.0375 3824 wdmaud - ok
20:11:41.0390 3824 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:11:41.0390 3824 WebClient - ok
20:11:41.0500 3824 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:11:41.0500 3824 winmgmt - ok
20:11:41.0531 3824 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
20:11:41.0531 3824 WmdmPmSN - ok
20:11:41.0578 3824 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:11:41.0609 3824 Wmi - ok
20:11:41.0625 3824 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:11:41.0625 3824 WmiApSrv - ok
20:11:41.0656 3824 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
20:11:41.0656 3824 WpdUsb - ok
20:11:41.0718 3824 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:11:41.0718 3824 WPFFontCache_v0400 - ok
20:11:41.0765 3824 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:11:41.0765 3824 WS2IFSL - ok
20:11:41.0812 3824 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:11:41.0812 3824 wscsvc - ok
20:11:41.0828 3824 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:11:41.0828 3824 wuauserv - ok
20:11:41.0875 3824 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:11:41.0875 3824 WudfPf - ok
20:11:41.0906 3824 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:11:41.0906 3824 WudfRd - ok
20:11:41.0937 3824 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:11:41.0937 3824 WudfSvc - ok
20:11:42.0000 3824 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:11:42.0000 3824 WZCSVC - ok
20:11:42.0031 3824 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:11:42.0031 3824 xmlprov - ok
20:11:42.0046 3824 ZTEusbmdm6k - ok
20:11:42.0046 3824 ZTEusbnmea - ok
20:11:42.0046 3824 ZTEusbser6k - ok
20:11:42.0062 3824 ================ Scan global ===============================
20:11:42.0093 3824 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
20:11:42.0156 3824 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
20:11:42.0156 3824 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
20:11:42.0203 3824 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
20:11:42.0203 3824 [Global] - ok
20:11:42.0203 3824 ================ Scan MBR ==================================
20:11:42.0218 3824 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
20:11:42.0359 3824 \Device\Harddisk0\DR0 - ok
20:11:42.0390 3824 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
20:11:42.0531 3824 \Device\Harddisk1\DR1 - ok
20:11:42.0546 3824 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR4
20:11:42.0546 3824 \Device\Harddisk2\DR4 - ok
20:11:42.0546 3824 ================ Scan VBR ==================================
20:11:42.0546 3824 [ 1D3234191EDA35F04DA960014B301FBD ] \Device\Harddisk0\DR0\Partition1
20:11:42.0546 3824 \Device\Harddisk0\DR0\Partition1 - ok
20:11:42.0562 3824 [ E31467C0EFC1F16F0F534139FE05475A ] \Device\Harddisk1\DR1\Partition1
20:11:42.0562 3824 \Device\Harddisk1\DR1\Partition1 - ok
20:11:42.0562 3824 [ BDBD4568258C1B2B359F6447A0D610B4 ] \Device\Harddisk2\DR4\Partition1
20:11:42.0562 3824 \Device\Harddisk2\DR4\Partition1 - ok
20:11:42.0562 3824 ============================================================
20:11:42.0562 3824 Scan finished
20:11:42.0562 3824 ============================================================
20:11:42.0578 2780 Detected object count: 0
20:11:42.0578 2780 Actual detected object count: 0
20:12:15.0406 0196 ============================================================
20:12:15.0406 0196 Scan started
20:12:15.0406 0196 Mode: Manual; SigCheck; TDLFS;
20:12:15.0406 0196 ============================================================
20:12:15.0984 0196 ================ Scan system memory ========================
20:12:16.0000 0196 System memory - ok
20:12:16.0000 0196 ================ Scan services =============================
20:12:16.0093 0196 Abiosdsk - ok
20:12:16.0093 0196 abp480n5 - ok
20:12:16.0156 0196 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:12:17.0125 0196 ACPI - ok
20:12:17.0187 0196 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:12:17.0296 0196 ACPIEC - ok
20:12:17.0406 0196 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:12:17.0421 0196 AdobeFlashPlayerUpdateSvc - ok
20:12:17.0421 0196 adpu160m - ok
20:12:17.0437 0196 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:12:17.0546 0196 aec - ok
20:12:17.0578 0196 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:12:17.0625 0196 AFD - ok
20:12:17.0625 0196 Aha154x - ok
20:12:17.0625 0196 aic78u2 - ok
20:12:17.0640 0196 aic78xx - ok
20:12:17.0656 0196 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:12:17.0750 0196 Alerter - ok
20:12:17.0781 0196 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
20:12:17.0890 0196 ALG - ok
20:12:17.0890 0196 AliIde - ok
20:12:17.0890 0196 amsint - ok
20:12:18.0046 0196 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
20:12:18.0046 0196 AntiVirSchedulerService - ok
20:12:18.0109 0196 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:12:18.0125 0196 AntiVirService - ok
20:12:18.0187 0196 [ 9EDAE2D1CA368E8D01BEE8BFBC9488E4 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:12:18.0203 0196 AntiVirWebService - ok
20:12:18.0359 0196 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:12:18.0359 0196 Apple Mobile Device - ok
20:12:18.0437 0196 [ 5234837DFEC4092E235594B25CF02865 ] Application Updater C:\Programme\Application Updater\ApplicationUpdater.exe
20:12:18.0468 0196 Application Updater - ok
20:12:18.0500 0196 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:12:18.0593 0196 AppMgmt - ok
20:12:18.0593 0196 asc - ok
20:12:18.0593 0196 asc3350p - ok
20:12:18.0609 0196 asc3550 - ok
20:12:18.0687 0196 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:12:18.0687 0196 aspnet_state - ok
20:12:18.0718 0196 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:12:18.0828 0196 AsyncMac - ok
20:12:18.0859 0196 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:12:18.0968 0196 atapi - ok
20:12:18.0968 0196 Atdisk - ok
20:12:19.0000 0196 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:12:19.0078 0196 Atmarpc - ok
20:12:19.0125 0196 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:12:19.0218 0196 AudioSrv - ok
20:12:19.0281 0196 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:12:19.0406 0196 audstub - ok
20:12:19.0437 0196 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:12:19.0484 0196 avgntflt - ok
20:12:19.0546 0196 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:12:19.0546 0196 avipbb - ok
20:12:19.0562 0196 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:12:19.0578 0196 avkmgr - ok
20:12:19.0640 0196 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:12:19.0781 0196 Beep - ok
20:12:19.0828 0196 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
20:12:19.0921 0196 BITS - ok
20:12:20.0015 0196 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
20:12:20.0031 0196 Bonjour Service - ok
20:12:20.0109 0196 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
20:12:20.0187 0196 Browser - ok
20:12:20.0234 0196 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
20:12:20.0281 0196 BrScnUsb - ok
20:12:20.0312 0196 [ 1A5FC78E41840EDF79D65EC16EFF2787 ] BrSerIf C:\WINDOWS\system32\Drivers\BrSerIf.sys
20:12:20.0328 0196 BrSerIf - ok
20:12:20.0343 0196 [ A24C7B39602218F8DBDB2B6704325FC7 ] BrUsbSer C:\WINDOWS\system32\Drivers\BrUsbSer.sys
20:12:20.0359 0196 BrUsbSer - ok
20:12:20.0375 0196 C-Dilla - ok
20:12:20.0531 0196 catchme - ok
20:12:20.0578 0196 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:12:20.0703 0196 cbidf2k - ok
20:12:20.0703 0196 cd20xrnt - ok
20:12:20.0734 0196 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:12:20.0859 0196 Cdaudio - ok
20:12:20.0890 0196 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:12:20.0968 0196 Cdfs - ok
20:12:21.0000 0196 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:12:21.0093 0196 Cdrom - ok
20:12:21.0093 0196 Changer - ok
20:12:21.0140 0196 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:12:21.0234 0196 CiSvc - ok
20:12:21.0234 0196 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:12:21.0328 0196 ClipSrv - ok
20:12:21.0390 0196 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:12:21.0406 0196 clr_optimization_v2.0.50727_32 - ok
20:12:21.0453 0196 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:12:21.0468 0196 clr_optimization_v4.0.30319_32 - ok
20:12:21.0468 0196 CmdIde - ok
20:12:21.0484 0196 COMSysApp - ok
20:12:21.0500 0196 Cpqarray - ok
20:12:21.0500 0196 cpuz132 - ok
20:12:21.0531 0196 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:12:21.0625 0196 CryptSvc - ok
20:12:21.0640 0196 dac2w2k - ok
20:12:21.0656 0196 dac960nt - ok
20:12:21.0703 0196 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:12:21.0750 0196 DcomLaunch - ok
20:12:21.0765 0196 dgderdrv - ok
20:12:21.0796 0196 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:12:21.0906 0196 Dhcp - ok
20:12:21.0937 0196 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:12:22.0015 0196 Disk - ok
20:12:22.0015 0196 dmadmin - ok
20:12:22.0046 0196 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:12:22.0187 0196 dmboot - ok
20:12:22.0218 0196 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:12:22.0328 0196 dmio - ok
20:12:22.0343 0196 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:12:22.0421 0196 dmload - ok
20:12:22.0468 0196 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:12:22.0562 0196 dmserver - ok
20:12:22.0593 0196 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:12:22.0671 0196 DMusic - ok
20:12:22.0718 0196 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:12:22.0812 0196 Dnscache - ok
20:12:22.0843 0196 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:12:22.0921 0196 Dot3svc - ok
20:12:22.0937 0196 dpti2o - ok
20:12:22.0984 0196 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:12:23.0078 0196 drmkaud - ok
20:12:23.0093 0196 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:12:23.0187 0196 EapHost - ok
20:12:23.0234 0196 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:12:23.0312 0196 ERSvc - ok
20:12:23.0343 0196 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
20:12:23.0359 0196 Eventlog - ok
20:12:23.0421 0196 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
20:12:23.0468 0196 EventSystem - ok
20:12:23.0515 0196 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:12:23.0609 0196 Fastfat - ok
20:12:23.0656 0196 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:12:23.0734 0196 FastUserSwitchingCompatibility - ok
20:12:23.0781 0196 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:12:23.0875 0196 Fdc - ok
20:12:23.0906 0196 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:12:23.0984 0196 Fips - ok
20:12:24.0031 0196 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:12:24.0046 0196 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
20:12:24.0046 0196 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
20:12:24.0078 0196 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:12:24.0171 0196 Flpydisk - ok
20:12:24.0218 0196 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:12:24.0328 0196 FltMgr - ok
20:12:24.0406 0196 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:12:24.0406 0196 FontCache3.0.0.0 - ok
20:12:24.0437 0196 [ B07663A810E861EEBFD0EAC7E82CA62D ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
20:12:24.0453 0196 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
20:12:24.0453 0196 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
20:12:24.0515 0196 [ F96C429788350DB4BA6771C3034DFD88 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
20:12:24.0546 0196 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
20:12:24.0546 0196 FsUsbExService - detected UnsignedFile.Multi.Generic (1)
20:12:24.0578 0196 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:12:24.0687 0196 Fs_Rec - ok
20:12:24.0718 0196 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:12:24.0812 0196 Ftdisk - ok
20:12:24.0890 0196 [ 5C230948DD6652228F88CA7AE6CB276C ] gdrv C:\WINDOWS\gdrv.sys
20:12:24.0890 0196 gdrv - ok
20:12:24.0937 0196 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:12:24.0937 0196 GEARAspiWDM - ok
20:12:24.0968 0196 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:12:25.0062 0196 Gpc - ok
20:12:25.0156 0196 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca9901ce7e34b8 C:\Programme\Google\Update\GoogleUpdate.exe
20:12:25.0171 0196 gupdate1ca9901ce7e34b8 - ok
20:12:25.0171 0196 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
20:12:25.0187 0196 gupdatem - ok
20:12:25.0234 0196 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:12:25.0296 0196 HDAudBus - ok
20:12:25.0390 0196 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:12:25.0484 0196 helpsvc - ok
20:12:25.0531 0196 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
20:12:25.0625 0196 HidServ - ok
20:12:25.0671 0196 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:12:25.0765 0196 hidusb - ok
20:12:25.0796 0196 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:12:25.0890 0196 hkmsvc - ok
20:12:25.0890 0196 hpn - ok
20:12:25.0937 0196 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:12:25.0984 0196 HTTP - ok
20:12:26.0015 0196 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:12:26.0093 0196 HTTPFilter - ok
20:12:26.0093 0196 i2omgmt - ok
20:12:26.0109 0196 i2omp - ok
20:12:26.0140 0196 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:12:26.0234 0196 i8042prt - ok
20:12:26.0421 0196 [ BFFA387180121DF1E4646C4CED3E16CA ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
20:12:26.0609 0196 ialm - ok
20:12:26.0671 0196 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:12:26.0718 0196 idsvc - ok
20:12:26.0750 0196 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:12:26.0843 0196 Imapi - ok
20:12:26.0906 0196 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
20:12:26.0984 0196 ImapiService - ok
20:12:27.0000 0196 ini910u - ok
20:12:27.0156 0196 [ 08BAF30F6DE95814F58AF9CE7BBC5614 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:12:27.0328 0196 IntcAzAudAddService - ok
20:12:27.0328 0196 IntelIde - ok
20:12:27.0375 0196 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:12:27.0484 0196 intelppm - ok
20:12:27.0484 0196 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:12:27.0562 0196 Ip6Fw - ok
20:12:27.0593 0196 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:12:27.0703 0196 IpFilterDriver - ok
20:12:27.0734 0196 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:12:27.0812 0196 IpInIp - ok
20:12:27.0859 0196 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:12:27.0937 0196 IpNat - ok
20:12:28.0000 0196 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Programme\iPod\bin\iPodService.exe
20:12:28.0031 0196 iPod Service - ok
20:12:28.0093 0196 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:12:28.0187 0196 IPSec - ok
20:12:28.0203 0196 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:12:28.0296 0196 IRENUM - ok
20:12:28.0343 0196 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:12:28.0437 0196 isapnp - ok
20:12:28.0593 0196 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\PROGRAM FILES\Programme\java\bin\jqs.exe
20:12:28.0609 0196 JavaQuickStarterService - ok
20:12:28.0625 0196 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:12:28.0718 0196 Kbdclass - ok
20:12:28.0750 0196 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:12:28.0843 0196 kbdhid - ok
20:12:28.0875 0196 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:12:28.0968 0196 kmixer - ok
20:12:29.0000 0196 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:12:29.0078 0196 KSecDD - ok
20:12:29.0125 0196 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:12:29.0171 0196 lanmanserver - ok
20:12:29.0218 0196 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:12:29.0281 0196 lanmanworkstation - ok
20:12:29.0281 0196 lbrtfdc - ok
20:12:29.0359 0196 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
20:12:29.0375 0196 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:12:29.0375 0196 LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:12:29.0421 0196 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:12:29.0515 0196 LmHosts - ok
20:12:29.0671 0196 [ 6BA4B7D9FB5B73FE3ADA1319EADA2210 ] M4-Service C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mikogo 4\M4-Service.exe
20:12:29.0718 0196 M4-Service - ok
20:12:29.0828 0196 [ 8665FA986641C854B1A05AD09CEF7372 ] MAGIX StartUp Analyze Service C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe
20:12:29.0859 0196 MAGIX StartUp Analyze Service ( UnsignedFile.Multi.Generic ) - warning
20:12:29.0859 0196 MAGIX StartUp Analyze Service - detected UnsignedFile.Multi.Generic (1)
20:12:29.0875 0196 massfilter - ok
20:12:29.0875 0196 massfilter_hs - ok
20:12:29.0906 0196 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
20:12:29.0921 0196 MBAMProtector - ok
20:12:29.0984 0196 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:12:30.0000 0196 MBAMScheduler - ok
20:12:30.0046 0196 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
20:12:30.0062 0196 MBAMService - ok
20:12:30.0171 0196 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe
20:12:30.0187 0196 McComponentHostService - ok
20:12:30.0218 0196 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:12:30.0312 0196 Messenger - ok
20:12:30.0375 0196 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
20:12:30.0390 0196 Microsoft Office Groove Audit Service - ok
20:12:30.0437 0196 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:12:30.0546 0196 mnmdd - ok
20:12:30.0593 0196 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:12:30.0671 0196 mnmsrvc - ok
20:12:30.0703 0196 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:12:30.0781 0196 Modem - ok
20:12:30.0812 0196 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:12:30.0890 0196 Mouclass - ok
20:12:30.0921 0196 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:12:31.0046 0196 mouhid - ok
20:12:31.0062 0196 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:12:31.0140 0196 MountMgr - ok
20:12:31.0218 0196 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
20:12:31.0265 0196 MozillaMaintenance - ok
20:12:31.0265 0196 mraid35x - ok
20:12:31.0312 0196 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:12:31.0406 0196 MRxDAV - ok
20:12:31.0453 0196 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:12:31.0500 0196 MRxSmb - ok
20:12:31.0531 0196 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:12:31.0609 0196 MSDTC - ok
20:12:31.0609 0196 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:12:31.0718 0196 Msfs - ok
20:12:31.0734 0196 MSIServer - ok
20:12:31.0750 0196 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:12:31.0828 0196 MSKSSRV - ok
20:12:31.0875 0196 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:12:31.0953 0196 MSPCLOCK - ok
20:12:31.0984 0196 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:12:32.0046 0196 MSPQM - ok
20:12:32.0093 0196 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:12:32.0187 0196 mssmbios - ok
20:12:32.0234 0196 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:12:32.0281 0196 Mup - ok
20:12:32.0328 0196 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
20:12:32.0406 0196 napagent - ok
20:12:32.0546 0196 [ 87A00FAEDD703D8D2BDCB29CE5EEEA6B ] NBService C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
20:12:32.0578 0196 NBService ( UnsignedFile.Multi.Generic ) - warning
20:12:32.0578 0196 NBService - detected UnsignedFile.Multi.Generic (1)
20:12:32.0640 0196 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:12:32.0734 0196 NDIS - ok
20:12:32.0781 0196 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:12:32.0812 0196 NdisTapi - ok
20:12:32.0875 0196 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:12:32.0984 0196 Ndisuio - ok
20:12:32.0984 0196 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:12:33.0093 0196 NdisWan - ok
20:12:33.0140 0196 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:12:33.0171 0196 NDProxy - ok
20:12:33.0203 0196 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\WINDOWS\system32\DRIVERS\netaapl.sys
20:12:33.0281 0196 Netaapl - ok
20:12:33.0312 0196 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:12:33.0406 0196 NetBIOS - ok
20:12:33.0453 0196 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:12:33.0546 0196 NetBT - ok
20:12:33.0593 0196 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
20:12:33.0671 0196 NetDDE - ok
20:12:33.0687 0196 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:12:33.0765 0196 NetDDEdsdm - ok
20:12:33.0812 0196 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:12:33.0906 0196 Netlogon - ok
20:12:33.0953 0196 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
20:12:34.0046 0196 Netman - ok
20:12:34.0109 0196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:12:34.0125 0196 NetTcpPortSharing - ok
20:12:34.0281 0196 [ 70B5B4E69A07895DF30291CAB6ABDA54 ] Netzmanager Service C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
20:12:34.0406 0196 Netzmanager Service ( UnsignedFile.Multi.Generic ) - warning
20:12:34.0406 0196 Netzmanager Service - detected UnsignedFile.Multi.Generic (1)
20:12:34.0437 0196 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
20:12:34.0484 0196 Nla - ok
20:12:34.0500 0196 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:12:34.0609 0196 Npfs - ok
20:12:34.0656 0196 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:12:34.0765 0196 Ntfs - ok
20:12:34.0796 0196 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:12:34.0859 0196 NtLmSsp - ok
20:12:34.0906 0196 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:12:35.0000 0196 NtmsSvc - ok
20:12:35.0031 0196 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:12:35.0156 0196 Null - ok
20:12:35.0187 0196 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:12:35.0281 0196 NwlnkFlt - ok
20:12:35.0296 0196 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:12:35.0390 0196 NwlnkFwd - ok
20:12:35.0515 0196 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
20:12:35.0531 0196 odserv - ok
20:12:35.0562 0196 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
20:12:35.0578 0196 ose - ok
20:12:35.0609 0196 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:12:35.0703 0196 Parport - ok
20:12:35.0750 0196 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:12:35.0828 0196 PartMgr - ok
20:12:35.0890 0196 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:12:35.0984 0196 ParVdm - ok
20:12:36.0015 0196 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:12:36.0109 0196 PCI - ok
20:12:36.0125 0196 PCIDump - ok
20:12:36.0140 0196 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:12:36.0234 0196 PCIIde - ok
20:12:36.0250 0196 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:12:36.0328 0196 Pcmcia - ok
20:12:36.0421 0196 [ 7EB95AA73D657A2DA9D8CFC336F4F48F ] PCSUService C:\Programme\PC Beschleunigen\PCSUService.exe
20:12:36.0437 0196 PCSUService ( UnsignedFile.Multi.Generic ) - warning
20:12:36.0437 0196 PCSUService - detected UnsignedFile.Multi.Generic (1)
20:12:36.0437 0196 PDCOMP - ok
20:12:36.0453 0196 PDFRAME - ok
20:12:36.0453 0196 PDNMp50 - ok
20:12:36.0468 0196 PDNSp50 - ok
20:12:36.0468 0196 PDRELI - ok
20:12:36.0468 0196 PDRFRAME - ok
20:12:36.0484 0196 perc2 - ok
20:12:36.0484 0196 perc2hib - ok
20:12:36.0734 0196 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
20:12:36.0750 0196 PEVSystemStart ( UnsignedFile.Multi.Generic ) - warning
20:12:36.0750 0196 PEVSystemStart - detected UnsignedFile.Multi.Generic (1)
20:12:36.0765 0196 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
20:12:36.0812 0196 PlugPlay - ok
20:12:36.0812 0196 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:12:36.0890 0196 PolicyAgent - ok
20:12:36.0937 0196 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:12:37.0031 0196 PptpMiniport - ok
20:12:37.0062 0196 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:12:37.0140 0196 ProtectedStorage - ok
20:12:37.0140 0196 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:12:37.0250 0196 PSched - ok
20:12:37.0265 0196 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:12:37.0375 0196 Ptilink - ok
20:12:37.0421 0196 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:12:37.0437 0196 PxHelp20 - ok
20:12:37.0437 0196 ql1080 - ok
20:12:37.0437 0196 Ql10wnt - ok
20:12:37.0453 0196 ql12160 - ok
20:12:37.0453 0196 ql1240 - ok
20:12:37.0468 0196 ql1280 - ok
20:12:37.0484 0196 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:12:37.0593 0196 RasAcd - ok
20:12:37.0625 0196 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:12:37.0687 0196 RasAuto - ok
20:12:37.0718 0196 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:12:37.0796 0196 Rasl2tp - ok
20:12:37.0843 0196 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:12:37.0937 0196 RasMan - ok
20:12:37.0968 0196 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:12:38.0046 0196 RasPppoe - ok
20:12:38.0046 0196 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:12:38.0187 0196 Raspti - ok
20:12:38.0234 0196 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:12:38.0328 0196 Rdbss - ok
20:12:38.0359 0196 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:12:38.0468 0196 RDPCDD - ok
20:12:38.0500 0196 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:12:38.0593 0196 rdpdr - ok
20:12:38.0640 0196 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:12:38.0703 0196 RDPWD - ok
20:12:38.0750 0196 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:12:38.0843 0196 RDSessMgr - ok
20:12:38.0859 0196 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:12:38.0937 0196 redbook - ok
20:12:38.0968 0196 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:12:39.0062 0196 RemoteAccess - ok
20:12:39.0093 0196 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:12:39.0203 0196 RemoteRegistry - ok
20:12:39.0218 0196 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
20:12:39.0312 0196 ROOTMODEM - ok
20:12:39.0343 0196 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:12:39.0406 0196 RpcLocator - ok
20:12:39.0453 0196 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:12:39.0484 0196 RpcSs - ok
20:12:39.0531 0196 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:12:39.0625 0196 RSVP - ok
20:12:39.0656 0196 [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
20:12:39.0718 0196 RTLE8023xp - ok
20:12:39.0750 0196 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
20:12:39.0812 0196 SamSs - ok
20:12:39.0859 0196 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:12:39.0953 0196 SCardSvr - ok
20:12:40.0000 0196 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:12:40.0093 0196 Schedule - ok
20:12:40.0109 0196 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:12:40.0171 0196 Secdrv - ok
20:12:40.0218 0196 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
20:12:40.0312 0196 seclogon - ok
20:12:40.0328 0196 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
20:12:40.0421 0196 SENS - ok
20:12:40.0453 0196 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:12:40.0546 0196 serenum - ok
20:12:40.0546 0196 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:12:40.0625 0196 Serial - ok
20:12:40.0687 0196 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:12:40.0781 0196 Sfloppy - ok
20:12:40.0828 0196 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:12:40.0937 0196 SharedAccess - ok
20:12:40.0968 0196 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:12:40.0984 0196 ShellHWDetection - ok
20:12:40.0984 0196 Simbad - ok
20:12:41.0000 0196 Sparrow - ok
20:12:41.0046 0196 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:12:41.0140 0196 splitter - ok
20:12:41.0187 0196 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:12:41.0234 0196 Spooler - ok
20:12:41.0265 0196 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:12:41.0359 0196 sr - ok
20:12:41.0406 0196 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
20:12:41.0500 0196 srservice - ok
20:12:41.0781 0196 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:12:41.0843 0196 Srv - ok
20:12:41.0875 0196 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:12:41.0968 0196 SSDPSRV - ok
20:12:42.0015 0196 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:12:42.0031 0196 ssmdrv - ok
20:12:42.0093 0196 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:12:42.0203 0196 stisvc - ok
20:12:42.0234 0196 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:12:42.0328 0196 swenum - ok
20:12:42.0359 0196 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:12:42.0453 0196 swmidi - ok
20:12:42.0453 0196 SwPrv - ok
20:12:42.0468 0196 symc810 - ok
20:12:42.0484 0196 symc8xx - ok
20:12:42.0484 0196 sym_hi - ok
20:12:42.0500 0196 sym_u3 - ok
20:12:42.0515 0196 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:12:42.0609 0196 sysaudio - ok
20:12:42.0640 0196 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:12:42.0734 0196 SysmonLog - ok
20:12:42.0750 0196 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:12:42.0828 0196 TapiSrv - ok
20:12:42.0890 0196 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:12:42.0921 0196 Tcpip - ok
20:12:42.0968 0196 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:12:43.0031 0196 TDPIPE - ok
20:12:43.0046 0196 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:12:43.0125 0196 TDTCP - ok
20:12:43.0171 0196 [ 5D528200679C3B4595B4237E02C077D5 ] TelekomNM3 C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys
20:12:43.0187 0196 TelekomNM3 - ok
20:12:43.0234 0196 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:12:43.0343 0196 TermDD - ok
20:12:43.0375 0196 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
20:12:43.0468 0196 TermService - ok
20:12:43.0500 0196 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:12:43.0515 0196 Themes - ok
20:12:43.0562 0196 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:12:43.0640 0196 TlntSvr - ok
20:12:43.0640 0196 TosIde - ok
20:12:43.0671 0196 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:12:43.0781 0196 TrkWks - ok
20:12:43.0906 0196 [ 75E9D9B9E1C268697DA56EFF1A578F68 ] TuneUp.UtilitiesSvc C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
20:12:43.0984 0196 TuneUp.UtilitiesSvc - ok
20:12:44.0015 0196 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
20:12:44.0031 0196 TuneUpUtilitiesDrv - ok
20:12:44.0046 0196 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:12:44.0125 0196 Udfs - ok
20:12:44.0125 0196 ultra - ok
20:12:44.0187 0196 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:12:44.0265 0196 Update - ok
20:12:44.0296 0196 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:12:44.0390 0196 upnphost - ok
20:12:44.0390 0196 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
20:12:44.0484 0196 UPS - ok
20:12:44.0515 0196 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
20:12:44.0546 0196 USBAAPL - ok
20:12:44.0578 0196 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:12:44.0656 0196 usbccgp - ok
20:12:44.0703 0196 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:12:44.0796 0196 usbehci - ok
20:12:44.0843 0196 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:12:44.0937 0196 usbhub - ok
20:12:44.0953 0196 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:12:45.0031 0196 usbprint - ok
20:12:45.0046 0196 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:12:45.0125 0196 usbscan - ok
20:12:45.0156 0196 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:12:45.0234 0196 USBSTOR - ok
20:12:45.0265 0196 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:12:45.0359 0196 usbuhci - ok
20:12:45.0375 0196 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:12:45.0453 0196 VgaSave - ok
20:12:45.0453 0196 ViaIde - ok
20:12:45.0500 0196 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:12:45.0593 0196 VolSnap - ok
20:12:45.0625 0196 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
20:12:45.0703 0196 VSS - ok
20:12:45.0734 0196 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
20:12:45.0828 0196 W32Time - ok
20:12:45.0859 0196 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:12:45.0953 0196 Wanarp - ok
20:12:45.0984 0196 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:12:46.0015 0196 Wdf01000 - ok
20:12:46.0015 0196 WDICA - ok
20:12:46.0062 0196 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:12:46.0156 0196 wdmaud - ok
20:12:46.0203 0196 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:12:46.0296 0196 WebClient - ok
20:12:46.0390 0196 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:12:46.0500 0196 winmgmt - ok
20:12:46.0531 0196 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
20:12:46.0562 0196 WmdmPmSN - ok
20:12:46.0609 0196 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:12:46.0640 0196 Wmi - ok
20:12:46.0703 0196 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:12:46.0796 0196 WmiApSrv - ok
20:12:46.0812 0196 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
20:12:46.0843 0196 WpdUsb - ok
20:12:46.0921 0196 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:12:46.0968 0196 WPFFontCache_v0400 - ok
20:12:47.0015 0196 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:12:47.0140 0196 WS2IFSL - ok
20:12:47.0171 0196 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:12:47.0281 0196 wscsvc - ok
20:12:47.0312 0196 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:12:47.0421 0196 wuauserv - ok
20:12:47.0453 0196 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:12:47.0515 0196 WudfPf - ok
20:12:47.0531 0196 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:12:47.0546 0196 WudfRd - ok
20:12:47.0562 0196 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:12:47.0578 0196 WudfSvc - ok
20:12:47.0640 0196 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:12:47.0750 0196 WZCSVC - ok
20:12:47.0765 0196 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:12:47.0843 0196 xmlprov - ok
20:12:47.0859 0196 ZTEusbmdm6k - ok
20:12:47.0859 0196 ZTEusbnmea - ok
20:12:47.0875 0196 ZTEusbser6k - ok
20:12:47.0875 0196 ================ Scan global ===============================
20:12:47.0921 0196 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
20:12:47.0984 0196 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
20:12:48.0000 0196 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
20:12:48.0015 0196 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
20:12:48.0015 0196 [Global] - ok
20:12:48.0015 0196 ================ Scan MBR ==================================
20:12:48.0031 0196 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
20:12:48.0265 0196 \Device\Harddisk0\DR0 - ok
20:12:48.0265 0196 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
20:12:48.0484 0196 \Device\Harddisk1\DR1 - ok
20:12:48.0484 0196 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR4
20:12:48.0921 0196 \Device\Harddisk2\DR4 - ok
20:12:48.0921 0196 ================ Scan VBR ==================================
20:12:48.0953 0196 [ 1D3234191EDA35F04DA960014B301FBD ] \Device\Harddisk0\DR0\Partition1
20:12:48.0953 0196 \Device\Harddisk0\DR0\Partition1 - ok
20:12:48.0968 0196 [ E31467C0EFC1F16F0F534139FE05475A ] \Device\Harddisk1\DR1\Partition1
20:12:48.0968 0196 \Device\Harddisk1\DR1\Partition1 - ok
20:12:48.0968 0196 [ BDBD4568258C1B2B359F6447A0D610B4 ] \Device\Harddisk2\DR4\Partition1
20:12:48.0968 0196 \Device\Harddisk2\DR4\Partition1 - ok
20:12:48.0968 0196 ============================================================
20:12:48.0968 0196 Scan finished
20:12:48.0968 0196 ============================================================
20:12:49.0078 2740 Detected object count: 9
20:12:49.0078 2740 Actual detected object count: 9
20:19:33.0687 2740 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:33.0687 2740 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:33.0687 2740 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:33.0687 2740 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:33.0703 2740 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:33.0703 2740 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:33.0703 2740 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:33.0703 2740 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:33.0703 2740 MAGIX StartUp Analyze Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:33.0703 2740 MAGIX StartUp Analyze Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:33.0703 2740 NBService ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:33.0703 2740 NBService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:33.0703 2740 Netzmanager Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:33.0703 2740 Netzmanager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:33.0718 2740 PCSUService ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:33.0718 2740 PCSUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:33.0718 2740 PEVSystemStart ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:33.0718 2740 PEVSystemStart ( UnsignedFile.Multi.Generic ) - User select action: Skip

schrauber · 31.05.2013, 19:25

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Dann poste mal bitte ein frisches OTL logfile

julihe · 31.05.2013, 20:18

Ahaaa!

So geht das also...

hier das OTL
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 31.05.2013 21:09:25 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\julia\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 45,18% Memory free
3,84 Gb Paging File | 2,86 Gb Available in Paging File | 74,38% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 59,96 Gb Free Space | 25,75% Space Free | Partition Type: NTFS
Drive D: | 825,94 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 149,04 Gb Total Space | 38,30 Gb Free Space | 25,70% Space Free | Partition Type: NTFS
 
Computer Name: JULE | User Name: julia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.05.29 08:25:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\julia\Eigene Dateien\Downloads\OTL.exe
PRC - [2013.05.22 21:10:46 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2013.05.07 13:37:26 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013.05.07 13:37:25 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\PROGRAM FILES\Programme\java\bin\jqs.exe
PRC - [2013.03.30 10:47:08 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.30 10:47:00 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.03.30 10:46:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Dropbox\bin\Dropbox.exe
PRC - [2013.03.12 07:32:50 | 000,253,816 | ---- | M] (Oracle Corporation) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2013.02.23 20:16:58 | 001,297,728 | ---- | M] (Spigot, Inc.) -- C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
PRC - [2013.02.23 17:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe
PRC - [2013.02.05 17:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012.11.30 04:06:58 | 001,263,512 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2012.11.29 17:06:12 | 001,926,496 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
PRC - [2012.11.29 17:06:10 | 001,723,744 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
PRC - [2012.06.20 13:18:08 | 001,568,976 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011.10.24 09:53:38 | 002,565,632 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
PRC - [2011.07.20 13:37:54 | 000,206,336 | ---- | M] () -- C:\Programme\PC Beschleunigen\PCSUService.exe
PRC - [2010.11.08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
PRC - [2010.09.06 09:11:32 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.31 15:01:38 | 000,159,744 | R--- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2006.11.16 20:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.11.16 19:58:32 | 000,884,736 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006.10.19 14:52:24 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.22 21:10:45 | 003,128,728 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2013.05.17 14:25:57 | 017,403,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b6efe2639cf6d0f305cf4cb8d0a34304\System.ServiceModel.ni.dll
MOD - [2013.05.17 14:25:37 | 001,071,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e8172ec65cbfc6cb540889acb30f44a7\System.IdentityModel.ni.dll
MOD - [2013.05.16 21:34:42 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll
MOD - [2013.03.02 10:21:22 | 000,397,704 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2013.02.14 01:44:56 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll
MOD - [2013.02.14 01:44:01 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dll
MOD - [2013.02.14 01:43:15 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll
MOD - [2013.02.14 01:39:46 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll
MOD - [2013.02.14 01:38:53 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013.02.14 01:35:26 | 005,457,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\edec0bc06ef52e1842953fd90020e190\System.Xml.ni.dll
MOD - [2013.02.14 01:35:07 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2012.11.30 04:07:48 | 000,100,248 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2012.11.30 04:06:58 | 001,263,512 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.20 13:37:54 | 000,206,336 | ---- | M] () -- C:\Programme\PC Beschleunigen\PCSUService.exe
MOD - [2010.11.08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
MOD - [2010.11.04 12:21:28 | 000,635,904 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MFL_U_VC9.DLL
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.09.05 16:42:10 | 000,638,976 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\PlayRIpl.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.05.22 21:10:46 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.15 08:02:29 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.07 13:37:26 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\PROGRAM FILES\Programme\java\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.03.30 10:47:08 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.30 10:46:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.23 17:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013.02.05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2013.01.14 13:13:40 | 001,008,984 | ---- | M] () [Auto | Stopped] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mikogo 4\M4-Service.exe -- (M4-Service)
SRV - [2012.11.29 17:06:10 | 001,723,744 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011.10.24 09:53:38 | 002,565,632 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service)
SRV - [2011.07.20 13:37:54 | 000,206,336 | ---- | M] () [Auto | Running] -- C:\Programme\PC Beschleunigen\PCSUService.exe -- (PCSUService)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.06.26 08:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart)
SRV - [2010.11.04 12:45:14 | 000,186,368 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe -- (MAGIX StartUp Analyze Service)
SRV - [2010.09.06 09:11:32 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.04.28 10:23:08 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.10.19 14:52:24 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PDNSp50.sys -- (PDNSp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PDNMp50.sys -- (PDNMp50)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Running] -- C:\DOKUME~1\julia\LOKALE~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\julia\LOKALE~1\Temp\catchme.sys -- (catchme)
DRV - [2013.05.28 20:25:22 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013.03.30 10:47:10 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.03.30 10:47:10 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.03.30 10:47:10 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.03.02 10:21:32 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.11.16 17:38:46 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.05.10 08:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010.09.16 17:02:33 | 000,035,040 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys -- (TelekomNM3)
DRV - [2010.09.06 09:11:32 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008.02.14 11:04:06 | 004,676,096 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.01.03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher={Publisher}&dpid={DownloadProvider}&co={CountryTwoLettersISO}&userid={InstallationHashID}&affid={affid}&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=hp&exp=true
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=ds&q={searchTerms}
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\7.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=8cf66f9e-a7b3-484e-abd6-34e597f69a5e&searchtype=ds&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
IE - HKCU\..\SearchScopes\{1E2ECAF3-66E0-4385-A499-AB68B500433A}: "URL" = hxxp://de.search.yahoo.com/search?ei=utf-8&fr=chr-greentree_ie&type=971163&ilc=12&p={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes\{F7D9008E-FD82-417F-96C2-7D60B52B9B48}: "URL" = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
IE - HKCU\..\SearchScopes\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}: "URL" = hxxp://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=de&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com Search"
FF - prefs.js..browser.search.defaultenginename: "Ask.com Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com/webhp?hl=de&tab=Xw"
FF - prefs.js..extensions.enabledAddons: save-as-pdf-ff%40pdfcrowd.com:1.5
FF - prefs.js..extensions.enabledAddons: %7B872b5b88-9db5-4310-bdd0-ac189557e5f5%7D:3.18.0.7
FF - prefs.js..extensions.enabledAddons: printPages2Pdf%40reinhold.ripper:0.1.9.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\PROGRAM FILES\Programme\java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Programme\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\opencandy.com/Ignite: C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Ignite\npOCDM.1.1.4.0.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.02.10 12:48:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\ff\ [2013.03.01 16:58:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.05.22 21:10:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.05.28 20:43:46 | 000,000,000 | ---D | M]
 
[2009.03.02 09:41:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Extensions
[2013.05.28 21:01:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions
[2013.02.12 08:01:11 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.05.28 12:49:16 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\engine@conduit.com
[2013.03.29 16:25:43 | 000,000,000 | ---D | M] (Print pages to PDF) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\printPages2Pdf@reinhold.ripper
[2012.11.04 19:29:14 | 000,057,194 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\save-as-pdf-ff@pdfcrowd.com.xpi
[2012.12.15 14:39:42 | 000,036,139 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.05.28 21:01:03 | 000,870,680 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.14 13:48:53 | 000,002,306 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\searchplugins\askcomsearch.xml
[2010.06.29 10:18:14 | 000,000,873 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\searchplugins\conduit.xml
[2012.06.27 08:23:57 | 000,015,693 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mozilla\Firefox\Profiles\niq33j4c.default\searchplugins\Web Search.xml
[2013.05.22 21:10:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.22 21:10:48 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U18 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Move Networks\plugins\071803000001\npqmp071803000001.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Programme\Panda Security\ActiveScan 2.0\npwrapper.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programme\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.24169_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2002.12.31 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\PROGRAM FILES\Programme\java\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\7.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\PROGRAM FILES\Programme\java\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\7.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [GEST] m’|\ü File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SearchSettings] C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\julia\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7D46865-2141-454F-82C8-CD80D9C5D3EE}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - file:///C:/DOKUME~1/julia/LOKALE~1/Temp/msohtml1/01/clip_image001.jpg
O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.02.28 17:08:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005.11.17 19:19:46 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.31 17:30:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Desktop\RK_Quarantine
[2013.05.31 16:37:49 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.05.30 20:13:06 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013.05.30 19:48:54 | 000,000,000 | --SD | C] -- C:\NoMbr.exe
[2013.05.30 19:47:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.30 19:36:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Malwarebytes
[2013.05.30 19:31:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.05.30 19:31:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013.05.30 19:31:17 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.05.30 19:31:17 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.05.30 09:28:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Live Add-in
[2013.05.30 09:28:17 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2013.05.29 10:23:48 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.05.29 10:19:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.05.29 10:19:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.05.29 10:19:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.05.29 10:19:40 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.05.29 10:18:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.05.29 09:02:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013.05.28 20:29:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HitmanPro
[2013.05.24 11:27:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Desktop\Neuer Ordner
[2013.05.23 23:12:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\dm-Fotowelt
[2013.05.23 22:55:51 | 000,000,000 | ---D | C] -- C:\Programme\dm
[2013.05.23 22:51:57 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2013.05.23 19:57:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Desktop\LONDON
[2013.05.22 21:41:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Eigene Dateien\PCSpeedUp
[2013.05.22 21:40:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Eigene Dateien\MAGIX_MxTray
[2013.05.22 21:35:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Eigene Dateien\OnDemandDump
[2013.05.22 21:35:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\julia\Eigene Dateien\CrashLog
[2013.05.22 21:34:42 | 000,000,000 | ---D | C] -- C:\Programme\MAGIX
[2013.05.22 21:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAGIX
[2013.05.22 21:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2013.05.22 21:10:34 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[37 C:\Dokumente und Einstellungen\julia\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\julia\Desktop\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.31 21:13:00 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013.05.31 21:02:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.31 20:52:33 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.31 20:52:33 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\PCCT - MAGIX AG.job
[2013.05.31 20:52:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.31 19:50:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.31 17:30:15 | 000,816,128 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Desktop\RogueKiller_8.5.4.exe
[2013.05.30 19:31:20 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.29 22:10:49 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.05.29 10:23:54 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.05.29 08:36:24 | 000,002,495 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\Desktop\Microsoft Word.lnk
[2013.05.29 08:23:53 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\julia\defogger_reenable
[2013.05.28 20:43:47 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2013.05.28 20:25:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.23 23:12:20 | 000,000,766 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CEWE FOTOSCHAU.lnk
[2013.05.23 23:12:20 | 000,000,751 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\dm-Fotowelt.lnk
[2013.05.23 10:14:26 | 000,000,432 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2013.05.23 08:09:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.05.22 21:35:06 | 000,000,782 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2013.05.17 14:17:17 | 001,610,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.05.16 21:34:16 | 000,535,028 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.05.16 21:34:16 | 000,508,616 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.05.16 21:34:16 | 000,108,786 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.05.16 21:34:16 | 000,090,202 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.05.16 21:28:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.05.07 21:21:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2013.05.07 21:21:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[37 C:\Dokumente und Einstellungen\julia\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\julia\Desktop\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.05.31 17:30:14 | 000,816,128 | ---- | C] () -- C:\Dokumente und Einstellungen\julia\Desktop\RogueKiller_8.5.4.exe
[2013.05.30 19:31:20 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.29 10:23:54 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013.05.29 10:23:52 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013.05.29 10:19:40 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.05.29 10:19:40 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.05.29 10:19:40 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.05.29 10:19:40 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.05.29 10:19:40 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.05.29 08:23:53 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\julia\defogger_reenable
[2013.05.28 20:43:47 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2013.05.28 20:43:46 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk
[2013.05.23 23:12:20 | 000,000,766 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CEWE FOTOSCHAU.lnk
[2013.05.23 23:12:20 | 000,000,751 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\dm-Fotowelt.lnk
[2013.05.22 21:35:10 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\PCCT - MAGIX AG.job
[2013.05.22 21:35:06 | 000,000,782 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2013.05.07 21:21:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2013.05.07 21:21:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.12.01 11:45:39 | 000,010,455 | ---- | C] () -- C:\Dokumente und Einstellungen\julia\JuliHe_elster_2048.pfx
[2012.10.20 19:08:28 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll
[2012.02.15 20:39:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.31 18:15:42 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012.01.31 18:15:42 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012.01.31 18:15:42 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012.01.31 18:15:42 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012.01.02 13:40:40 | 000,043,684 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.10.03 18:33:15 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.08.21 22:37:19 | 001,376,818 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1229272821-1979792683-839522115-1003-0.dat
[2011.08.21 22:37:18 | 000,344,410 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011.08.21 10:21:22 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.08.21 10:21:22 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.04.11 19:02:43 | 000,004,343 | ---- | C] () -- C:\Dokumente und Einstellungen\julia\default.pls
[2009.05.13 12:44:27 | 000,026,624 | ---- | C] () -- C:\Dokumente und Einstellungen\julia\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2012.05.26 09:34:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.08.02 17:48:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ask
[2012.11.03 15:33:06 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2013.01.08 09:15:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2013.05.28 20:57:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HitmanPro
[2013.05.22 21:34:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2012.05.26 09:44:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Netzmanager
[2012.09.18 09:28:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2009.03.02 18:19:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2012.11.03 15:34:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2011.08.10 19:27:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012.11.03 15:33:06 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.05.26 09:44:58 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{DD034EDF-8A92-4F84-A64A-26BF9B7AE354}
[2012.11.04 20:20:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\7-PDFSplitMerge
[2012.09.06 07:26:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\7-PDFWebsiteConverter
[2009.04.10 14:55:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Alien Skin
[2012.07.29 10:44:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\AskToolbar
[2012.11.03 09:15:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\BOM
[2013.05.31 20:54:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Dropbox
[2013.03.01 16:58:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\DVDVideoSoft
[2013.03.01 16:58:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\DVDVideoSoftIEHelpers
[2013.01.08 09:16:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\elsterformular
[2013.02.10 12:52:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Ignite
[2013.03.26 11:28:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\LibreOffice
[2013.03.26 11:01:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Mikogo 4
[2013.03.01 16:58:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\OpenCandy
[2012.08.02 17:47:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Oracle
[2011.10.03 18:33:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\pdfforge
[2012.08.18 10:17:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\PriceGong
[2012.01.11 00:48:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\SaalDesignSoftware
[2012.03.25 13:22:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Samsung
[2012.05.27 10:48:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\ScanSoft
[2013.03.06 21:49:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Search Settings
[2012.06.17 12:00:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Softland
[2011.02.04 12:46:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Telefónica
[2012.11.03 15:34:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\TuneUp Software
[2013.02.10 12:54:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\TuneUpMedia
[2013.05.19 22:50:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\julia\Anwendungsdaten\Zucy
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

Viele Grüße
Julia

29.05.2013, 19:05	#4
schrauber /// the machine /// TB-Ausbilder	ZeuS/ZBot Warnung, aber bisher kein Fund Schau mal unter C:\Combofix.txt oder ob es einen Ordner gibt C:\Qoobox. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

29.05.2013, 21:31	#6
schrauber /// the machine /// TB-Ausbilder	ZeuS/ZBot Warnung, aber bisher kein Fund Hossa Julia dann bitte wie folgt: Combofix löschen, neu laden, umbenennen in NoMbr.exe und laufen lassen. __________________ --> ZeuS/ZBot Warnung, aber bisher kein Fund

30.05.2013, 17:21	#8
schrauber /// the machine /// TB-Ausbilder	ZeuS/ZBot Warnung, aber bisher kein Fund Nee. Schau mal ob du jetzt C:\Combofix.txt findest. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

ZeuS/ZBot Warnung, aber bisher kein Fund

Log-Analyse und Auswertung: ZeuS/ZBot Warnung, aber bisher kein Fund