Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   habe mir evtl. Trojaner eingefangen (https://www.trojaner-board.de/114644-habe-mir-evtl-trojaner-eingefangen.html)

annascott10 03.05.2012 18:58
habe mir evtl. Trojaner eingefangen
 
Zugegeben, ich habe einen Anhang einer nicht sauberen Mail geöffnet. Der Text lautete ca. so: "wir freuen uns, dass Sie sich für das upgrade .... entschieden haben.... Die genauen Informationen zur Kündigungsfrist erfahren Sie in den Rechnung im Anhang...".
Die Mail habe ich mittlerweile gelöscht. Ich habe aber schon bedenken, dass ich mir einen Trojaner o. ä. eingefangen habe. Anzeichen dafür kann ich aber (noch) nicht feststellen.
Ich habe gem. der Anleitung auf Eurer Homepage Malwarebytes ausgeführt und auch gem. Punkt 3 defrogger und GMER ausgeführt. Die Ergebnisse sind im Anhang.
Ich wäre sehr dankbar, wenn Ihr mir helfen würdet, mein Notebook zu checken und mir sagt, falls dieses befallen ist, wie ich nun weiter vorgehen muss - ich habe davon gar keine Ahnung.

Vielen Dank für Eurer Engagement,
annascott10

cosinus 04.05.2012 11:27
Zitat:
Die Mail habe ich mittlerweile gelöscht.
Ohne den Anhang auszuführen bzw. zu öffnen?

annascott10 04.05.2012 18:25
Doch, ich hatte den erst Anhang geöffnet. Dort war ein Textfile mit dem Hinweis, dass der Anhang gelöscht ist, zu finden.

cosinus 04.05.2012 19:19
Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

annascott10 08.05.2012 19:03
Hallo, vielen Dank für die Hilfe bislang. Ich habe nun den Vollscan von Malwarebytes durchgeführt - Logfile ist im Anhang zu finden und auch den Scan mit ESET ausgeführt. Hier das log:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=b7e3546f2a73cf4cb9e0c8057ad41125
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-05 01:47:13
# local_time=2012-05-05 03:47:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 10599610 173753405 0 0
# compatibility_mode=8192 67108863 100 0 1252 1252 0 0
# scanned=143826
# found=14
# cleaned=0
# scan_time=4956
C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL        Win32/Toolbar.AskSBar application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL        Win32/Toolbar.AskSBar application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL        Win32/Toolbar.MyWebSearch application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll        a variant of Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe        probably a variant of Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\christiane\AppData\Local\Temp\303B098D-BAB0-7891-AF4C-2A1CE172B86D\MyBabylonTB.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\christiane\AppData\Local\Temp\48FC9CBE-BAB0-7891-A2F4-2F5ECE51165B\MyBabylonTB.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\christiane\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\christiane\AppData\Local\Temp\InstallShare6929\bab_setup.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\christiane\AppData\Local\Temp\InstallShare9900\bab_setup.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
${Memory}        Win32/Toolbar.MyWebSearch application        00000000000000000000000000000000        I
Was muss ich nun als nächstes tun, um mein Notebook wieder sauber zu bekommen ?

Viele Grüße,
annascott10

cosinus 11.05.2012 08:55
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

annascott10 11.05.2012 15:56
Nein, im Startmenü vermisse ich nichts, es sind auch keine leeren Ordner vorhanden. Der PC funktioniert uneingeschränkt, ich kann keine Verzögerungen, Fehler oder sonstiges feststellen.

viele Grüße
annascott10

cosinus 11.05.2012 20:20
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

annascott10 12.05.2012 07:34
Hallo, hier das log aus OTL:
OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 12.05.2012 08:13:29 - Run 1
OTL by OldTimer - Version 3.2.42.3    Folder = C:\Users\christiane\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19222)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 63,07% Memory free
4,23 Gb Paging File | 3,46 Gb Available in Paging File | 81,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,96 Gb Total Space | 59,20 Gb Free Space | 43,22% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,83 Gb Free Space | 58,30% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: christiane | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3185368E-4405-4EAA-B2E9-F53797BC1B27}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{36AA5DFF-6184-4B8E-8D61-E184E754FD46}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{87BC782A-E7B3-4E36-8B6A-21EBD7B9208C}" = rport=2869 | protocol=6 | dir=out | app=system |
"{89F78D66-9BCD-44AA-93BA-72B2A7BB38F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8D4B297F-6160-4DB6-A7AD-7BE8009EAD86}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{9006FBE9-2889-48DE-8AA7-C20A1E5C82AA}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{93D11A58-A915-4057-AD15-31EA68096765}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C53E0AB7-5F75-42BF-92AC-B385642D1FBE}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D6ECF2D3-561E-483B-B2E3-E279AF8852DF}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D779662D-5749-41C8-BB41-BE57A43E082D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0070C48F-3B68-4B0B-B5AE-DB48C09ED3DB}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{04078E54-27F3-46A1-87E6-D9C505FBC031}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0578C329-E90A-4C42-BF40-C5F667BA1072}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1D6DD9BB-2424-4EF1-87CE-173B94904982}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{35B5052C-8E3F-4456-8122-BCA5D208A27D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{3DFD25B6-C22C-43E4-B772-949F3114E501}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{4BFC8CDC-A410-42C0-85B3-CCDD8D29CB6E}" = protocol=17 | dir=in | app=c:\program files\lexmark 1300 series\lxdcamon.exe |
"{6A0EE4F3-C568-46DD-A872-1C2D9799A579}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{898C581D-3B50-44F9-871E-FFB277582E3B}" = protocol=17 | dir=in | app=c:\program files\lexmark 1300 series\app4r.exe |
"{A4A23AF7-27EC-4C11-A762-48B684B1E1CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AC0C4A9F-F28E-4348-BFD1-93721D6C6081}" = protocol=6 | dir=in | app=c:\program files\lexmark 1300 series\app4r.exe |
"{AF51538F-4ECE-411D-87C9-7A57D55EE61F}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{B7754E91-B14A-4CE3-BBDF-884B31FD74CF}" = protocol=6 | dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{B82AC289-4DE8-48CF-8E71-8FE37457CE1B}" = protocol=6 | dir=in | app=c:\program files\lexmark 1300 series\lxdcamon.exe |
"{BC19BD40-1D71-43BA-B134-1736BBFA45C2}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{C096CEE5-8801-4957-BC1D-102A95EB1F7F}" = protocol=17 | dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{C15BB5B7-F76F-4BDF-86B9-EBB19EB827BB}" = protocol=6 | dir=in | app=c:\windows\system32\lxdccoms.exe |
"{DB374C32-7AF2-45E0-BDEA-1D6A7EB9C101}" = protocol=17 | dir=in | app=c:\windows\system32\lxdccoms.exe |
"{EB507D65-E324-4F4F-9FE8-052C984416BB}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{F44E5F23-387D-4175-BF1D-C2E6C454AA1D}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FDBD8338-E11C-436B-81F4-84E270AF6329}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"TCP Query User{B4857625-3CD3-4CB8-A8ED-1312A1345AB0}C:\program files\nero\nero8\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero8\nero home\nerohome.exe |
"UDP Query User{7AF09ECC-5617-4DB3-89BA-897D40CB0452}C:\program files\nero\nero8\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero8\nero home\nerohome.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05BCCA33-61E7-5FFD-2661-77E4E09F6960}" = CCC Help German
"{080CA2CA-AF4E-402A-B10F-20A82D9DCCFA}" = WISO Haushaltsbuch 2011
"{0E57595A-1716-772F-7D63-F3C103F1F91F}" = Catalyst Control Center Graphics Previews Vista
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}" = Brother MFL-Pro Suite MFC-J6510DW
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{251FA85A-AA1A-40D7-8110-4AA7797CC96C}" = Brother HL-5240
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 29
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2B11BA9C-7F97-4C16-970F-1491FD77969B}_is1" = GutscheinRausch.de - AddOn für Firefox
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{364687E1-D0CC-4B91-B310-6C5ED28C1031}" = Nero 8
"{38BEAE84-C96E-9909-FAB7-09F4965BC1CA}" = ccc-core-static
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F5A53E6-3CBE-44D7-91AD-2E535348484F}" = ccc-Branding
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{520C1D80-935C-42B9-9340-E883849D804F}_is1" = DriverTuner 3.0.1.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = Benutzerhandbuch
"{5CF6F512-2B1E-4293-BE5A-358FFE647E94}" = Catalyst Control Center Graphics Full New
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{65B2875E-2D94-E907-C0C6-FB9A1FC2160E}" = Catalyst Control Center Graphics Light
"{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}" = Microsoft IntelliPoint 7.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AAC9EC1-79B8-E67C-0A6C-0DA06048A6EF}" = Catalyst Control Center Graphics Full Existing
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85302BFB-5198-CE39-D87E-813BBA60B497}" = Catalyst Control Center Core Implementation
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{975F9216-2EDB-4D81-814D-6D00AC68DC85}" = MP3 Player
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A06F5ACB-AF59-4DC0-B22E-1F6F47FC7004}" = Microsoft Reader Text-to-Speech deutsch
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A945BD16-4774-4A1F-96A7-118BEC004881}" = mCorev32.ism_new
"{AA095606-7801-BB46-894A-8871BCDBACFB}" = ccc-utility
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AFD25854-438C-D36D-6495-4DC03492AFE9}" = Skins
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{BBD04134-8CAB-C8FD-2C1C-D099B3FA8BB8}" = Fiat eco:Drive
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D5EE9880-8165-B586-CC43-C4E8EA577C96}" = Catalyst Control Center Localization German
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F32ED8B1-2442-4B0E-8DEC-3F3BFC1C2B7F}" = mCPlug
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem-Diagnose-Tool
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD023F61-65E9-465C-B558-7C64EB2B97E6}" = Assistant zum Anpassen des Dell-Systems
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
"3D Garten Designer 9_is1" = DATA BECKER 3D Garten Designer 9
"3DJongg" = 3DJongg
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"AskTBar Uninstall" = Ask Toolbar
"BabylonToolbar" = Babylon toolbar on IE
"BudRedhead" = BudRedhead
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.fiat.convergence.385E4263E7379A5D22A7076E99B02868EFF10711.1" = Fiat eco:Drive
"ESET Online Scanner" = ESET Online Scanner v3
"FormatFactory" = FormatFactory 2.70
"Freeware.de Toolbar" = Freeware.de Toolbar
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotel_is1" = Hotel
"HP-LaserJet 1018" = LaserJet 1018
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Lexmark 1300 Series" = Lexmark 1300 Series
"LucasArts' Der Turm von Babel" = LucasArts' Der Turm von Babel
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Megamind" = Megamind
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"Mozilla Thunderbird 10.0.2 (x86 de)" = Mozilla Thunderbird 10.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"NeoBall" = NeoBall
"PercussionStudio3" = PercussionStudio3
"PhotoStitch" = Canon Utilities PhotoStitch
"Pivot Stickfigure Animator_is1" = Pivot Stickfigure Animator version 2.2.6
"Pivot Stickfigure DB Toolbar" = Pivot Stickfigure DB Toolbar
"ProInst" = Intel(R) PROSet/Wireless Software
"Protect Disc License Helper" = Protect Disc License Helper 1.0.118
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Soccerstars" = Soccerstars
"Softonic_Deutsch_FF Toolbar" = Softonic Deutsch FF Toolbar
"SuperSoli" = SuperSoli
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"WISO Haushaltsbuch 2011" = WISO Haushaltsbuch 2011
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 21.04.2012 07:41:42 | Computer Name = notebook | Source = Brother BrLog | ID = 1001
Description = WIA BrtWIA: [2012/04/21 13:41:42.807]: [00003144]: Unlinking WIA item
 tree 
 
Error - 21.04.2012 07:41:42 | Computer Name = notebook | Source = Brother BrLog | ID = 1001
Description = WIA BrtWIA: [2012/04/21 13:41:42.807]: [00003144]: Releasing IDrvItemRoot
 interface 
 
Error - 21.04.2012 10:57:24 | Computer Name = notebook | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 3.3.3.0, Zeitstempel
 0x47c6bd1b, fehlerhaftes Modul MSVCR80.dll, Version 8.0.50727.6195, Zeitstempel
 0x4dcddbf3, Ausnahmecode 0xc0000409, Fehleroffset 0x0000bde7,  Prozess-ID 0x9f8,
Anwendungsstartzeit 01cd1fcf08a2051b.
 
Error - 21.04.2012 14:34:00 | Computer Name = notebook | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 3.3.3.0, Zeitstempel
 0x47c6bd1b, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
 Ausnahmecode 0xc0000005, Fehleroffset 0x0c0c0c0c,  Prozess-ID 0x8e8, Anwendungsstartzeit
 01cd1fed3afe6fc9.
 
Error - 24.04.2012 03:22:33 | Computer Name = notebook | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 3.3.3.0, Zeitstempel
 0x47c6bd1b, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
 Ausnahmecode 0xc0000005, Fehleroffset 0x27132713,  Prozess-ID 0x954, Anwendungsstartzeit
 01cd21ead1f19ebe.
 
Error - 24.04.2012 03:28:04 | Computer Name = notebook | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung spoolsv.exe, Version 6.0.6002.18294, Zeitstempel
 0x4c6a9898, fehlerhaftes Modul lxdccomc.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x45a50aec, Ausnahmecode 0xc0000005, Fehleroffset 0x65064150,  Prozess-ID 0xcc, Anwendungsstartzeit
 01cd21eacabcd51e.
 
Error - 29.04.2012 14:06:39 | Computer Name = notebook | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 3.3.3.0, Zeitstempel
 0x47c6bd1b, fehlerhaftes Modul NMIndexStoreSvr.exe, Version 3.3.3.0, Zeitstempel
 0x47c6bd1b, Ausnahmecode 0xc0000005, Fehleroffset 0x000c463c,  Prozess-ID 0x8e8,
Anwendungsstartzeit 01cd2632c8058bb6.
 
Error - 01.05.2012 09:32:57 | Computer Name = notebook | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 3.3.3.0, Zeitstempel
 0x47c6bd1b, fehlerhaftes Modul NMIndexStoreSvr.exe, Version 3.3.3.0, Zeitstempel
 0x47c6bd1b, Ausnahmecode 0xc0000005, Fehleroffset 0x000c463c,  Prozess-ID 0x8bc,
Anwendungsstartzeit 01cd279ee28361b0.
 
Error - 01.05.2012 12:42:31 | Computer Name = notebook | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 3.3.3.0, Zeitstempel
 0x47c6bd1b, fehlerhaftes Modul NMIndexStoreSvr.exe, Version 3.3.3.0, Zeitstempel
 0x47c6bd1b, Ausnahmecode 0xc0000005, Fehleroffset 0x000c463c,  Prozess-ID 0x940,
Anwendungsstartzeit 01cd27b9629da2c0.
 
Error - 03.05.2012 13:22:44 | Computer Name = notebook | Source = Perflib | ID = 1010
Description =
 
[ System Events ]
Error - 11.05.2012 14:48:05 | Computer Name = notebook | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 11.05.2012 14:48:55 | Computer Name = notebook | Source = DCOM | ID = 10010
Description =
 
Error - 11.05.2012 14:50:50 | Computer Name = notebook | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 192.168.2.20 deaktiviert,
da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
 die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
 IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
 dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
 
Error - 11.05.2012 14:50:49 | Computer Name = notebook | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description =
 
Error - 11.05.2012 14:50:49 | Computer Name = notebook | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =
 
Error - 11.05.2012 14:50:54 | Computer Name = notebook | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 11.05.2012 14:55:52 | Computer Name = notebook | Source = DCOM | ID = 10010
Description =
 
Error - 12.05.2012 01:53:45 | Computer Name = notebook | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =
 
Error - 12.05.2012 01:53:48 | Computer Name = notebook | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 12.05.2012 01:53:48 | Computer Name = notebook | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
 
 
< End of report >
--- --- ---


viele Grüße
annascott10

cosinus 12.05.2012 20:18
Das ist nur Extras-Log, wichtiger wäre das Log OTL.txt

annascott10 12.05.2012 21:22
oh, bitte um Entschuldigung, hier das Log.txt:

OTL Logfile:
Code:
OTL logfile created on: 12.05.2012 08:13:29 - Run 1
OTL by OldTimer - Version 3.2.42.3    Folder = C:\Users\christiane\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19222)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 63,07% Memory free
4,23 Gb Paging File | 3,46 Gb Available in Paging File | 81,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,96 Gb Total Space | 59,20 Gb Free Space | 43,22% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,83 Gb Free Space | 58,30% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: christiane | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.12 08:09:51 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\christiane\Desktop\OTL.exe
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\MsMpEng.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.08 03:33:34 | 000,021,392 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011.12.08 03:33:26 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.04.20 18:58:02 | 001,204,224 | ---- | M] (Brother Industries, Ltd.) -- C:\Programme\ControlCenter4\BrCcUxSys.exe
PRC - [2011.04.20 18:53:10 | 000,335,872 | ---- | M] (Brother Industries, Ltd.) -- C:\Programme\ControlCenter4\BrCtrlCntr.exe
PRC - [2011.03.28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2009.11.11 17:20:04 | 001,468,256 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.07 09:39:44 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009.01.08 17:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.03.10 09:58:18 | 000,130,560 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.02.28 18:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008.02.22 09:11:02 | 000,120,320 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.01.18 23:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.18 23:33:40 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.09.13 14:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007.02.13 01:56:38 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxdccoms.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.14 10:18:21 | 018,019,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\95e261d2660c662aab4306168001f3e7\PresentationFramework.ni.dll
MOD - [2012.04.14 10:18:00 | 011,469,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\2a1d0ebdb3810bb2926aea930567a3ef\PresentationCore.ni.dll
MOD - [2012.04.14 10:17:54 | 013,197,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\bf4d4ad3e86281bc3924d74f4e716322\System.Windows.Forms.ni.dll
MOD - [2012.04.14 10:17:45 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\876000568ee47aa4407f0931161adf59\WindowsBase.ni.dll
MOD - [2012.04.14 10:17:40 | 001,665,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ab9feeb2817859457fc06c4c06f32fe1\System.Drawing.ni.dll
MOD - [2012.04.03 10:52:11 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\45f56e5749f43eeb24b2094fd761a9d3\System.Management.ni.dll
MOD - [2012.04.03 10:50:09 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\b8f323bbcb35543dd68e9dbdd1abe69b\System.Runtime.Remoting.ni.dll
MOD - [2012.04.03 10:49:57 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a6529c9ffc0303d1eee4282d18c7d7f3\System.Xaml.ni.dll
MOD - [2012.03.31 18:32:33 | 000,311,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ef962b32a187e01f68119920fd143b62\PresentationFramework.Classic.ni.dll
MOD - [2012.03.31 18:32:03 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9bf91363906fc418ea34b30d7bf825b9\System.Core.ni.dll
MOD - [2012.03.31 18:32:03 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\da0fc8ce9b2fb592b7d8065481ef5d42\System.Xml.ni.dll
MOD - [2012.03.31 18:31:53 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\26430b84dfd15f788b0e39dce71ef5d1\System.ni.dll
MOD - [2012.03.31 18:31:45 | 014,414,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\fe6b346d83857a3f02bda63332e66642\mscorlib.ni.dll
MOD - [2011.12.28 15:47:44 | 000,115,137 | ---- | M] () -- C:\Users\christiane\AppData\Local\Temp\35a21c59-6cef-4901-a8d6-b682815a126d\CliSecureRT.dll
MOD - [2011.12.08 03:33:34 | 000,021,392 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011.05.28 23:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Programme\Brother\BrUtilities\BrLogAPI.dll
MOD - [2007.03.14 21:54:58 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2012.04.28 21:55:10 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.04.01 12:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2009.04.07 09:39:44 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.01.08 17:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.18 23:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.09.13 14:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007.02.13 01:56:38 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdccoms.exe -- (lxdc_device)
SRV - [2006.11.07 14:27:02 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.11.08 17:25:00 | 000,647,242 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.05.12 07:53:28 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F80ADBA7-B532-4072-9E70-AA73E2F41250}\MpKsld8a86adc.sys -- (MpKsld8a86adc)
DRV - [2012.03.20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.10.27 03:25:54 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2011.10.27 03:25:54 | 000,078,136 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2010.02.24 12:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2009.11.11 17:20:44 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2009.04.10 21:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009.04.07 09:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2007.09.26 08:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.09.13 14:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007.03.14 22:04:28 | 002,427,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007.03.14 22:04:28 | 002,427,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2006.11.21 04:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006.11.20 21:13:58 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.11.20 21:13:58 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006.11.20 21:13:56 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006.11.12 01:10:40 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006.11.02 09:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006.10.30 19:42:28 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006.10.05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Programme\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006.08.17 16:43:52 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Programme\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=6070328
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/pivotstickfigure/{322D003F-CBD3-476F-BFEB-91CCF64D82DD}
IE - HKLM\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DADE
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2736476
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Programme\Pivot Stickfigure DB Toolbar\tbhelper.dll ()
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109958&babsrc=SP_ss&mntrId=466fc1dd0000000000000019d2afcf67
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DADE
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://www.bigseekpro.com/search/browser/pivotstickfigure/{322D003F-CBD3-476F-BFEB-91CCF64D82DD}?q={searchTerms}
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {8A6C82A1-F6C9-481a-AAE7-C96444C9A754}:5.1.1
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.4
FF - prefs.js..extensions.enabledItems: secureLogin@blueimp.net:0.9.7
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?AF=109958&babsrc=adbartrp&mntrId=466fc1dd0000000000000019d2afcf67&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Program Files\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.28 21:55:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.14 10:03:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.04.29 12:28:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mail@gutscheinrausch.de: C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\targzzk9.default\extensions\mail@gutscheinrausch.de [2011.11.12 20:44:13 | 000,000,000 | ---D | M]
 
[2011.03.03 12:27:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\christiane\AppData\Roaming\mozilla\Extensions
[2011.03.03 12:27:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\christiane\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.05.03 18:33:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions
[2011.09.12 15:29:40 | 000,000,000 | ---D | M] (Pivot Stickfigure DB Toolbar) -- C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2012.05.01 15:41:48 | 000,000,000 | ---D | M] (Freeware.de Community Toolbar) -- C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}
[2012.04.25 09:29:33 | 000,000,000 | ---D | M] (ST Deutsch FF Community Toolbar) -- C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
[2010.06.04 20:53:16 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2011.11.12 20:44:13 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\mail@gutscheinrausch.de
[2011.09.12 19:39:29 | 000,002,390 | ---- | M] () -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\targzzk9.default\searchplugins\search.xml
[2012.01.04 12:56:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.03.24 20:24:06 | 000,120,021 | ---- | M] () (No name found) -- C:\USERS\CHRISTIANE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TARGZZK9.DEFAULT\EXTENSIONS\{8A6C82A1-F6C9-481A-AAE7-C96444C9A754}.XPI
[2011.10.30 22:13:09 | 000,083,513 | ---- | M] () (No name found) -- C:\USERS\CHRISTIANE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TARGZZK9.DEFAULT\EXTENSIONS\SECURELOGIN@BLUEIMP.NET.XPI
[2012.04.28 21:55:10 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008.02.22 17:24:06 | 000,095,832 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPPDLicenseHelper.dll
[2012.02.29 17:16:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.05.01 19:57:26 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.02.29 17:16:37 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.29 17:16:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.29 17:16:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.29 17:16:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.29 17:16:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll (Conduit Ltd.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programme\Pivot Stickfigure DB Toolbar\tbcore3.dll ()
O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKLM\..\Toolbar: (Pivot Stickfigure DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programme\Pivot Stickfigure DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files\Softonic_Deutsch_FF\prxtbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\Toolbar\WebBrowser: (Pivot Stickfigure DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programme\Pivot Stickfigure DB Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\Toolbar\WebBrowser: (Freeware.de Toolbar) - {7E111A5C-3D11-4F56-9463-5310C3C69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\Toolbar\WebBrowser: (Softonic Deutsch FF Toolbar) - {9D81AF43-DE53-48D0-A199-42C2A226B24C} - C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000..\Run: []  File not found
O4 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74180B9D-4325-4375-B124-6754C804FE10}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF72832B-A5A7-4B75-BA07-02441BA8F9C5}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img30.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img30.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk - C:\Programme\Digital Line Detect\DLG.exe - (Avanquest Software )
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^w98Eject.lnk - C:\Windows\system\w98eject.exe - (Sigmatel)
MsConfig - StartUpFolder: C:^Users^christiane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CCC.lnk - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - (ATI Technologies Inc.)
MsConfig - StartUpFolder: C:^Users^christiane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: Corel Photo Downloader - hkey= - key= -  File not found
MsConfig - StartUpReg: DellSupport - hkey= - key= - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
MsConfig - StartUpReg: lxdcamon - hkey= - key= - C:\Program Files\Lexmark 1300 Series\lxdcamon.exe (Lexmark)
MsConfig - StartUpReg: LXDCCATS - hkey= - key= -  File not found
MsConfig - StartUpReg: lxdcmon.exe - hkey= - key= -  File not found
MsConfig - StartUpReg: PCMService - hkey= - key= - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
MsConfig - StartUpReg: SigmatelSysTrayApp - hkey= - key= -  File not found
MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
MsConfig - StartUpReg: Windows Defender - hkey= - key= -  File not found
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {05466845-FF44-4671-92C1-A5FD0F9EEE1C} - Microsoft Reader
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.12 08:09:49 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\christiane\Desktop\OTL.exe
[2012.05.05 14:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.05.05 09:43:59 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2012.05.03 18:36:40 | 000,000,000 | ---D | C] -- C:\Users\christiane\AppData\Roaming\Malwarebytes
[2012.05.03 18:36:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.03 18:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.03 18:36:28 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.05.03 18:36:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.05.01 20:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.05.01 19:50:15 | 000,000,000 | ---D | C] -- C:\Users\christiane\AppData\Local\InstallShare
[2012.05.01 19:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012.05.01 19:02:24 | 000,000,000 | ---D | C] -- C:\Users\christiane\AppData\Local\Babylon
[2012.05.01 19:02:22 | 000,000,000 | ---D | C] -- C:\Users\christiane\AppData\Roaming\Babylon
[2012.05.01 19:02:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.04.28 21:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.04.28 21:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.04.21 17:40:00 | 000,000,000 | ---D | C] -- C:\Users\christiane\Pictures\Documents\Nero Home
[2012.04.21 16:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.12 08:09:51 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\christiane\Desktop\OTL.exe
[2012.05.12 07:52:47 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.12 07:52:47 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.12 07:52:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.12 07:52:35 | 2145,849,344 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.11 16:48:12 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{55B7EC2A-7BCD-4545-840D-5D7C2EAA37B6}.job
[2012.05.05 09:44:04 | 000,000,662 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.05.04 19:50:53 | 000,640,848 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.04 19:50:53 | 000,606,424 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.04 19:50:53 | 000,131,668 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.04 19:50:53 | 000,108,760 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.03 19:06:22 | 000,000,000 | ---- | M] () -- C:\Users\christiane\defogger_reenable
[2012.05.01 19:57:29 | 000,000,474 | ---- | M] () -- C:\user.js
[2012.04.30 09:19:49 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.04.21 17:01:33 | 000,001,024 | ---- | M] () -- C:\Users\christiane\.rnd
[2012.04.21 16:52:28 | 000,002,542 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2012.04.21 16:52:28 | 000,002,422 | ---- | M] () -- C:\Users\Public\Desktop\Nero Home.lnk
[2012.04.21 16:09:29 | 000,000,680 | ---- | M] () -- C:\Users\christiane\AppData\Local\d3d9caps.dat
[2012.04.21 16:09:27 | 000,061,952 | ---- | M] () -- C:\Users\christiane\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.03 19:06:22 | 000,000,000 | ---- | C] () -- C:\Users\christiane\defogger_reenable
[2012.05.03 18:36:35 | 000,000,662 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.05.03 18:31:18 | 000,000,406 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{55B7EC2A-7BCD-4545-840D-5D7C2EAA37B6}.job
[2012.05.01 19:03:23 | 000,000,474 | ---- | C] () -- C:\user.js
[2012.04.30 09:19:47 | 000,001,828 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.04.21 16:52:28 | 000,002,542 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2012.04.21 16:52:28 | 000,002,422 | ---- | C] () -- C:\Users\Public\Desktop\Nero Home.lnk
[2012.01.12 19:23:45 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2012.01.12 18:57:26 | 000,002,944 | ---- | C] () -- C:\Windows\BRPARAM.INI
[2012.01.12 18:54:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2011.10.31 12:22:42 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.10.31 12:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.10.31 12:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.10.31 12:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.10.31 12:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.06.23 19:16:06 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011.06.23 19:16:06 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011.04.09 18:10:35 | 000,014,496 | ---- | C] () -- C:\Windows\HL-5240.INI
[2011.01.30 17:31:54 | 000,000,248 | ---- | C] () -- C:\Windows\Brownie.ini
[2011.01.30 17:31:54 | 000,000,145 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2011.01.30 17:31:54 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2011.01.30 17:31:54 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2011.01.30 17:31:40 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.01.30 17:31:40 | 000,000,054 | ---- | C] () -- C:\Windows\System32\bd5240.dat
[2010.06.03 09:17:38 | 000,143,676 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.05.31 21:57:56 | 000,000,046 | ---- | C] () -- C:\Windows\System32\DonationCoder_urlsnooper_InstallInfo.dat
[2010.05.29 14:56:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.05.29 14:55:29 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.05.29 14:55:29 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
 
========== LOP Check ==========
 
[2011.12.05 16:54:41 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Amazon
[2012.05.01 19:02:22 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Babylon
[2011.01.01 12:50:21 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Buhl Data Service GmbH
[2012.01.12 19:35:05 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Canneverbe Limited
[2011.06.23 17:23:08 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\com.fiat.convergence.385E4263E7379A5D22A7076E99B02868EFF10711.1
[2012.01.12 19:04:07 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\ControlCenter4
[2010.05.31 21:57:56 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\DonationCoder
[2010.05.29 20:55:55 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\IrfanView
[2008.04.05 21:23:52 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Lexmark Imaging Studio
[2010.05.29 20:57:21 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\local
[2007.05.12 20:45:55 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\MAGIX
[2011.06.23 19:19:14 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\PC Suite
[2007.03.31 17:52:18 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\PeerNetworking
[2010.11.29 22:36:28 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\ProtectDisc
[2011.12.28 10:55:45 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Samsung
[2008.01.06 12:56:20 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\T-Online
[2011.12.28 22:38:56 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Temp
[2011.03.03 12:27:36 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Thunderbird
[2012.05.11 20:55:54 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.05.11 16:48:12 | 000,000,406 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{55B7EC2A-7BCD-4545-840D-5D7C2EAA37B6}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.01.14 22:36:10 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Adobe
[2007.05.13 15:12:22 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\AdobeUM
[2011.12.05 16:54:41 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Amazon
[2007.03.30 17:34:58 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\ATI
[2012.05.01 19:02:22 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Babylon
[2011.01.30 17:36:47 | 000,000,000 | R--D | M] -- C:\Users\christiane\AppData\Roaming\Brother
[2011.01.01 12:50:21 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Buhl Data Service GmbH
[2012.01.12 19:35:05 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Canneverbe Limited
[2011.06.23 17:23:08 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\com.fiat.convergence.385E4263E7379A5D22A7076E99B02868EFF10711.1
[2012.01.12 19:04:07 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\ControlCenter4
[2010.05.30 12:24:03 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Corel
[2011.02.27 17:36:16 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\CyberLink
[2010.05.31 21:57:56 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\DonationCoder
[2007.03.30 20:18:43 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Google
[2007.03.31 17:22:44 | 000,000,000 | -H-D | M] -- C:\Users\christiane\AppData\Roaming\GTek
[2007.03.30 17:34:05 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Identities
[2012.01.12 18:52:31 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\InstallShield
[2010.06.03 09:44:41 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Intel
[2010.05.29 20:55:55 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\IrfanView
[2008.04.05 21:23:52 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Lexmark Imaging Studio
[2010.05.29 20:57:21 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\local
[2007.03.31 17:23:55 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Macromedia
[2007.05.12 20:45:55 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\MAGIX
[2012.05.03 18:36:40 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Media Center Programs
[2012.01.14 22:36:10 | 000,000,000 | --SD | M] -- C:\Users\christiane\AppData\Roaming\Microsoft
[2010.05.29 21:59:59 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Mozilla
[2011.11.12 20:10:51 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Nero
[2011.06.23 19:19:14 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\PC Suite
[2007.03.31 17:52:18 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\PeerNetworking
[2010.11.29 22:36:28 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\ProtectDisc
[2007.03.30 20:55:37 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Roxio
[2011.12.28 10:55:45 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Samsung
[2008.01.06 12:56:20 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\T-Online
[2011.12.28 22:38:56 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Temp
[2011.03.03 12:27:36 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\Thunderbird
[2010.05.29 20:36:26 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\WinRAR
[2012.04.15 19:43:29 | 000,000,000 | ---D | M] -- C:\Users\christiane\AppData\Roaming\ZoomBrowser EX
 
< %APPDATA%\*.exe /s >
[2008.03.24 19:46:17 | 000,327,437 | ---- | M] () -- C:\Users\christiane\AppData\Roaming\GTek\GTUpdate\AUpdate\Channels\ch_u1\CIP\TransferAgentSetup.exe
[2010.06.03 09:22:51 | 000,010,134 | R--- | M] () -- C:\Users\christiane\AppData\Roaming\Microsoft\Installer\{05BCCA33-61E7-5FFD-2661-77E4E09F6960}\ARPPRODUCTICON.exe
[2010.06.03 09:22:49 | 000,010,134 | R--- | M] () -- C:\Users\christiane\AppData\Roaming\Microsoft\Installer\{0E57595A-1716-772F-7D63-F3C103F1F91F}\ARPPRODUCTICON.exe
[2010.06.03 09:20:04 | 000,010,134 | R--- | M] () -- C:\Users\christiane\AppData\Roaming\Microsoft\Installer\{4F5A53E6-3CBE-44D7-91AD-2E535348484F}\ARPPRODUCTICON.exe
[2010.06.03 09:20:04 | 000,009,158 | R--- | M] () -- C:\Users\christiane\AppData\Roaming\Microsoft\Installer\{4F5A53E6-3CBE-44D7-91AD-2E535348484F}\NewShortcut1_45160C5661F6468DA5B09FAE2C3E68D6.exe
[2010.06.03 09:22:54 | 000,010,134 | R--- | M] () -- C:\Users\christiane\AppData\Roaming\Microsoft\Installer\{D5EE9880-8165-B586-CC43-C4E8EA577C96}\ARPPRODUCTICON.exe
[2012.05.01 20:12:02 | 123,071,328 | ---- | M] () -- C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Templates\setup_11.0.0.1245.x01_2012_03_02_13_06.exe
[2011.11.02 17:51:52 | 000,928,656 | ---- | M] (Samsung) -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe
[2011.11.02 17:51:56 | 000,278,928 | ---- | M] () -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2011.11.02 17:51:54 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2011.10.31 12:23:28 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\ConnectionManager.exe
[2011.10.31 12:23:28 | 000,283,648 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe
[2011.10.31 12:23:28 | 000,690,688 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2011.11.02 17:51:58 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2011.10.31 12:23:12 | 000,106,408 | ---- | M] () -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe
[2011.10.31 12:23:12 | 000,101,288 | ---- | M] () -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe
[2011.11.02 17:52:04 | 000,131,984 | ---- | M] () -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011.11.02 17:52:06 | 000,021,392 | ---- | M] () -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2011.11.02 17:52:08 | 003,571,576 | ---- | M] (Freeware) -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2011.11.02 17:52:10 | 000,391,568 | ---- | M] (ml) -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2011.12.08 03:33:38 | 000,392,080 | ---- | M] (ml) -- C:\Users\christiane\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2011.06.23 19:19:13 | 003,707,904 | ---- | M] (Samsung Electronics Co., Ltd.                                ) -- C:\Users\christiane\AppData\Roaming\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2007.03.28 05:13:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys
[2007.03.28 05:13:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[2007.03.28 05:13:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[2007.03.28 05:13:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007.03.28 05:14:23 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2007.03.28 05:14:23 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[2007.03.28 05:14:23 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.18 23:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.18 23:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.18 23:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.18 23:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.18 23:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.18 23:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.04.17 18:47:23 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2007.04.17 18:47:24 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.18 23:36:48 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009.04.10 23:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.10 23:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.18 23:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.18 23:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.18 23:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.18 21:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.18 21:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 76 bytes -> C:\Users\christiane\Desktop\Microsoft Office:Roxio EMC Stream

< End of report >
--- --- ---


Grüße,
annascott10

cosinus 12.05.2012 21:41
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/pivotstickfigure/{322D003F-CBD3-476F-BFEB-91CCF64D82DD}
IE - HKLM\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DADE
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2736476
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Programme\Pivot Stickfigure DB Toolbar\tbhelper.dll ()
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109958&babsrc=SP_ss&mntrId=466fc1dd0000000000000019d2afcf67
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DADE
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/pivotstickfigure/{322D003F-CBD3-476F-BFEB-91CCF64D82DD}?q={searchTerms}
IE - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..extensions.enabledItems: secureLogin@blueimp.net:0.9.7
FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=109958&babsrc=adbartrp&mntrId=466fc1dd0000000000000019d2afcf67&q="
[2012.05.01 15:41:48 | 000,000,000 | ---D | M] (Freeware.de Community Toolbar) -- C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}
[2012.04.25 09:29:33 | 000,000,000 | ---D | M] (ST Deutsch FF Community Toolbar) -- C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
[2010.06.04 20:53:16 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2011.11.12 20:44:13 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\mail@gutscheinrausch.de
[2011.09.12 19:39:29 | 000,002,390 | ---- | M] () -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\targzzk9.default\searchplugins\search.xml
[2012.05.01 19:57:26 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.05.01 19:57:26 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.02.29 17:16:37 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll (Conduit Ltd.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programme\Pivot Stickfigure DB Toolbar\tbcore3.dll ()
O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKLM\..\Toolbar: (Pivot Stickfigure DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programme\Pivot Stickfigure DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files\Softonic_Deutsch_FF\prxtbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\Toolbar\WebBrowser: (Pivot Stickfigure DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programme\Pivot Stickfigure DB Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\Toolbar\WebBrowser: (Freeware.de Toolbar) - {7E111A5C-3D11-4F56-9463-5310C3C69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\Toolbar\WebBrowser: (Softonic Deutsch FF Toolbar) - {9D81AF43-DE53-48D0-A199-42C2A226B24C} - C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKU\S-1-5-21-2351911142-1678405194-1723348831-1000..\Run: []  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
[2012.05.01 19:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012.05.01 19:02:24 | 000,000,000 | ---D | C] -- C:\Users\christiane\AppData\Local\Babylon
[2012.05.01 19:02:22 | 000,000,000 | ---D | C] -- C:\Users\christiane\AppData\Roaming\Babylon
[2012.05.01 19:02:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon

:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

annascott10 13.05.2012 08:15
Hallo, hier das log:

Code:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7e111a5c-3d11-4f56-9463-5310c3c69025} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e111a5c-3d11-4f56-9463-5310c3c69025}\ deleted successfully.
C:\Programme\Freeware.de\prxtbFree.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{9d81af43-de53-48d0-a199-42c2a226b24c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ deleted successfully.
C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2351911142-1678405194-1723348831-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7e111a5c-3d11-4f56-9463-5310c3c69025} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e111a5c-3d11-4f56-9463-5310c3c69025}\ not found.
File C:\Programme\Freeware.de\prxtbFree.dll not found.
Registry value HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{9CB65206-89C4-402c-BA80-02D8C59F9B1D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CB65206-89C4-402c-BA80-02D8C59F9B1D}\ deleted successfully.
C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL moved successfully.
Registry value HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{9d81af43-de53-48d0-a199-42c2a226b24c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
File C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll not found.
Registry value HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ deleted successfully.
C:\Programme\Pivot Stickfigure DB Toolbar\tbhelper.dll moved successfully.
HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
Registry key HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine
Prefs.js: secureLogin@blueimp.net:0.9.7 removed from extensions.enabledItems
Prefs.js: "hxxp://search.babylon.com/?AF=109958&babsrc=adbartrp&mntrId=466fc1dd0000000000000019d2afcf67&q=" removed from keyword.URL
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\searchplugin folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\modules folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\META-INF folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\defaults folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\components folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025} folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}\searchplugin folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}\modules folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}\META-INF folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}\defaults folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}\components folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}\chrome folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c} folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\skin\classic\rdr folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\skin\classic folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\skin folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\zh-CN folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\uk-UA folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\pt-BR folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\pl-PL folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\nl-NL folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\ko-KR folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\ja-JP folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\it-IT folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\hu-HU folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\hr-HR folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\fr-FR folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\es-ES folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\en-US folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale\de-DE folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\locale folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\defaults\preferences folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\defaults folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\content\rdr folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}\content folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9} folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\mail@gutscheinrausch.de\chrome\content\skin folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\mail@gutscheinrausch.de\chrome\content folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\mail@gutscheinrausch.de\chrome folder moved successfully.
C:\Users\christiane\AppData\Roaming\mozilla\Firefox\Profiles\targzzk9.default\extensions\mail@gutscheinrausch.de folder moved successfully.
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\targzzk9.default\searchplugins\search.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
File C:\Program Files\mozilla firefox\searchplugins\babylon.xml not found.
C:\Programme\Mozilla Firefox\searchplugins\bing.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e111a5c-3d11-4f56-9463-5310c3c69025}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e111a5c-3d11-4f56-9463-5310c3c69025}\ not found.
File C:\Programme\Freeware.de\prxtbFree.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}\ deleted successfully.
File C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9d81af43-de53-48d0-a199-42c2a226b24c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
File C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
C:\Programme\BAE\BAE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Programme\Microsoft\BingBar\BingExt.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
C:\Programme\Pivot Stickfigure DB Toolbar\tbcore3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}\ deleted successfully.
C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ deleted successfully.
File C:\Programme\Pivot Stickfigure DB Toolbar\tbcore3.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7e111a5c-3d11-4f56-9463-5310c3c69025} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e111a5c-3d11-4f56-9463-5310c3c69025}\ not found.
File C:\Programme\Freeware.de\prxtbFree.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully.
File C:\Program Files\Microsoft\BingBar\BingExt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9d81af43-de53-48d0-a199-42c2a226b24c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
File C:\Program Files\Softonic_Deutsch_FF\prxtbSoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{FE063DB9-4EC0-403e-8DD8-394C54984B2C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}\ deleted successfully.
File C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL not found.
Registry value HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ not found.
File C:\Programme\Pivot Stickfigure DB Toolbar\tbcore3.dll not found.
Registry value HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7E111A5C-3D11-4F56-9463-5310C3C69025} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E111A5C-3D11-4F56-9463-5310C3C69025}\ not found.
File C:\Programme\Freeware.de\prxtbFree.dll not found.
Registry value HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9D81AF43-DE53-48D0-A199-42C2A226B24C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D81AF43-DE53-48D0-A199-42C2A226B24C}\ not found.
File C:\Programme\Softonic_Deutsch_FF\prxtbSoft.dll not found.
Registry value HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}\ not found.
File C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2351911142-1678405194-1723348831-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh folder moved successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17 folder moved successfully.
C:\Programme\BabylonToolbar\BabylonToolbar folder moved successfully.
C:\Users\christiane\AppData\Local\Babylon\Setup\HtmlScreens folder moved successfully.
C:\Users\christiane\AppData\Local\Babylon\Setup folder moved successfully.
C:\Users\christiane\AppData\Local\Babylon folder moved successfully.
C:\Users\christiane\AppData\Roaming\Babylon folder moved successfully.
C:\ProgramData\Babylon folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: christiane
->Temp folder emptied: 426430120 bytes
->Temporary Internet Files folder emptied: 205803118 bytes
->Java cache emptied: 780766 bytes
->FireFox cache emptied: 271310259 bytes
->Flash cache emptied: 14675 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 104221500 bytes
RecycleBin emptied: 9495204667 bytes
 
Total Files Cleaned = 10.017,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: christiane
->Flash cache emptied: 0 bytes
 
User: Default
 
User: Default User
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.42.3 log created on 05132012_090600

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Danke und viele Grüße,
annascott10

cosinus 13.05.2012 15:43
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

annascott10 13.05.2012 19:09
Hallo, erst einmal: vielen Dank für die Hilfe bisher...

und hier nun der Report des TDSS-Killers:


Code:
20:00:13.0601 1400        TDSS rootkit removing tool 2.7.34.0 May  2 2012 09:59:18
20:00:14.0069 1400        ============================================================
20:00:14.0069 1400        Current date / time: 2012/05/13 20:00:14.0069
20:00:14.0069 1400        SystemInfo:
20:00:14.0069 1400       
20:00:14.0069 1400        OS Version: 6.0.6002 ServicePack: 2.0
20:00:14.0069 1400        Product type: Workstation
20:00:14.0069 1400        ComputerName: NOTEBOOK
20:00:14.0069 1400        UserName: christiane
20:00:14.0069 1400        Windows directory: C:\Windows
20:00:14.0069 1400        System windows directory: C:\Windows
20:00:14.0069 1400        Processor architecture: Intel x86
20:00:14.0069 1400        Number of processors: 2
20:00:14.0069 1400        Page size: 0x1000
20:00:14.0069 1400        Boot type: Normal boot
20:00:14.0069 1400        ============================================================
20:00:14.0568 1400        Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:00:14.0568 1400        ============================================================
20:00:14.0568 1400        \Device\Harddisk0\DR0:
20:00:14.0568 1400        MBR partitions:
20:00:14.0568 1400        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2B800, BlocksNum 0x1400000
20:00:14.0568 1400        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x142B800, BlocksNum 0x111ED800
20:00:14.0599 1400        ============================================================
20:00:14.0662 1400        C: <-> \Device\Harddisk0\DR0\Partition1
20:00:14.0709 1400        D: <-> \Device\Harddisk0\DR0\Partition0
20:00:14.0709 1400        ============================================================
20:00:14.0709 1400        Initialize success
20:00:14.0709 1400        ============================================================
20:01:38.0418 2816        ============================================================
20:01:38.0418 2816        Scan started
20:01:38.0418 2816        Mode: Manual; SigCheck; TDLFS;
20:01:38.0418 2816        ============================================================
20:01:39.0073 2816        acedrv11        (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys
20:01:39.0307 2816        acedrv11 - ok
20:01:39.0385 2816        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:01:39.0401 2816        ACPI - ok
20:01:39.0495 2816        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:01:39.0510 2816        AdobeARMservice - ok
20:01:39.0588 2816        adp94xx        (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:01:39.0619 2816        adp94xx - ok
20:01:39.0682 2816        adpahci        (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:01:39.0697 2816        adpahci - ok
20:01:39.0744 2816        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:01:39.0760 2816        adpu160m - ok
20:01:39.0791 2816        adpu320        (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:01:39.0807 2816        adpu320 - ok
20:01:39.0869 2816        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
20:01:39.0994 2816        AeLookupSvc - ok
20:01:40.0165 2816        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:01:40.0243 2816        AFD - ok
20:01:40.0306 2816        agp440          (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
20:01:40.0306 2816        agp440 - ok
20:01:40.0399 2816        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:01:40.0415 2816        aic78xx - ok
20:01:40.0462 2816        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
20:01:40.0540 2816        ALG - ok
20:01:40.0571 2816        aliide          (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys
20:01:40.0587 2816        aliide - ok
20:01:40.0602 2816        amdagp          (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
20:01:40.0618 2816        amdagp - ok
20:01:40.0633 2816        amdide          (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys
20:01:40.0633 2816        amdide - ok
20:01:40.0665 2816        AmdK7          (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:01:40.0727 2816        AmdK7 - ok
20:01:40.0774 2816        AmdK8          (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
20:01:40.0836 2816        AmdK8 - ok
20:01:40.0883 2816        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
20:01:40.0914 2816        Appinfo - ok
20:01:40.0977 2816        arc            (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:01:40.0992 2816        arc - ok
20:01:41.0055 2816        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:01:41.0070 2816        arcsas - ok
20:01:41.0117 2816        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:01:41.0148 2816        AsyncMac - ok
20:01:41.0195 2816        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:01:41.0195 2816        atapi - ok
20:01:41.0351 2816        Ati External Event Utility (c74d9a831b523ef5a66f4f13b2ddea2e) C:\Windows\system32\Ati2evxx.exe
20:01:41.0445 2816        Ati External Event Utility - ok
20:01:41.0741 2816        atikmdag        (184e2b47542badbe5ca606f0fc9a90cc) C:\Windows\system32\DRIVERS\atikmdag.sys
20:01:41.0913 2816        atikmdag - ok
20:01:42.0178 2816        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:01:42.0225 2816        AudioEndpointBuilder - ok
20:01:42.0240 2816        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:01:42.0287 2816        Audiosrv - ok
20:01:42.0427 2816        BBSvc          (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
20:01:42.0459 2816        BBSvc - ok
20:01:42.0583 2816        bcm4sbxp        (cd4646067cc7dcba1907fa0acf7e3966) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
20:01:42.0646 2816        bcm4sbxp - ok
20:01:42.0693 2816        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:01:42.0755 2816        Beep - ok
20:01:42.0895 2816        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
20:01:42.0989 2816        BFE - ok
20:01:43.0114 2816        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
20:01:43.0239 2816        BITS - ok
20:01:43.0239 2816        blbdrive - ok
20:01:43.0301 2816        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:01:43.0348 2816        bowser - ok
20:01:43.0410 2816        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:01:43.0473 2816        BrFiltLo - ok
20:01:43.0519 2816        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:01:43.0582 2816        BrFiltUp - ok
20:01:43.0660 2816        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
20:01:43.0722 2816        Browser - ok
20:01:43.0785 2816        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:01:43.0863 2816        Brserid - ok
20:01:43.0878 2816        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:01:43.0956 2816        BrSerWdm - ok
20:01:43.0972 2816        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:01:44.0019 2816        BrUsbMdm - ok
20:01:44.0034 2816        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:01:44.0112 2816        BrUsbSer - ok
20:01:44.0175 2816        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:01:44.0237 2816        BTHMODEM - ok
20:01:44.0284 2816        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:01:44.0346 2816        cdfs - ok
20:01:44.0424 2816        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:01:44.0518 2816        cdrom - ok
20:01:44.0611 2816        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:01:44.0689 2816        CertPropSvc - ok
20:01:44.0799 2816        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:01:44.0923 2816        circlass - ok
20:01:45.0064 2816        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:01:45.0095 2816        CLFS - ok
20:01:45.0204 2816        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:01:45.0220 2816        clr_optimization_v2.0.50727_32 - ok
20:01:45.0298 2816        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:01:45.0329 2816        clr_optimization_v4.0.30319_32 - ok
20:01:45.0360 2816        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:01:45.0423 2816        CmBatt - ok
20:01:45.0485 2816        cmdide          (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys
20:01:45.0501 2816        cmdide - ok
20:01:45.0547 2816        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:01:45.0579 2816        Compbatt - ok
20:01:45.0579 2816        COMSysApp - ok
20:01:45.0610 2816        crcdisk        (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:01:45.0625 2816        crcdisk - ok
20:01:45.0657 2816        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:01:45.0766 2816        Crusoe - ok
20:01:45.0875 2816        CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
20:01:45.0953 2816        CryptSvc - ok
20:01:46.0249 2816        DBService      (48297bf3339bc56dd7d7524d7a1740aa) C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe
20:01:46.0265 2816        DBService ( UnsignedFile.Multi.Generic ) - warning
20:01:46.0265 2816        DBService - detected UnsignedFile.Multi.Generic (1)
20:01:46.0374 2816        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:01:46.0483 2816        DcomLaunch - ok
20:01:46.0546 2816        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:01:46.0624 2816        DfsC - ok
20:01:46.0951 2816        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
20:01:47.0248 2816        DFSR - ok
20:01:47.0513 2816        dg_ssudbus      (d8522960163fa593694e441194a9a574) C:\Windows\system32\DRIVERS\ssudbus.sys
20:01:47.0529 2816        dg_ssudbus - ok
20:01:47.0622 2816        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
20:01:47.0700 2816        Dhcp - ok
20:01:47.0747 2816        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:01:47.0778 2816        disk - ok
20:01:47.0934 2816        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
20:01:47.0965 2816        Dnscache - ok
20:01:47.0997 2816        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
20:01:48.0028 2816        dot3svc - ok
20:01:48.0075 2816        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
20:01:48.0153 2816        DPS - ok
20:01:48.0199 2816        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:01:48.0231 2816        drmkaud - ok
20:01:48.0355 2816        DSBrokerService (01d5b95d0a12a916bbdc258629113258) C:\Program Files\DellSupport\brkrsvc.exe
20:01:48.0387 2816        DSBrokerService ( UnsignedFile.Multi.Generic ) - warning
20:01:48.0387 2816        DSBrokerService - detected UnsignedFile.Multi.Generic (1)
20:01:48.0465 2816        DSproct        (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
20:01:48.0496 2816        DSproct ( UnsignedFile.Multi.Generic ) - warning
20:01:48.0496 2816        DSproct - detected UnsignedFile.Multi.Generic (1)
20:01:48.0527 2816        dsunidrv        (64fa28c15dd71a80bef3527e1ef07df6) C:\Program Files\DellSupport\Drivers\dsunidrv.sys
20:01:48.0543 2816        dsunidrv ( UnsignedFile.Multi.Generic ) - warning
20:01:48.0543 2816        dsunidrv - detected UnsignedFile.Multi.Generic (1)
20:01:48.0761 2816        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:01:48.0855 2816        DXGKrnl - ok
20:01:48.0948 2816        e1express      (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
20:01:49.0073 2816        e1express - ok
20:01:49.0120 2816        E1G60          (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:01:49.0229 2816        E1G60 - ok
20:01:49.0291 2816        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
20:01:49.0338 2816        EapHost - ok
20:01:49.0401 2816        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:01:49.0416 2816        Ecache - ok
20:01:49.0479 2816        ehRecvr        (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
20:01:49.0525 2816        ehRecvr - ok
20:01:49.0666 2816        ehSched        (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
20:01:49.0713 2816        ehSched - ok
20:01:49.0759 2816        ehstart        (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
20:01:49.0791 2816        ehstart - ok
20:01:49.0900 2816        elxstor        (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:01:49.0931 2816        elxstor - ok
20:01:50.0056 2816        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
20:01:50.0149 2816        EMDMgmt - ok
20:01:50.0227 2816        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
20:01:50.0290 2816        EventSystem - ok
20:01:50.0461 2816        EvtEng          (f10e7aa8bdf4488e3dfa989b8e7f7c9f) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
20:01:50.0524 2816        EvtEng ( UnsignedFile.Multi.Generic ) - warning
20:01:50.0524 2816        EvtEng - detected UnsignedFile.Multi.Generic (1)
20:01:50.0649 2816        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:01:50.0727 2816        exfat - ok
20:01:50.0789 2816        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:01:50.0883 2816        fastfat - ok
20:01:50.0929 2816        fdc            (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:01:51.0007 2816        fdc - ok
20:01:51.0054 2816        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
20:01:51.0070 2816        fdPHost - ok
20:01:51.0085 2816        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
20:01:51.0179 2816        FDResPub - ok
20:01:51.0226 2816        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:01:51.0241 2816        FileInfo - ok
20:01:51.0273 2816        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:01:51.0304 2816        Filetrace - ok
20:01:51.0335 2816        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:01:51.0397 2816        flpydisk - ok
20:01:51.0429 2816        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:01:51.0444 2816        FltMgr - ok
20:01:51.0585 2816        FontCache      (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
20:01:51.0663 2816        FontCache - ok
20:01:51.0850 2816        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:01:51.0865 2816        FontCache3.0.0.0 - ok
20:01:51.0928 2816        FsUsbExDisk    (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
20:01:51.0959 2816        FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
20:01:51.0959 2816        FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
20:01:52.0037 2816        FsUsbExService  (d3f9205cc4cb07553f2f9472c767ea87) C:\Windows\system32\FsUsbExService.Exe
20:01:52.0053 2816        FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
20:01:52.0053 2816        FsUsbExService - detected UnsignedFile.Multi.Generic (1)
20:01:52.0131 2816        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
20:01:52.0193 2816        Fs_Rec - ok
20:01:52.0255 2816        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:01:52.0271 2816        gagp30kx - ok
20:01:52.0380 2816        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
20:01:52.0474 2816        gpsvc - ok
20:01:52.0614 2816        HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
20:01:52.0677 2816        HdAudAddService - ok
20:01:52.0833 2816        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:01:52.0911 2816        HDAudBus - ok
20:01:52.0989 2816        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:01:53.0082 2816        HidBth - ok
20:01:53.0098 2816        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:01:53.0176 2816        HidIr - ok
20:01:53.0301 2816        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
20:01:53.0347 2816        hidserv - ok
20:01:53.0379 2816        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:01:53.0425 2816        HidUsb - ok
20:01:53.0503 2816        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
20:01:53.0566 2816        hkmsvc - ok
20:01:53.0613 2816        HpCISSs        (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:01:53.0628 2816        HpCISSs - ok
20:01:53.0753 2816        HSF_DPV        (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:01:53.0893 2816        HSF_DPV - ok
20:01:53.0971 2816        HSXHWAZL        (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:01:54.0018 2816        HSXHWAZL - ok
20:01:54.0159 2816        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:01:54.0268 2816        HTTP - ok
20:01:54.0315 2816        i2omp          (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:01:54.0330 2816        i2omp - ok
20:01:54.0408 2816        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:01:54.0439 2816        i8042prt - ok
20:01:54.0549 2816        iaStorV        (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:01:54.0564 2816        iaStorV - ok
20:01:54.0736 2816        IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:01:54.0767 2816        IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:01:54.0767 2816        IDriverT - detected UnsignedFile.Multi.Generic (1)
20:01:55.0079 2816        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:01:55.0141 2816        idsvc - ok
20:01:55.0235 2816        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:01:55.0251 2816        iirsp - ok
20:01:55.0329 2816        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
20:01:55.0422 2816        IKEEXT - ok
20:01:55.0516 2816        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
20:01:55.0547 2816        intelide - ok
20:01:55.0547 2816        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:01:55.0594 2816        intelppm - ok
20:01:55.0719 2816        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
20:01:55.0812 2816        IPBusEnum - ok
20:01:55.0890 2816        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:01:55.0937 2816        IpFilterDriver - ok
20:01:55.0999 2816        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
20:01:56.0093 2816        iphlpsvc - ok
20:01:56.0093 2816        IpInIp - ok
20:01:56.0171 2816        IPMIDRV        (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:01:56.0265 2816        IPMIDRV - ok
20:01:56.0405 2816        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:01:56.0483 2816        IPNAT - ok
20:01:56.0545 2816        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:01:56.0608 2816        IRENUM - ok
20:01:56.0639 2816        isapnp          (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
20:01:56.0655 2816        isapnp - ok
20:01:56.0717 2816        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:01:56.0733 2816        iScsiPrt - ok
20:01:56.0811 2816        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:01:56.0826 2816        iteatapi - ok
20:01:56.0857 2816        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:01:56.0857 2816        iteraid - ok
20:01:56.0904 2816        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:01:56.0920 2816        kbdclass - ok
20:01:56.0935 2816        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:01:56.0982 2816        kbdhid - ok
20:01:57.0013 2816        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:01:57.0076 2816        KeyIso - ok
20:01:57.0123 2816        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
20:01:57.0154 2816        KSecDD - ok
20:01:57.0216 2816        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
20:01:57.0294 2816        KtmRm - ok
20:01:57.0341 2816        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
20:01:57.0403 2816        LanmanServer - ok
20:01:57.0466 2816        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
20:01:57.0513 2816        LanmanWorkstation - ok
20:01:57.0575 2816        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:01:57.0637 2816        lltdio - ok
20:01:57.0684 2816        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
20:01:57.0731 2816        lltdsvc - ok
20:01:57.0778 2816        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
20:01:57.0871 2816        lmhosts - ok
20:01:58.0012 2816        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:01:58.0027 2816        LSI_FC - ok
20:01:58.0043 2816        LSI_SAS        (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:01:58.0059 2816        LSI_SAS - ok
20:01:58.0121 2816        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:01:58.0137 2816        LSI_SCSI - ok
20:01:58.0168 2816        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:01:58.0215 2816        luafv - ok
20:01:58.0230 2816        lxdc_device - ok
20:01:58.0308 2816        Mcx2Svc        (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
20:01:58.0355 2816        Mcx2Svc - ok
20:01:58.0386 2816        mdmxsdk        (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:01:58.0433 2816        mdmxsdk - ok
20:01:58.0449 2816        megasas        (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:01:58.0464 2816        megasas - ok
20:01:58.0527 2816        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:01:58.0573 2816        MMCSS - ok
20:01:58.0605 2816        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:01:58.0636 2816        Modem - ok
20:01:58.0651 2816        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:01:58.0698 2816        monitor - ok
20:01:58.0745 2816        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:01:58.0761 2816        mouclass - ok
20:01:58.0792 2816        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:01:58.0839 2816        mouhid - ok
20:01:58.0870 2816        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:01:58.0885 2816        MountMgr - ok
20:01:58.0979 2816        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:01:58.0995 2816        MozillaMaintenance - ok
20:01:59.0073 2816        MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
20:01:59.0104 2816        MpFilter - ok
20:01:59.0182 2816        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:01:59.0197 2816        mpio - ok
20:01:59.0447 2816        MpKslb963e87b  (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2AB8369A-A122-47DF-8C58-1A616094F8C6}\MpKslb963e87b.sys
20:01:59.0463 2816        MpKslb963e87b - ok
20:01:59.0634 2816        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:01:59.0681 2816        mpsdrv - ok
20:01:59.0790 2816        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
20:01:59.0853 2816        MpsSvc - ok
20:01:59.0931 2816        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:01:59.0946 2816        Mraid35x - ok
20:01:59.0977 2816        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:02:00.0024 2816        MRxDAV - ok
20:02:00.0087 2816        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:02:00.0165 2816        mrxsmb - ok
20:02:00.0227 2816        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:02:00.0274 2816        mrxsmb10 - ok
20:02:00.0289 2816        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:02:00.0305 2816        mrxsmb20 - ok
20:02:00.0367 2816        msahci          (f0ec3a4e0693a34b148723b4da31668c) C:\Windows\system32\drivers\msahci.sys
20:02:00.0383 2816        msahci - ok
20:02:00.0414 2816        msdsm          (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:02:00.0445 2816        msdsm - ok
20:02:00.0555 2816        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
20:02:00.0617 2816        MSDTC - ok
20:02:00.0648 2816        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:02:00.0711 2816        Msfs - ok
20:02:00.0789 2816        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:02:00.0804 2816        msisadrv - ok
20:02:00.0835 2816        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
20:02:00.0882 2816        MSiSCSI - ok
20:02:00.0882 2816        msiserver - ok
20:02:00.0929 2816        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:02:00.0991 2816        MSKSSRV - ok
20:02:01.0116 2816        MsMpSvc        (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:02:01.0132 2816        MsMpSvc - ok
20:02:01.0163 2816        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:02:01.0225 2816        MSPCLOCK - ok
20:02:01.0241 2816        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:02:01.0335 2816        MSPQM - ok
20:02:01.0397 2816        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:02:01.0428 2816        MsRPC - ok
20:02:01.0459 2816        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:02:01.0475 2816        mssmbios - ok
20:02:01.0522 2816        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:02:01.0584 2816        MSTEE - ok
20:02:01.0584 2816        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:02:01.0615 2816        Mup - ok
20:02:01.0678 2816        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
20:02:01.0756 2816        napagent - ok
20:02:01.0787 2816        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:02:01.0849 2816        NativeWifiP - ok
20:02:01.0943 2816        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:02:02.0037 2816        NDIS - ok
20:02:02.0083 2816        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:02:02.0115 2816        NdisTapi - ok
20:02:02.0130 2816        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:02:02.0208 2816        Ndisuio - ok
20:02:02.0286 2816        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:02:02.0333 2816        NdisWan - ok
20:02:02.0364 2816        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:02:02.0442 2816        NDProxy - ok
20:02:02.0848 2816        Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
20:02:02.0926 2816        Nero BackItUp Scheduler 3 - ok
20:02:02.0973 2816        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:02:03.0051 2816        NetBIOS - ok
20:02:03.0113 2816        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:02:03.0160 2816        netbt - ok
20:02:03.0191 2816        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:02:03.0222 2816        Netlogon - ok
20:02:03.0363 2816        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
20:02:03.0425 2816        Netman - ok
20:02:03.0503 2816        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
20:02:03.0581 2816        netprofm - ok
20:02:03.0893 2816        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:02:03.0909 2816        NetTcpPortSharing - ok
20:02:04.0283 2816        NETw3v32        (acc6170d80c69e50145b370023b64ed3) C:\Windows\system32\DRIVERS\NETw3v32.sys
20:02:04.0439 2816        NETw3v32 - ok
20:02:04.0938 2816        NETw4v32        (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
20:02:05.0110 2816        NETw4v32 - ok
20:02:05.0297 2816        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:02:05.0313 2816        nfrd960 - ok
20:02:05.0391 2816        NisDrv          (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:02:05.0406 2816        NisDrv - ok
20:02:05.0515 2816        NisSrv          (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
20:02:05.0531 2816        NisSrv - ok
20:02:05.0593 2816        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
20:02:05.0656 2816        NlaSvc - ok
20:02:05.0937 2816        NMIndexingService (eba1b4bf2e2375abdadedb649f283541) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
20:02:06.0015 2816        NMIndexingService - ok
20:02:06.0077 2816        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:02:06.0155 2816        Npfs - ok
20:02:06.0186 2816        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
20:02:06.0249 2816        nsi - ok
20:02:06.0264 2816        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:02:06.0311 2816        nsiproxy - ok
20:02:06.0529 2816        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:02:06.0623 2816        Ntfs - ok
20:02:06.0701 2816        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:02:06.0748 2816        ntrigdigi - ok
20:02:06.0810 2816        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:02:06.0841 2816        Null - ok
20:02:06.0935 2816        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:02:06.0951 2816        nvraid - ok
20:02:06.0966 2816        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:02:06.0982 2816        nvstor - ok
20:02:07.0044 2816        nv_agp          (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
20:02:07.0060 2816        nv_agp - ok
20:02:07.0060 2816        NwlnkFlt - ok
20:02:07.0075 2816        NwlnkFwd - ok
20:02:07.0294 2816        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:02:07.0325 2816        odserv - ok
20:02:07.0387 2816        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:02:07.0434 2816        ohci1394 - ok
20:02:07.0512 2816        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:02:07.0528 2816        ose - ok
20:02:07.0606 2816        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:02:07.0746 2816        p2pimsvc - ok
20:02:07.0762 2816        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:02:07.0840 2816        p2psvc - ok
20:02:07.0902 2816        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:02:07.0996 2816        Parport - ok
20:02:08.0058 2816        partmgr        (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:02:08.0074 2816        partmgr - ok
20:02:08.0105 2816        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:02:08.0199 2816        Parvdm - ok
20:02:08.0230 2816        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
20:02:08.0292 2816        PcaSvc - ok
20:02:08.0386 2816        pccsmcfd        (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
20:02:08.0448 2816        pccsmcfd - ok
20:02:08.0511 2816        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:02:08.0542 2816        pci - ok
20:02:08.0557 2816        pciide          (20b869152448f80ac49cf10264e91f5e) C:\Windows\system32\DRIVERS\pciide.sys
20:02:08.0573 2816        pciide - ok
20:02:08.0604 2816        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:02:08.0620 2816        pcmcia - ok
20:02:08.0745 2816        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:02:08.0838 2816        PEAUTH - ok
20:02:09.0119 2816        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
20:02:09.0228 2816        pla - ok
20:02:09.0447 2816        PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
20:02:09.0493 2816        PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
20:02:09.0493 2816        PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
20:02:09.0556 2816        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
20:02:09.0603 2816        PlugPlay - ok
20:02:09.0727 2816        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:02:09.0790 2816        PNRPAutoReg - ok
20:02:09.0805 2816        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:02:09.0868 2816        PNRPsvc - ok
20:02:09.0961 2816        Point32        (04df0452fbededf9297fd2e5440cb3c9) C:\Windows\system32\DRIVERS\point32k.sys
20:02:09.0977 2816        Point32 - ok
20:02:10.0117 2816        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
20:02:10.0211 2816        PolicyAgent - ok
20:02:10.0305 2816        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:02:10.0383 2816        PptpMiniport - ok
20:02:10.0507 2816        Processor      (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:02:10.0585 2816        Processor - ok
20:02:10.0679 2816        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
20:02:10.0741 2816        ProfSvc - ok
20:02:10.0804 2816        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:02:10.0835 2816        ProtectedStorage - ok
20:02:10.0882 2816        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:02:10.0929 2816        PSched - ok
20:02:11.0163 2816        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:02:11.0287 2816        ql2300 - ok
20:02:11.0365 2816        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:02:11.0397 2816        ql40xx - ok
20:02:11.0475 2816        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
20:02:11.0537 2816        QWAVE - ok
20:02:11.0631 2816        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:02:11.0693 2816        QWAVEdrv - ok
20:02:12.0005 2816        R300            (184e2b47542badbe5ca606f0fc9a90cc) C:\Windows\system32\DRIVERS\atikmdag.sys
20:02:12.0114 2816        R300 - ok
20:02:12.0348 2816        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:02:12.0395 2816        RasAcd - ok
20:02:12.0426 2816        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
20:02:12.0504 2816        RasAuto - ok
20:02:12.0567 2816        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:02:12.0629 2816        Rasl2tp - ok
20:02:12.0707 2816        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
20:02:12.0738 2816        RasMan - ok
20:02:12.0894 2816        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:02:12.0910 2816        RasPppoe - ok
20:02:12.0925 2816        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:02:12.0941 2816        RasSstp - ok
20:02:12.0972 2816        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:02:13.0003 2816        rdbss - ok
20:02:13.0113 2816        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:02:13.0175 2816        RDPCDD - ok
20:02:13.0269 2816        rdpdr          (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
20:02:13.0300 2816        rdpdr - ok
20:02:13.0331 2816        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:02:13.0393 2816        RDPENCDD - ok
20:02:13.0456 2816        RDPWD          (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
20:02:13.0487 2816        RDPWD - ok
20:02:13.0752 2816        RegSrvc        (7274bd434b6165baa382bdd87f6ca4ce) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
20:02:13.0799 2816        RegSrvc ( UnsignedFile.Multi.Generic ) - warning
20:02:13.0799 2816        RegSrvc - detected UnsignedFile.Multi.Generic (1)
20:02:13.0861 2816        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
20:02:13.0955 2816        RemoteAccess - ok
20:02:14.0017 2816        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
20:02:14.0049 2816        RemoteRegistry - ok
20:02:14.0080 2816        rimmptsk        (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:02:14.0095 2816        rimmptsk - ok
20:02:14.0127 2816        rimsptsk        (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:02:14.0189 2816        rimsptsk - ok
20:02:14.0220 2816        rismxdp        (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:02:14.0314 2816        rismxdp - ok
20:02:14.0345 2816        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
20:02:14.0376 2816        RpcLocator - ok
20:02:14.0485 2816        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:02:14.0579 2816        RpcSs - ok
20:02:14.0641 2816        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:02:14.0719 2816        rspndr - ok
20:02:14.0797 2816        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:02:14.0844 2816        SamSs - ok
20:02:14.0938 2816        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:02:14.0969 2816        sbp2port - ok
20:02:15.0031 2816        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
20:02:15.0094 2816        SCardSvr - ok
20:02:15.0203 2816        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
20:02:15.0312 2816        Schedule - ok
20:02:15.0406 2816        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:02:15.0437 2816        SCPolicySvc - ok
20:02:15.0499 2816        sdbus          (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
20:02:15.0546 2816        sdbus - ok
20:02:15.0702 2816        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
20:02:15.0749 2816        SDRSVC - ok
20:02:15.0967 2816        SeaPort        (78779ee07231c658b483b1f38b5088df) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
20:02:15.0999 2816        SeaPort - ok
20:02:16.0030 2816        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:02:16.0108 2816        secdrv - ok
20:02:16.0139 2816        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
20:02:16.0201 2816        seclogon - ok
20:02:16.0342 2816        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
20:02:16.0404 2816        SENS - ok
20:02:16.0404 2816        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:02:16.0467 2816        Serenum - ok
20:02:16.0513 2816        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:02:16.0576 2816        Serial - ok
20:02:16.0654 2816        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:02:16.0669 2816        sermouse - ok
20:02:16.0794 2816        ServiceLayer    (9d38320bb32230349379df5ddbbf7fce) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:02:16.0872 2816        ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
20:02:16.0872 2816        ServiceLayer - detected UnsignedFile.Multi.Generic (1)
20:02:16.0919 2816        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
20:02:16.0981 2816        SessionEnv - ok
20:02:17.0059 2816        sffdisk        (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
20:02:17.0106 2816        sffdisk - ok
20:02:17.0169 2816        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
20:02:17.0262 2816        sffp_mmc - ok
20:02:17.0309 2816        sffp_sd        (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:02:17.0340 2816        sffp_sd - ok
20:02:17.0340 2816        sfloppy        (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
20:02:17.0418 2816        sfloppy - ok
20:02:17.0481 2816        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
20:02:17.0512 2816        SharedAccess - ok
20:02:17.0621 2816        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
20:02:17.0652 2816        ShellHWDetection - ok
20:02:17.0683 2816        sisagp          (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
20:02:17.0699 2816        sisagp - ok
20:02:17.0715 2816        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:02:17.0730 2816        SiSRaid2 - ok
20:02:17.0746 2816        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:02:17.0761 2816        SiSRaid4 - ok
20:02:18.0183 2816        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
20:02:18.0573 2816        slsvc - ok
20:02:18.0947 2816        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
20:02:19.0025 2816        SLUINotify - ok
20:02:19.0072 2816        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:02:19.0134 2816        Smb - ok
20:02:19.0197 2816        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
20:02:19.0228 2816        SNMPTRAP - ok
20:02:19.0259 2816        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:02:19.0290 2816        spldr - ok
20:02:19.0415 2816        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
20:02:19.0446 2816        Spooler - ok
20:02:19.0524 2816        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:02:19.0571 2816        srv - ok
20:02:19.0633 2816        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:02:19.0680 2816        srv2 - ok
20:02:19.0711 2816        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:02:19.0758 2816        srvnet - ok
20:02:19.0789 2816        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
20:02:19.0883 2816        SSDPSRV - ok
20:02:19.0945 2816        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
20:02:19.0992 2816        SstpSvc - ok
20:02:20.0055 2816        ssudmdm        (1b4052f016ba5e087689aba536a0a927) C:\Windows\system32\DRIVERS\ssudmdm.sys
20:02:20.0070 2816        ssudmdm - ok
20:02:20.0133 2816        STacSV          (7e6dd4b34acd36af6c711d2bde91b040) C:\Windows\system32\STacSV.exe
20:02:20.0195 2816        STacSV - ok
20:02:20.0257 2816        STHDA          (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
20:02:20.0320 2816        STHDA - ok
20:02:20.0367 2816        StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
20:02:20.0429 2816        StillCam - ok
20:02:20.0554 2816        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
20:02:20.0616 2816        stisvc - ok
20:02:20.0694 2816        stllssvr - ok
20:02:20.0741 2816        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:02:20.0772 2816        swenum - ok
20:02:20.0850 2816        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
20:02:20.0928 2816        swprv - ok
20:02:21.0037 2816        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:02:21.0053 2816        Symc8xx - ok
20:02:21.0084 2816        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:02:21.0100 2816        Sym_hi - ok
20:02:21.0131 2816        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:02:21.0147 2816        Sym_u3 - ok
20:02:21.0193 2816        SynTP          (1f5192248a364d4ab68db063d18a2139) C:\Windows\system32\DRIVERS\SynTP.sys
20:02:21.0225 2816        SynTP - ok
20:02:21.0287 2816        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
20:02:21.0365 2816        SysMain - ok
20:02:21.0412 2816        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
20:02:21.0443 2816        TabletInputService - ok
20:02:21.0615 2816        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
20:02:21.0677 2816        TapiSrv - ok
20:02:21.0739 2816        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
20:02:21.0786 2816        TBS - ok
20:02:21.0958 2816        Tcpip          (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
20:02:22.0051 2816        Tcpip - ok
20:02:22.0067 2816        Tcpip6          (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
20:02:22.0176 2816        Tcpip6 - ok
20:02:22.0223 2816        tcpipreg        (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
20:02:22.0285 2816        tcpipreg - ok
20:02:22.0410 2816        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:02:22.0457 2816        TDPIPE - ok
20:02:22.0504 2816        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:02:22.0551 2816        TDTCP - ok
20:02:22.0597 2816        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:02:22.0629 2816        tdx - ok
20:02:22.0707 2816        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:02:22.0722 2816        TermDD - ok
20:02:22.0800 2816        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
20:02:22.0894 2816        TermService - ok
20:02:22.0956 2816        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
20:02:22.0987 2816        Themes - ok
20:02:23.0019 2816        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:02:23.0065 2816        THREADORDER - ok
20:02:23.0190 2816        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
20:02:23.0268 2816        TrkWks - ok
20:02:23.0346 2816        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
20:02:23.0409 2816        TrustedInstaller - ok
20:02:23.0440 2816        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:02:23.0487 2816        tssecsrv - ok
20:02:23.0518 2816        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:02:23.0565 2816        tunmp - ok
20:02:23.0627 2816        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:02:23.0643 2816        tunnel - ok
20:02:23.0689 2816        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:02:23.0721 2816        uagp35 - ok
20:02:23.0814 2816        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:02:23.0861 2816        udfs - ok
20:02:23.0986 2816        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
20:02:24.0017 2816        UI0Detect - ok
20:02:24.0033 2816        uliagpkx        (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
20:02:24.0048 2816        uliagpkx - ok
20:02:24.0079 2816        uliahci        (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:02:24.0111 2816        uliahci - ok
20:02:24.0126 2816        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:02:24.0142 2816        UlSata - ok
20:02:24.0204 2816        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:02:24.0220 2816        ulsata2 - ok
20:02:24.0251 2816        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:02:24.0282 2816        umbus - ok
20:02:24.0345 2816        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
20:02:24.0423 2816        upnphost - ok
20:02:24.0657 2816        UPnPService    (2f791a77655e6f61a21482f200c3864d) C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
20:02:24.0719 2816        UPnPService ( UnsignedFile.Multi.Generic ) - warning
20:02:24.0719 2816        UPnPService - detected UnsignedFile.Multi.Generic (1)
20:02:24.0813 2816        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:02:24.0844 2816        usbccgp - ok
20:02:24.0922 2816        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:02:25.0031 2816        usbcir - ok
20:02:25.0062 2816        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:02:25.0093 2816        usbehci - ok
20:02:25.0156 2816        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:02:25.0218 2816        usbhub - ok
20:02:25.0249 2816        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
20:02:25.0374 2816        usbohci - ok
20:02:25.0437 2816        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:02:25.0483 2816        usbprint - ok
20:02:25.0546 2816        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:02:25.0577 2816        USBSTOR - ok
20:02:25.0655 2816        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:02:25.0671 2816        usbuhci - ok
20:02:25.0749 2816        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
20:02:25.0795 2816        UxSms - ok
20:02:25.0858 2816        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
20:02:25.0967 2816        vds - ok
20:02:26.0014 2816        vga            (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:02:26.0076 2816        vga - ok
20:02:26.0123 2816        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:02:26.0170 2816        VgaSave - ok
20:02:26.0201 2816        viaagp          (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
20:02:26.0217 2816        viaagp - ok
20:02:26.0248 2816        ViaC7          (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:02:26.0295 2816        ViaC7 - ok
20:02:26.0341 2816        viaide          (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys
20:02:26.0357 2816        viaide - ok
20:02:26.0404 2816        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:02:26.0404 2816        volmgr - ok
20:02:26.0482 2816        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:02:26.0497 2816        volmgrx - ok
20:02:26.0544 2816        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:02:26.0560 2816        volsnap - ok
20:02:26.0591 2816        vsmraid        (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:02:26.0607 2816        vsmraid - ok
20:02:26.0794 2816        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
20:02:26.0903 2816        VSS - ok
20:02:26.0950 2816        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
20:02:27.0012 2816        W32Time - ok
20:02:27.0121 2816        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:02:27.0215 2816        WacomPen - ok
20:02:27.0340 2816        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:02:27.0387 2816        Wanarp - ok
20:02:27.0387 2816        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:02:27.0418 2816        Wanarpv6 - ok
20:02:27.0527 2816        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
20:02:27.0621 2816        wcncsvc - ok
20:02:27.0761 2816        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
20:02:27.0808 2816        WcsPlugInService - ok
20:02:27.0870 2816        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:02:27.0886 2816        Wd - ok
20:02:27.0948 2816        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:02:27.0979 2816        Wdf01000 - ok
20:02:28.0042 2816        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:02:28.0120 2816        WdiServiceHost - ok
20:02:28.0120 2816        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:02:28.0151 2816        WdiSystemHost - ok
20:02:28.0229 2816        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
20:02:28.0260 2816        WebClient - ok
20:02:28.0291 2816        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
20:02:28.0323 2816        Wecsvc - ok
20:02:28.0385 2816        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
20:02:28.0416 2816        wercplsupport - ok
20:02:28.0463 2816        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
20:02:28.0494 2816        WerSvc - ok
20:02:28.0603 2816        winachsf        (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:02:28.0697 2816        winachsf - ok
20:02:28.0822 2816        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
20:02:28.0853 2816        WinDefend - ok
20:02:28.0853 2816        WinHttpAutoProxySvc - ok
20:02:28.0962 2816        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
20:02:28.0978 2816        Winmgmt - ok
20:02:29.0243 2816        WinRM          (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
20:02:29.0368 2816        WinRM - ok
20:02:29.0524 2816        WinUSB          (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
20:02:29.0571 2816        WinUSB - ok
20:02:29.0649 2816        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
20:02:29.0742 2816        Wlansvc - ok
20:02:29.0883 2816        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:02:29.0929 2816        WmiAcpi - ok
20:02:30.0007 2816        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
20:02:30.0054 2816        wmiApSrv - ok
20:02:30.0335 2816        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:02:30.0475 2816        WMPNetworkSvc - ok
20:02:30.0538 2816        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
20:02:30.0600 2816        WPCSvc - ok
20:02:30.0756 2816        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
20:02:30.0787 2816        WPDBusEnum - ok
20:02:30.0975 2816        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:02:31.0006 2816        WpdUsb - ok
20:02:31.0333 2816        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:02:31.0411 2816        WPFFontCache_v0400 - ok
20:02:31.0489 2816        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:02:31.0552 2816        ws2ifsl - ok
20:02:31.0630 2816        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
20:02:31.0661 2816        wscsvc - ok
20:02:31.0661 2816        WSearch - ok
20:02:31.0957 2816        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
20:02:32.0098 2816        wuauserv - ok
20:02:32.0285 2816        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:02:32.0332 2816        WUDFRd - ok
20:02:32.0535 2816        wudfsvc        (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
20:02:32.0597 2816        wudfsvc - ok
20:02:32.0628 2816        XAudio          (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
20:02:32.0675 2816        XAudio - ok
20:02:32.0737 2816        XAudioService  (28dc5d626e036a75a572556f0a6eb1f6) C:\Windows\system32\DRIVERS\xaudio.exe
20:02:32.0769 2816        XAudioService - ok
20:02:32.0800 2816        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:02:33.0096 2816        \Device\Harddisk0\DR0 - ok
20:02:33.0127 2816        Boot (0x1200)  (99282695dd965eb622a5b3a63e83e954) \Device\Harddisk0\DR0\Partition0
20:02:33.0127 2816        \Device\Harddisk0\DR0\Partition0 - ok
20:02:33.0127 2816        Boot (0x1200)  (3afe329dacc3b6eabad337e8dd88e6d0) \Device\Harddisk0\DR0\Partition1
20:02:33.0143 2816        \Device\Harddisk0\DR0\Partition1 - ok
20:02:33.0143 2816        ============================================================
20:02:33.0143 2816        Scan finished
20:02:33.0143 2816        ============================================================
20:02:33.0159 1680        Detected object count: 12
20:02:33.0159 1680        Actual detected object count: 12
20:04:16.0181 1680        DBService ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0181 1680        DBService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:16.0181 1680        DSBrokerService ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0181 1680        DSBrokerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:16.0197 1680        DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0197 1680        DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:16.0197 1680        dsunidrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0197 1680        dsunidrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:16.0197 1680        EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0197 1680        EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:16.0197 1680        FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0197 1680        FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:16.0197 1680        FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0197 1680        FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:16.0197 1680        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0197 1680        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:16.0212 1680        PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0212 1680        PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:16.0212 1680        RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0212 1680        RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:16.0212 1680        ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0212 1680        ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:16.0212 1680        UPnPService ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:16.0212 1680        UPnPService ( UnsignedFile.Multi.Generic ) - User select action: Skip
viele Grüße,
annascott10


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:56 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131