Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Google Ergebnisse, Weiterleitung auf falsche Seiten (https://www.trojaner-board.de/116984-google-ergebnisse-weiterleitung-falsche-seiten.html)

robee 10.06.2012 13:01
Google Ergebnisse, Weiterleitung auf falsche Seiten
 
Hallo Leute, ich habe da echt ein problem mit meinem Rechner. Laut Malwarebytes und Kaspersky ist mein Rechner nicht befallen aber bei Google Ergebnissen werde ich regelmäßig auf andere Seiten umgeleitet. Könnt Ihr mir helfen Bitte?

Hier mein OTL Log:OTL Logfile:OTL Logfile:
Code:
OTL logfile created on: 10.06.12 13:33:48 - Run 1
OTL by OldTimer - Version 3.2.48.0    Folder = C:\Dokumente und Einstellungen\******\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yy
 
3,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 69,70% Memory free
4,84 Gb Paging File | 3,95 Gb Available in Paging File | 81,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 11,80 Gb Free Space | 24,17% Space Free | Partition Type: NTFS
Drive D: | 100,22 Gb Total Space | 28,19 Gb Free Space | 28,13% Space Free | Partition Type: NTFS
 
Computer Name: MG-107315 | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.10 13:16:27 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\******\Desktop\OTL.exe
PRC - [2011.10.24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011.08.04 14:44:24 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEUPDT.EXE
PRC - [2011.08.04 14:41:44 | 001,637,496 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011.07.25 11:10:34 | 000,468,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2011.07.19 05:53:07 | 002,567,272 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2011.03.08 13:21:18 | 000,138,168 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\ZOOM\TpScrex.exe
PRC - [2011.03.08 13:20:58 | 000,267,624 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2010.12.03 10:57:38 | 000,099,328 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\tphkload.exe
PRC - [2010.12.02 12:55:54 | 000,064,440 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2010.11.29 16:32:44 | 000,069,560 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2010.04.01 14:50:44 | 000,043,960 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe
PRC - [2009.12.15 12:20:48 | 000,081,920 | R--- | M] (Microsoft) -- C:\Programme\Pc Camera\3288.exe
PRC - [2009.07.23 03:11:00 | 000,124,248 | ---- | M] (Lenovo Group Limited) -- C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE
PRC - [2009.05.15 17:29:38 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\System Update\SUService.exe
PRC - [2008.08.25 13:01:05 | 000,211,568 | ---- | M] (Kaspersky Lab) -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe
PRC - [2008.08.05 11:35:22 | 000,520,192 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe
PRC - [2008.06.26 10:25:07 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.04 10:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008.03.04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
PRC - [2008.02.19 13:05:08 | 000,842,304 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Client Security Solution\password_manager.exe
PRC - [2008.01.09 12:32:08 | 000,789,008 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe
PRC - [2008.01.09 12:28:58 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2007.11.29 17:56:34 | 000,722,232 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007.11.26 15:58:10 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe
PRC - [2007.11.26 15:58:08 | 000,264,800 | ---- | M] (Broadcom Corporation.) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
PRC - [2007.08.11 01:30:40 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe
PRC - [2007.03.09 18:12:14 | 000,091,265 | ---- | M] (Kaspersky Lab) -- C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe
PRC - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006.06.29 21:57:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe
PRC - [2004.06.08 09:41:14 | 000,282,624 | ---- | M] (iPass Inc) -- C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe
PRC - [2004.05.17 13:27:28 | 000,032,859 | ---- | M] (Novell, Inc.) -- C:\WINDOWS\system32\dpmw32.exe
PRC - [2003.10.24 06:37:56 | 000,217,194 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2002.03.12 09:37:28 | 000,028,672 | ---- | M] (Novell, Inc.) -- C:\WINDOWS\system32\nwtray.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.21 09:14:15 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8dc4a28c456f81ee7399da21bd9d55aa\System.ServiceProcess.ni.dll
MOD - [2012.05.20 23:03:38 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.20 23:01:54 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.20 23:01:43 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2009.01.14 17:37:00 | 001,486,848 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2009.01.14 17:37:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2008.08.05 11:35:22 | 000,520,192 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe
MOD - [2008.08.05 11:33:28 | 000,073,728 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\K2NPROXY.dll
MOD - [2008.06.26 10:25:07 | 000,048,640 | ---- | M] () -- C:\WINDOWS\mmfs.dll
MOD - [2008.06.26 10:25:07 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.01.11 01:30:00 | 000,073,728 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\PWRMGRIF.DLL
MOD - [2008.01.11 01:30:00 | 000,049,152 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL
MOD - [2007.11.26 15:56:04 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006.06.29 21:57:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe
MOD - [2006.05.24 14:12:44 | 000,245,843 | ---- | M] () -- C:\WINDOWS\system32\nwshlxnt.dll
MOD - [2005.01.13 08:50:00 | 000,121,660 | ---- | M] () -- C:\WINDOWS\system32\nls\DEUTSCH\nwshlxnr.dll
MOD - [2004.06.15 15:33:10 | 000,651,264 | ---- | M] () -- C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\libeay32.dll
MOD - [2003.05.15 03:15:50 | 000,753,664 | ---- | M] () -- C:\Programme\Adobe\Acrobat 6.0\Distillr\AdistRes.DEU
MOD - [2001.07.31 02:17:12 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\zxjaux.dll -- (jsenujoft)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\zxjaux.dll -- (bxlst)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\zxjaux.dll -- (bpsyorcy)
SRV - [2011.10.24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.12.03 10:57:38 | 000,099,328 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV - [2010.12.02 12:55:54 | 000,064,440 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2010.11.24 16:34:24 | 000,045,496 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2009.05.15 17:29:38 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008.08.25 13:01:05 | 000,211,568 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe -- (AVP)
SRV - [2008.06.26 10:25:07 | 000,002,560 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Runservice.exe -- (LicCtrlService)
SRV - [2008.05.05 10:58:22 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2008.03.04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2008.01.09 12:30:08 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007.11.29 17:56:34 | 000,722,232 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007.11.26 15:58:08 | 000,264,800 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2007.03.09 18:12:14 | 000,091,265 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe -- (klnagent)
SRV - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006.08.11 14:51:04 | 000,028,672 | ---- | M] (Novell, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\cusrvc.exe -- (cusrvc)
SRV - [2006.06.29 21:57:50 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\TpKmpSvc.exe -- (TpKmpSVC)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2011.10.18 02:43:42 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2011.10.18 02:43:42 | 000,078,136 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2010.09.07 14:09:06 | 000,013,680 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2010.03.02 07:45:36 | 000,030,976 | R--- | M] (usb camera) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbcamcl.sys -- (usbcamcl)
DRV - [2009.04.08 08:24:28 | 000,187,168 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\klif.sys -- (TSP)
DRV - [2009.04.08 08:24:28 | 000,187,168 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009.01.19 20:31:56 | 000,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008.05.30 15:13:26 | 000,027,704 | ---- | M] (Canopus Co,. Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrblock.sys -- (cdrblock)
DRV - [2008.05.29 08:54:29 | 000,112,144 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2008.05.05 13:59:21 | 000,008,256 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2008.04.30 16:43:04 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2008.01.11 01:30:00 | 000,004,442 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2007.11.29 02:17:56 | 000,036,368 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007.11.29 02:17:48 | 000,035,088 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007.11.27 15:40:00 | 000,539,512 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007.11.27 15:40:00 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.11.26 23:37:00 | 002,236,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007.11.21 10:51:00 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.11.01 16:26:36 | 000,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007.11.01 16:25:32 | 000,211,456 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007.11.01 16:25:22 | 000,731,520 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007.08.14 15:46:36 | 000,010,896 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys -- (smihlp) SMI Helper Driver (smihlp)
DRV - [2007.06.29 11:38:00 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.05.22 14:59:38 | 000,030,336 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2007.04.13 08:50:42 | 000,090,888 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrsce.sys -- (zebrsce)
DRV - [2007.04.13 08:50:38 | 000,108,424 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdmc.sys -- (zebrmdmc) Sony Ericsson mRouter Port (WDM)
DRV - [2007.04.13 08:50:38 | 000,108,296 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdm.sys -- (zebrmdm) Sony Ericsson Port (WDM)
DRV - [2007.04.13 08:50:36 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdfl.sys -- (zebrmdfl)
DRV - [2007.04.13 08:50:30 | 000,083,080 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrbus.sys -- (zebrbus)
DRV - [2007.04.13 08:50:30 | 000,062,984 | R--- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\zebrceb.sys -- (zebrceb) Sony Ericsson Cable Emulation Bus (WDM)
DRV - [2007.04.04 14:58:26 | 000,024,344 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2007.03.31 12:02:00 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007.03.21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.02.24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.11.22 11:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2006.11.09 09:38:22 | 000,506,159 | ---- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\nwfs.sys -- (NetwareWorkstation)
DRV - [2006.09.25 11:44:52 | 000,043,280 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwdns.sys -- (NWDNS)
DRV - [2006.09.25 08:54:54 | 000,160,209 | ---- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\srvloc.sys -- (SRVLOC)
DRV - [2006.03.03 16:50:48 | 000,038,416 | ---- | M] (Novell, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nicm.sys -- (NICM)
DRV - [2005.11.22 09:51:22 | 000,018,353 | ---- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\nwdhcp.sys -- (NWDHCP)
DRV - [2005.10.27 15:15:14 | 000,039,731 | ---- | M] (Novell, Inc.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\NetWare\nwsipx32.sys -- (NWSIPX32)
DRV - [2005.10.12 12:12:18 | 000,009,297 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwhost.sys -- (NWHOST)
DRV - [2005.10.12 12:11:32 | 000,006,128 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwsns.sys -- (NWSNS)
DRV - [2005.05.26 17:14:00 | 000,015,891 | ---- | M] (Novell, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\NetWare\nwfilter.sys -- (NWFILTER)
DRV - [2005.01.28 15:36:00 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.01.03 13:51:38 | 000,020,332 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwslp.sys -- (NWSLP)
DRV - [2004.06.01 17:19:34 | 000,027,249 | ---- | M] (Novell, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\NetWare\resmgr.sys -- (RESMGR)
DRV - [2004.03.10 16:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2003.02.26 13:51:18 | 000,023,232 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\NetWare\nwsap.sys -- (NWSAP)
DRV - [2002.03.19 10:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ds-technologie.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 51 BA 3B 0B 7C CA 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6221EBD2-4870-4CC4-9778-E6576CED9E43}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGIH_deDE274
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = mg-proxy:8080
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..network.proxy.backup.ftp: "mg-proxy"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "mg-proxy"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "mg-proxy"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "mg-proxy"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "mg-proxy"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "mg-proxy"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "mg-proxy"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: ""
FF - prefs.js..network.proxy.socks: "mg-proxy"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "mg-proxy"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: ""
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.03.19 11:10:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.03.19 11:10:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FCF36B88-1BBA-487f-B64B-D2E8980A9293}: C:\Programme\Lenovo\Client Security Solution\PWM Firefox Extension [2008.05.07 16:08:41 | 000,000,000 | ---D | M]
 
[2009.04.16 13:11:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Extensions
[2008.05.28 21:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.05.08 09:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions
[2011.06.29 10:18:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.03.19 11:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.07 09:31:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.03.13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.24 00:49:22 | 001,826,192 | ---- | M] (Caminova, Inc.) -- C:\Programme\mozilla firefox\plugins\npdjvu.dll
[2003.09.04 14:37:44 | 000,892,928 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\NPSWF32.dll
[2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  File not found
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} -  File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -  File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -  File not found
O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} -  File not found
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -  File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  File not found
O4 - HKLM..\Run: [3288] C:\Programme\Pc Camera\3288.exe (Microsoft)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [iPCCheck] C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe (iPass Inc)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [LPMailChecker] C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NexusServer] C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [NWTRAY] C:\WINDOWS\System32\nwtray.exe (Novell, Inc.)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [PSQLLauncher] C:\Programme\ThinkVantage Fingerprint Software\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKCU..\Run: [iecfgRpl] rundll32.exe "C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\iecfgRpl\SecurityMapServ.dll", appMapTrust msWebnt5 File not found
O4 - HKCU..\Run: [SkypePM] C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Skype\SkypePM.exe File not found
O4 - HKCU..\Run: [TomTomHOME.exe] "C:\Programme\TomTom HOME 2\HOMERunner.exe" File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: CompatibleRUPSecurity = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Programme\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Programme\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office2003\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save page in SuperOffice - C:\Programme\SuperOffice\SoIeExtensions.dll (SuperOffice AS)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Programme\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: SuperOror - {CC88D81F-6166-4F46-AC89-B75CD9CEB292} - Reg Error: Key error. File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\NetWare\nwws2nds.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\NetWare\nwws2sap.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\NetWare\nwws2slp.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} https://photoservice.fujicolor.de/ips-opdata/objects/jordan-canvasx.cab (JordanUploader Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209556674671 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = starrag.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{007E9E8C-277D-49B5-8454-B8FE8ED9DCD8}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\adialhk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\WINDOWS\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\psfus: DllName - (C:\WINDOWS\system32\psqlpwd.dll) - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O30 - LSA: Authentication Packages - (nwv1_0) - C:\WINDOWS\System32\nwv1_0.dll (Novell, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.30 15:52:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0074100d-2ce7-11dd-ab94-001e4cdace2a}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe
O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell - "" = AutoRun
O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{8a22bd91-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\StartPortableApps.exe
O33 - MountPoints2\{8a22bdf9-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\pstart.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.10 13:38:57 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\******\Desktop\TDSSKiller.exe
[2012.06.10 13:19:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.06.10 13:16:18 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\******\Desktop\OTL.exe
[2012.06.09 15:46:49 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.06.08 10:53:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******\Startmenü\Programme\Google Chrome
[2012.06.08 10:48:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\Deployment
[2012.06.04 14:28:33 | 000,000,000 | ---D | C] -- C:\IMTS 2012
[2012.06.02 15:28:06 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJSolutionMenuEX
[2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEPPEX2
[2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonEPP
[2012.06.02 15:27:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Canon
[2012.06.02 15:27:32 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter
[2012.06.02 15:17:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2012.06.02 15:15:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canon IJ Network Tool
[2012.06.02 15:14:16 | 000,337,920 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZC.dll
[2012.06.02 15:14:16 | 000,122,880 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZU.dll
[2012.06.02 15:14:16 | 000,107,520 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZI.dll
[2012.06.02 15:14:15 | 000,424,448 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZL.dll
[2012.06.02 15:14:15 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll
[2012.06.02 15:14:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\medias
[2012.06.02 15:14:04 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJFAX
[2012.06.02 15:12:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Benutzerregistrierung
[2012.06.02 15:09:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\CANON
[2012.06.02 15:09:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJWSpt
[2012.06.02 15:05:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon Utilities
[2012.06.02 15:04:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Manual
[2012.06.02 15:03:08 | 000,257,536 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCALAZ.DLL
[2012.06.02 15:03:05 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012.06.02 15:02:51 | 000,311,296 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMAZ.DLL
[2012.06.02 15:02:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2012.06.02 15:02:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series
[2012.06.02 15:02:27 | 000,184,832 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIUAZ.DLL
[2012.06.02 15:02:01 | 000,000,000 | -H-D | C] -- C:\Programme\CanonBJ
[2012.06.02 15:01:30 | 000,363,520 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPPM.DLL
[2012.06.02 15:01:30 | 000,035,840 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPUI.DLL
[2012.06.02 15:01:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\STRING
[2012.05.15 16:57:53 | 000,000,000 | ---D | C] -- C:\DST
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.10 13:40:17 | 270,357,280 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2012.06.10 13:38:57 | 010,354,720 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2012.06.10 13:32:43 | 000,168,834 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2012.06.10 13:32:32 | 000,185,449 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.06.10 13:32:23 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2012.06.10 13:32:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.06.10 13:32:06 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.10 13:28:02 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.10 13:27:11 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012.06.10 13:26:09 | 000,001,977 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys
[2012.06.10 13:25:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.06.10 13:25:42 | 3219,415,040 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.10 13:24:43 | 003,636,356 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2012.06.10 13:24:43 | 000,984,260 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2012.06.10 13:18:24 | 002,108,959 | ---- | M] () -- C:\Dokumente und Einstellungen\******\Desktop\tdsskiller.zip
[2012.06.10 13:16:27 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\******\Desktop\OTL.exe
[2012.06.10 11:10:54 | 000,444,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.09 22:54:01 | 000,001,230 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job
[2012.06.09 17:42:42 | 000,000,183 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2012.06.08 10:54:01 | 000,001,178 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job
[2012.06.06 16:06:08 | 000,001,004 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012.06.06 14:13:49 | 000,168,834 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2012.06.04 11:12:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.06.02 15:09:09 | 000,001,686 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk
[2012.06.02 15:04:40 | 000,001,935 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk
[2012.05.31 15:22:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2012.05.23 10:36:41 | 000,004,608 | ---- | M] () -- C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.21 16:40:50 | 002,127,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\******\Desktop\TDSSKiller.exe
[2012.05.21 08:17:56 | 000,453,030 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.05.21 08:17:56 | 000,436,080 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.05.21 08:17:56 | 000,081,810 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.05.21 08:17:56 | 000,068,976 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.05.20 23:05:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
 
========== Files Created - No Company Name ==========
 
[2012.06.10 13:18:17 | 002,108,959 | ---- | C] () -- C:\Dokumente und Einstellungen\******\Desktop\tdsskiller.zip
[2012.06.10 13:08:47 | 3219,415,040 | -HS- | C] () -- C:\hiberfil.sys
[2012.06.08 10:49:47 | 000,001,230 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job
[2012.06.08 10:49:46 | 000,001,178 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job
[2012.06.02 15:14:15 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\CNC175ED.TBL
[2012.06.02 15:09:09 | 000,001,686 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk
[2012.06.02 15:04:40 | 000,001,935 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk
[2012.05.23 10:34:01 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.17 09:19:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.09.20 21:13:00 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\{CE2EE4B6-4EE3-456B-A851-2F4B01E978E5}
[2011.03.01 10:16:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\SoIds.ini
[2011.03.01 10:13:07 | 000,000,041 | ---- | C] () -- C:\WINDOWS\souser.ini
[2011.02.20 13:40:56 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.02.17 20:55:33 | 000,038,469 | ---- | C] () -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Kommagetrennte Werte (Windows).ADR
[2011.01.26 09:42:20 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CmdFile.INI
[2011.01.17 15:12:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI
[2010.08.24 12:00:16 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\CoUninstall.dll
[2010.08.24 11:35:45 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.08.24 11:24:39 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\camera.ini
[2010.07.07 13:37:54 | 000,155,700 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.DLL

< End of report >
--- --- ---
--- --- ---

Hier die Extra TXTOTL Logfile:
OTL Logfile:
Code:
OTL Extras logfile created on: 10.06.12 13:33:48 - Run 1
OTL by OldTimer - Version 3.2.48.0    Folder = C:\Dokumente und Einstellungen\******\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yy
 
3,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 69,70% Memory free
4,84 Gb Paging File | 3,95 Gb Available in Paging File | 81,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 11,80 Gb Free Space | 24,17% Space Free | Partition Type: NTFS
Drive D: | 100,22 Gb Total Space | 28,19 Gb Free Space | 28,13% Space Free | Partition Type: NTFS
 
Computer Name: MG-107315 | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
htmlfile [print] -- "C:\Programme\Microsoft Office2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"UacDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications]
"Enabled" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\empirum\swdepot.exe:localsubnet:enabled:SoftwareDepot for Windows" = %windir%\system32\empirum\swdepot.exe:localsubnet:enabled:SoftwareDepot for Windows
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"15000:UDP" = 15000:UDP:LocalSubNet:Enabled:Kaspersky Administration Kit
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"15000:UDP" = 15000:UDP:LocalSubNet:Enabled:Kaspersky Administration Kit
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpmw32.exe" = C:\WINDOWS\system32\dpmw32.exe:*:Disabled:NDPS RPM & Notification Listener -- (Novell, Inc.)
"C:\Programme\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe" = C:\Programme\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Disabled:mRouterRuntime Module -- (Intuwave Ltd.)
"C:\Dokumente und Einstellungen\******\temp\TeamViewer\Version5\TeamViewer.exe" = C:\Dokumente und Einstellungen\******\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer -- (TeamViewer GmbH)
"C:\Program Files\WS_FTP Pro\ftp95pro.exe" = C:\Program Files\WS_FTP Pro\ftp95pro.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player -- ()
"D:\Dreambox\DM 800\Programme\Dreambox Control Center\DCC_E2.exe" = D:\Dreambox\DM 800\Programme\Dreambox Control Center\DCC_E2.exe:*:Enabled:Dreambox Control Center -- (BernyR)
"C:\Novell\GroupWise\grpwise.exe" = C:\Novell\GroupWise\grpwise.exe:*:Enabled:Novell GroupWise -- (Novell, Inc.)
"C:\Novell\GroupWise\notify.exe" = C:\Novell\GroupWise\notify.exe:*:Enabled:Novell Notify -- (Novell, Inc.)
"C:\Programme\Microsoft Office2003\OFFICE11\OUTLOOK.EXE" = C:\Programme\Microsoft Office2003\OFFICE11\OUTLOOK.EXE:*:Enabled:Outlook -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"D:\Dreambox\DM 800\Programme\DCC Enigma2\DCC_E2.exe" = D:\Dreambox\DM 800\Programme\DCC Enigma2\DCC_E2.exe:*:Disabled:Dreambox Control Center -- (BernyR)
"D:\Dreambox\Programme\DreamTSman\DreamTSman\DreamTSman.exe" = D:\Dreambox\Programme\DreamTSman\DreamTSman\DreamTSman.exe:*:Disabled:DreamTSman -- (7soft)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B1C701-5B73-4a25-BB9B-9F5178349E7B}" = EDIUS Neo 2 Settings
"{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}" = Macromedia Dreamweaver MX 2004
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{10CD702D-CEB4-4602-B0B0-B921181A7916}" = Setup
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX890_series" = Canon MX890 series MP Drivers
"{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1" = Free Video Joiner 1.1
"{16E217EA-C3E0-402D-8D4F-6189DB74497A}" = Studio 9.4 Patch
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav"
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E76BE75-F256-4BA4-A9A3-F433AD3D2D00}" = Sony Ericsson PC Suite for Smartphones
"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = Dienstprogramm 'ThinkPad-Tastaturanpassung'
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{2281AB85-0000-4C6C-B4B8-D9ABB29B720B}" = Handy Safe Desktop Professional 2.03
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2CC982C0-7EAE-11D4-ACC3-0050568AD318}" = Avery Zweckform DesignPro
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{44E9D4C2-946C-4378-9354-558803C47A68}" = Client Security - Password Manager
"{4509D9E5-57F8-45B0-9091-4676D709FD7A}" = Microsoft SQL Server Native Client
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AC1E1A2-D7E3-42D6-AD54-69158C49AA6F}" = Visual Basic for Applications (R) Core
"{4D8E1ADE-CEA6-4A35-8D73-963F16C40FD3}" = Document Express DjVu Plug-in
"{53673F31-91EE-4EDE-A3BA-0E861811940B}" = Mobile2Day
"{5567A669-15A7-4C32-95E4-F8C8DC953428}" = SOGroupWiseLink 1.2.21
"{58D4FB3A-98E9-4B9B-B01E-7F005AEFE019}" = WEBCAM
"{58F8C6D9-5B55-486A-A322-4E8D87670031}" = Canon MP-Treiber
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{663118ED-6E80-45D6-9484-6830798B8B86}" = ProCoder 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D9B3F4-52F1-4C66-835F-A703BFE16AE1}" = GroupWise
"{772E9146-D676-4869-A298-047FF2A2B92D}" = Canopus Codec Option
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79B986AD-54D8-4498-AA06-89808829ACC0}" = Kaspersky Anti-Virus 6.0 for Windows Workstations
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C72AAB5-8A7D-4882-950C-A1F26A949DA3}" = Kaspersky Network Agent
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4AE751-7055-4518-87B0-E148A8D50D0A}" = Macromedia FreeHand MX
"{900A92BA-19EF-4A34-86CF-7B6C85BDD971}" = VC_MergeModuleToMSI
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{939740B5-0064-4779-854A-8C1086181C05}" = Macromedia FreeHand MXa
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4D095B-B81E-4938-9BC9-E9EF9F3AE85A}" = Visual Basic for Applications (R) Core - German
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{9F1675A9-9FD7-49F8-A5DB-BF4D1DED13C9}" = SOGroupWiseLink Templates 1.2.22
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager
"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" =
"{A2289997-10A3-48F2-AA03-99180D761661}" = ThinkVantage Fingerprint Software 5.6
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB6FFA58-F491-11D3-8951-000000026279}" = T-Online Internationaler Zugang
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-0000-7EC8-7489-000000000603}" = Adobe Acrobat and Reader 6.0.3 Update
"{AC76BA86-0000-7EC8-7489-000000000604}" = Adobe Acrobat and Reader 6.0.4 Update
"{AC76BA86-0000-7EC8-7489-000000000605}" = Adobe Acrobat and Reader 6.0.5 Update
"{AC76BA86-0000-7EC8-7489-000000000606}" = Adobe Acrobat and Reader 6.0.6 Update
"{AC76BA86-1033-F400-7760-000000000001}" = Adobe Acrobat 6.0.1 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.5 - Deutsch
"{AC76BA86-7AD7-1031-7B44-A81300000003}_814" = KB408682
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.1 - Deutsch
"{AC76BA86-7AD7-2447-0000-800000000003}" = Chinese Simplified Fonts Support For Adobe Reader 8
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B20B3E91-5E94-11D4-B650-00500488DA92}" = TWAIN FieryScan
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BD60F72D-3F2F-4AE1-9C41-3CF75B2CA59A}" = DVR-Studio Pro 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime SP1
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D1ADE2BF-32D3-4EC3-9BF4-F5E1A740F92E}" = Color Network ScanGear Ver.2.42
"{D728E945-256D-4477-B377-6BBA693714AC}" = Ergänzung zu Productivity Center für ThinkPad
"{D7EC8A27-CDA2-46AE-8A26-4104A04FA5BE}" = 32 Bit HP CIO Components Installer
"{D972F309-7376-4B25-10AA-04C80D13E1F0}" = iGrafx 2009
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.8.320
"{E1252473-6306-4d5d-904D-B06AA7F38161}" = Sony Ericsson PC Suite for Smartphones
"{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}" = Corel Paint Shop Pro Photo XI
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E583ED6F-BD99-4066-A420-C815BF692B69}" = Macromedia Fireworks MX 2004
"{F02DBC5D-33E3-45E9-B0F8-B7745229ED1C}" = NICI (Shared) U.S./Worldwide (128 bit) (2.7.0-2)
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FA8B6532-78E9-490B-B97D-32379E16810E}" = EDIUS Neo 2 (SetupManager)
"ABC Amber Audio Converter" = ABC Amber Audio Converter
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Any Video Converter_is1" = Any Video Converter 3.0.1
"AVMFBox" = AVM FRITZ!Box Dokumentation
"BattlEye" = BattlEye Uninstall
"Canon MX890 series Benutzerregistrierung" = Canon MX890 series Benutzerregistrierung
"Canon MX890 series On-screen Manual" = Canon MX890 series On-screen Manual
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem
"dm Digi Foto" = dm Digi Foto
"DreamBoxEdit" = DreamBoxEdit -- The one and only settings editor for your Dreambox
"DreamTSman_is1" = DreamTSman
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ElsterFormular für Unternehmer 12.1.1.6214u" = ElsterFormular-Update
"EnigmEdit" = EnigmEdit (remove only)
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.3
"Free Download Manager_is1" = Free Download Manager 2.5
"Google Updater" = Google Updater
"HandySafePro" = Handy Safe Pro
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"iGrafx 2009" = iGrafx 2009
"Image Composer" = Microsoft Image Composer 1.5
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{7C72AAB5-8A7D-4882-950C-A1F26A949DA3}" = Administrationsagent
"InstallWIX_{79B986AD-54D8-4498-AA06-89808829ACC0}" = Kaspersky Anti-Virus 6.0 for Windows Workstations
"JDownloader" = JDownloader
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"MP Navigator EX 5.1" = Canon MP Navigator EX 5.1
"MP3-Check_is1" = MP3-Check (v1.0.39.0)
"Mp3tag" = Mp3tag v2.47b
"mRouterRuntime" =
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6
"Neue deutsche Rechtschreibung für Microsoft Office 9x" = Neue deutsche Rechtschreibung für Microsoft Office 9x
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Novell Client for Windows" = Novell Client für Windows 2000
"NVIDIA Drivers" = NVIDIA Drivers
"Office8.0" = Microsoft Office 97, Professional Edition
"OnScreenDisplay" = Anzeige am Bildschirm
"OpenAL" = OpenAL
"Panzerkrieg Bundle" = Panzerkrieg Bundle
"Power Management Driver" = ThinkPad Power Management Driver
"proDAD-Mercalli-1.0" = proDAD Mercalli 1.0
"proDAD-Vitascene-1.0" = proDAD Vitascene 1.0
"PROSet" = Intel(R) PRO Network Connections Drivers
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RealPlayer 6.0" = RealPlayer
"Sony Ericsson" = Sony Ericsson Symbian 9 Drivers
"Speed Dial Utility" = Canon Kurzwahlprogramm
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"SystemRequirementsLab" = System Requirements Lab
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"Visio Standard" = Visio Standard
"VLC media player" = VLC media player 1.0.0
"Warfare Incorporated(TM) for Pocket PC" = Warfare Incorporated(TM) for Pocket PC
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMS" = Windows NT Messaging
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"WS_FTPPro" = Ipswitch WS_FTP Pro Uninstall
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XMedia Recode" = XMedia Recode 3.0.1.6
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09.06.12 09:19:22 | Computer Name = MG-107315 | Source = Userenv | ID = 1054
Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt
 werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung
 hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.
 
Error - 09.06.12 09:19:24 | Computer Name = MG-107315 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
 keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
 ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.  Die Registrierung
 wird nicht durchgeführt.
 
Error - 09.06.12 09:35:33 | Computer Name = MG-107315 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
 Modul mshtml.dll, Version 8.0.6001.19222, Fehleradresse 0x00100420.
 
Error - 09.06.12 17:19:00 | Computer Name = MG-107315 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
 keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
 ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.  Die Registrierung
 wird nicht durchgeführt.
 
Error - 10.06.12 05:11:25 | Computer Name = MG-107315 | Source = Userenv | ID = 1054
Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt
 werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung
 hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.
 
Error - 10.06.12 05:11:27 | Computer Name = MG-107315 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
 keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
 ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.  Die Registrierung
 wird nicht durchgeführt.
 
Error - 10.06.12 07:09:15 | Computer Name = MG-107315 | Source = Userenv | ID = 1054
Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt
 werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung
 hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.
 
Error - 10.06.12 07:09:16 | Computer Name = MG-107315 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
 keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
 ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.  Die Registrierung
 wird nicht durchgeführt.
 
Error - 10.06.12 07:26:12 | Computer Name = MG-107315 | Source = Userenv | ID = 1054
Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt
 werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung
 hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.
 
Error - 10.06.12 07:26:12 | Computer Name = MG-107315 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
 keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
 ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.  Die Registrierung
 wird nicht durchgeführt.
 
[ Kaspersky Event Log Events ]
Error - 10.06.12 07:26:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt
 
Error - 10.06.12 07:26:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt
 
Error - 10.06.12 07:26:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Error 1192 (Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt) occured while replicating settings for application Kaspersky Anti-Virus
 6.0 for Windows Workstations. Operation code: _LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.

Storage
 file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt  Error information: 1192/0 (Data is corrupted or has an unknown format),
 O:\CS AdminKit\development2\std\par\parserialize.cpp, 558
 
Error - 10.06.12 07:26:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Tasks replication failed Product ='KAVWKS6' Version ='6.0.0.0' Storage
 file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt  Error information: 1192/0 (Data is corrupted or has an unknown format),
 O:\CS AdminKit\development2\std\par\parserialize.cpp, 558 
 
Error - 10.06.12 07:31:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt
 
Error - 10.06.12 07:31:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt
 
Error - 10.06.12 07:31:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt
 
Error - 10.06.12 07:31:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Error 1192 (Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt) occured while replicating settings for application Kaspersky Anti-Virus
 6.0 for Windows Workstations. Operation code: _LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.

Storage
 file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt  Error information: 1192/0 (Data is corrupted or has an unknown format),
 O:\CS AdminKit\development2\std\par\parserialize.cpp, 558
 
Error - 10.06.12 07:31:29 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Tasks replication failed Product ='KAVWKS6' Version ='6.0.0.0' Storage
 file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt  Error information: 1192/0 (Data is corrupted or has an unknown format),
 O:\CS AdminKit\development2\std\par\parserialize.cpp, 558 
 
Error - 10.06.12 07:41:50 | Computer Name = MG-107315 | Source = klnagent | ID = 1
Description = Storage file C:\Programme\Kaspersky Lab\NetworkAgent\Products\E07A4C8CB7A5029D3AA8E87E542DB0D5\tasks\_LOCAL_c7462a1c-ff14-43d6-825f-e8e0595feac4.klt
 is corrupt
 
[ System Events ]
Error - 10.06.12 07:19:43 | Computer Name = MG-107315 | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
 
Error - 10.06.12 07:24:16 | Computer Name = MG-107315 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der
 nächsten 29 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle
 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.
 
Error - 10.06.12 07:26:12 | Computer Name = MG-107315 | Source = NETLOGON | ID = 5719
Description = Es steht kein Domänencontroller für die Domäne LAN aus folgendem Grund
 zur  Verfügung:  %%1311.    Stellen Sie sicher, dass der Computer mit dem Netzwerk verbunden
 ist, und  versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator, wenn
das
 Problem weiterhin besteht.
 
Error - 10.06.12 07:26:12 | Computer Name = MG-107315 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der
 nächsten 15 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle
 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.
 
Error - 10.06.12 07:26:12 | Computer Name = MG-107315 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der
 nächsten 15 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle
 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.
 
Error - 10.06.12 07:27:12 | Computer Name = MG-107315 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Treiber für parallelen Anschluss" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1058
 
Error - 10.06.12 07:27:12 | Computer Name = MG-107315 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Manager Image" wurde mit folgendem Fehler beendet:  %%126
 
Error - 10.06.12 07:27:12 | Computer Name = MG-107315 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Helper Image" wurde mit folgendem Fehler beendet:  %%126
 
Error - 10.06.12 07:27:12 | Computer Name = MG-107315 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Image Driver" wurde mit folgendem Fehler beendet:  %%126
 
Error - 10.06.12 07:41:14 | Computer Name = MG-107315 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der
 nächsten 29 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle
 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.
 
 
< End of report >
--- --- ---

--- --- ---


Tausend dank für Eure Hilfe

cosinus 12.06.2012 14:46
Trotzdem bitte alle Logs von Malwarebytes posten
In so einem Log stehen schon ein paar mehr Infos drin als nur Fund oder kein Fund!

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

robee 12.06.2012 21:32
Hier das Log

Code:
12.06.12 20:44:01
mbam-log-2012-06-12 (20-44-01).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 418716
Laufzeit: 1 Stunde(n), 23 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Zur Info, nachdem TDSSKILLER nicht starten wollte habe ich FIXTDSS gefunden und ausgeführt, es wurde etwas gefunden und beseitigt, danach lief auch TDSSKILLER und hat nichts mehr gefunden. Seitdem keine probleme mehr festgestellt.

Grüße

cosinus 12.06.2012 22:32
- Log von Malwarebytes ist unvollständig
- einfach so drauflos fixen ohne zu wissen was genau welcher Eintrag ist gefährlich, da kann man nur strikt von abraten http://cosgan.de/images/midi/boese/a040.gif
- wenn du schon ohne Absprache den TDSS-Killer laufen lässt, kann man auch ohne dass ich nochmal nachhaken muss das Log gleich posten

robee 13.06.2012 10:38
Hmm, jetzt bin ich etwas ratlos, das Log von Malwarbytes soll unvollständig sein ? Ich habe alles gepostet was im Log stand, da fehlt nichts, ich kann Dir gerne die TXT Datei senden.

Und Bitte nicht falsch vestehen, aber ich versuche natürlich auch nach Lösungen zu suchen und verlasse mich nicht nur Blind auf Eure tolle Arbeit hier. In den zwei Tagen bis zu Deiner Antwort, habe ich versucht dem Problem auch Herr zu werden. Der Hinweis auf einen Redirect Trojaner hatte ich ja bekommen, auch den Hinweis auf TDSSKILLER, der nicht startete bei mir, und in einem Englischen Forum den Hinweis auf das Tool von Symantec , der zumindest für mich vorerst zu funktionieren schien. Mir ist klar, dass damit die Gefahr und der Infekt auf meinem Rechner nicht unbedingt beseitigt ist, darum wäre ich für jede weitere Hilfe dankbar.

Das Log von TDSSKILLER reiche ich mit einem Sorry nach:

Code:
11:35:39.0426 1564        TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
11:35:41.0426 1564        ============================================================
11:35:41.0426 1564        Current date / time: 2012/06/13 11:35:41.0426
11:35:41.0426 1564        SystemInfo:
11:35:41.0426 1564       
11:35:41.0426 1564        OS Version: 5.1.2600 ServicePack: 3.0
11:35:41.0426 1564        Product type: Workstation
11:35:41.0426 1564        ComputerName: MG-107315
11:35:41.0426 1564        UserName: Schedler-M
11:35:41.0426 1564        Windows directory: C:\WINDOWS
11:35:41.0426 1564        System windows directory: C:\WINDOWS
11:35:41.0426 1564        Processor architecture: Intel x86
11:35:41.0426 1564        Number of processors: 2
11:35:41.0426 1564        Page size: 0x1000
11:35:41.0426 1564        Boot type: Normal boot
11:35:41.0426 1564        ============================================================
11:35:44.0301 1564        Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
11:35:44.0301 1564        ============================================================
11:35:44.0301 1564        \Device\Harddisk0\DR0:
11:35:44.0301 1564        MBR partitions:
11:35:44.0301 1564        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A9E11
11:35:44.0316 1564        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A9E8F, BlocksNum 0xC86E881
11:35:44.0316 1564        ============================================================
11:35:44.0363 1564        C: <-> \Device\Harddisk0\DR0\Partition0
11:35:44.0394 1564        D: <-> \Device\Harddisk0\DR0\Partition1
11:35:44.0410 1564        ============================================================
11:35:44.0410 1564        Initialize success
11:35:44.0410 1564        ============================================================
11:35:50.0957 3692        ============================================================
11:35:50.0957 3692        Scan started
11:35:50.0957 3692        Mode: Manual;
11:35:50.0957 3692        ============================================================
11:35:52.0269 3692        61883          (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
11:35:52.0269 3692        61883 - ok
11:35:52.0269 3692        Abiosdsk - ok
11:35:52.0269 3692        abp480n5 - ok
11:35:52.0332 3692        acedrv11        (a6fe70357a68ad1e279cd1012419cce6) C:\WINDOWS\system32\drivers\acedrv11.sys
11:35:52.0332 3692        acedrv11 - ok
11:35:52.0379 3692        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:35:52.0379 3692        ACPI - ok
11:35:52.0394 3692        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:35:52.0394 3692        ACPIEC - ok
11:35:52.0426 3692        ADIHdAudAddService (f56565f7490f68015b44c6efbdb97e96) C:\WINDOWS\system32\drivers\ADIHdAud.sys
11:35:52.0426 3692        ADIHdAudAddService - ok
11:35:52.0441 3692        adpu160m - ok
11:35:52.0473 3692        AEAudio        (fff87a9b1ab36ee4b7bec98a4cb01b79) C:\WINDOWS\system32\drivers\AEAudio.sys
11:35:52.0473 3692        AEAudio - ok
11:35:52.0504 3692        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:35:52.0504 3692        aec - ok
11:35:52.0551 3692        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:35:52.0551 3692        AFD - ok
11:35:52.0551 3692        Aha154x - ok
11:35:52.0551 3692        aic78u2 - ok
11:35:52.0566 3692        aic78xx - ok
11:35:52.0644 3692        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
11:35:52.0644 3692        Alerter - ok
11:35:52.0660 3692        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
11:35:52.0660 3692        ALG - ok
11:35:52.0676 3692        AliIde - ok
11:35:52.0676 3692        amsint - ok
11:35:52.0785 3692        Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:35:52.0785 3692        Apple Mobile Device - ok
11:35:52.0926 3692        AppMgmt        (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
11:35:52.0926 3692        AppMgmt - ok
11:35:52.0941 3692        Arp1394        (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:35:52.0941 3692        Arp1394 - ok
11:35:52.0988 3692        ASAPIW2k        (4f9cbbf95e8f7a0d4c0edcfe3b78102e) C:\WINDOWS\system32\drivers\ASAPIW2k.sys
11:35:52.0988 3692        ASAPIW2k - ok
11:35:52.0988 3692        asc - ok
11:35:53.0004 3692        asc3350p - ok
11:35:53.0019 3692        asc3550 - ok
11:35:53.0144 3692        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:35:53.0207 3692        aspnet_state - ok
11:35:53.0223 3692        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:35:53.0223 3692        AsyncMac - ok
11:35:53.0254 3692        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:35:53.0254 3692        atapi - ok
11:35:53.0254 3692        Atdisk - ok
11:35:53.0285 3692        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:35:53.0285 3692        Atmarpc - ok
11:35:53.0316 3692        atmeltpm        (dbf0d7e2df33b469eb55406fea759350) C:\WINDOWS\system32\DRIVERS\atmeltpm.sys
11:35:53.0316 3692        atmeltpm - ok
11:35:53.0332 3692        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
11:35:53.0348 3692        AudioSrv - ok
11:35:53.0379 3692        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:35:53.0379 3692        audstub - ok
11:35:53.0410 3692        Avc            (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
11:35:53.0410 3692        Avc - ok
11:35:53.0473 3692        AVP            (9a2f9ec122d7582ce73b339af5621167) C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe
11:35:53.0473 3692        AVP - ok
11:35:53.0535 3692        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:35:53.0551 3692        Beep - ok
11:35:53.0738 3692        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
11:35:53.0941 3692        BITS - ok
11:35:54.0160 3692        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
11:35:54.0176 3692        Bonjour Service - ok
11:35:54.0176 3692        bpsyorcy - ok
11:35:54.0207 3692        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
11:35:54.0207 3692        Browser - ok
11:35:54.0269 3692        btaudio        (5bcf6090b825def29065bdbd59691dbe) C:\WINDOWS\system32\drivers\btaudio.sys
11:35:54.0285 3692        btaudio - ok
11:35:54.0363 3692        BTKRNL          (ef5e0de0a7ca2977a9255f36f4d915ab) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
11:35:54.0379 3692        BTKRNL - ok
11:35:54.0473 3692        btwdins        (26e038920dec7bcdcac1e4851a235dd0) C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
11:35:54.0488 3692        btwdins - ok
11:35:54.0519 3692        BTWDNDIS        (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
11:35:54.0519 3692        BTWDNDIS - ok
11:35:54.0551 3692        btwhid          (e48668b4a6a5cf68b33aecad18ee8e1e) C:\WINDOWS\system32\DRIVERS\btwhid.sys
11:35:54.0551 3692        btwhid - ok
11:35:54.0676 3692        BTWUSB          (053dc5be74621b63bb48c2b86bafc7b0) C:\WINDOWS\system32\Drivers\btwusb.sys
11:35:54.0676 3692        BTWUSB - ok
11:35:54.0676 3692        bxlst - ok
11:35:54.0707 3692        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:35:54.0723 3692        cbidf2k - ok
11:35:54.0769 3692        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:35:54.0785 3692        CCDECODE - ok
11:35:54.0785 3692        cd20xrnt - ok
11:35:54.0832 3692        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:35:54.0832 3692        Cdaudio - ok
11:35:54.0863 3692        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:35:54.0863 3692        Cdfs - ok
11:35:54.0894 3692        cdrblock        (15e3e2920adac7450e0c7ae5f23a5f53) C:\WINDOWS\system32\DRIVERS\cdrblock.sys
11:35:54.0910 3692        cdrblock - ok
11:35:54.0988 3692        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:35:54.0988 3692        Cdrom - ok
11:35:54.0988 3692        Changer - ok
11:35:55.0035 3692        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
11:35:55.0051 3692        CiSvc - ok
11:35:55.0066 3692        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
11:35:55.0082 3692        ClipSrv - ok
11:35:55.0207 3692        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:35:55.0285 3692        clr_optimization_v2.0.50727_32 - ok
11:35:55.0301 3692        CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:35:55.0301 3692        CmBatt - ok
11:35:55.0316 3692        CmdIde - ok
11:35:55.0348 3692        Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:35:55.0348 3692        Compbatt - ok
11:35:55.0363 3692        COMSysApp - ok
11:35:55.0363 3692        Cpqarray - ok
11:35:55.0410 3692        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
11:35:55.0410 3692        CryptSvc - ok
11:35:55.0441 3692        cusrvc          (b9cd0af2587bd36b480465a66b566124) C:\WINDOWS\system32\cusrvc.exe
11:35:55.0457 3692        cusrvc - ok
11:35:55.0457 3692        dac2w2k - ok
11:35:55.0473 3692        dac960nt - ok
11:35:55.0519 3692        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
11:35:55.0535 3692        DcomLaunch - ok
11:35:55.0566 3692        dg_ssudbus      (d8522960163fa593694e441194a9a574) C:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:35:55.0598 3692        dg_ssudbus - ok
11:35:55.0629 3692        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
11:35:55.0629 3692        Dhcp - ok
11:35:55.0660 3692        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:35:55.0660 3692        Disk - ok
11:35:55.0660 3692        dmadmin - ok
11:35:55.0879 3692        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
11:35:55.0910 3692        dmboot - ok
11:35:55.0926 3692        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
11:35:55.0941 3692        dmio - ok
11:35:55.0957 3692        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:35:55.0957 3692        dmload - ok
11:35:55.0988 3692        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
11:35:55.0988 3692        dmserver - ok
11:35:56.0004 3692        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:35:56.0019 3692        DMusic - ok
11:35:56.0035 3692        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
11:35:56.0035 3692        Dnscache - ok
11:35:56.0082 3692        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
11:35:56.0082 3692        Dot3svc - ok
11:35:56.0098 3692        dpti2o - ok
11:35:56.0098 3692        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:35:56.0098 3692        drmkaud - ok
11:35:56.0144 3692        e1express      (b1e9161ba28d5b826e49a1d0ded7fcc4) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
11:35:56.0144 3692        e1express - ok
11:35:56.0160 3692        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
11:35:56.0160 3692        EapHost - ok
11:35:56.0223 3692        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
11:35:56.0223 3692        ERSvc - ok
11:35:56.0238 3692        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
11:35:56.0238 3692        Eventlog - ok
11:35:56.0316 3692        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
11:35:56.0394 3692        EventSystem - ok
11:35:56.0410 3692        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:35:56.0410 3692        Fastfat - ok
11:35:56.0441 3692        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
11:35:56.0457 3692        FastUserSwitchingCompatibility - ok
11:35:56.0457 3692        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:35:56.0473 3692        Fdc - ok
11:35:56.0473 3692        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
11:35:56.0473 3692        Fips - ok
11:35:56.0488 3692        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:35:56.0488 3692        Flpydisk - ok
11:35:56.0504 3692        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:35:56.0504 3692        FltMgr - ok
11:35:56.0629 3692        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:35:56.0644 3692        FontCache3.0.0.0 - ok
11:35:56.0738 3692        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:35:56.0738 3692        Fs_Rec - ok
11:35:56.0785 3692        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:35:56.0785 3692        Ftdisk - ok
11:35:56.0816 3692        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:35:56.0816 3692        GEARAspiWDM - ok
11:35:56.0848 3692        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:35:56.0848 3692        Gpc - ok
11:35:56.0957 3692        gupdate        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
11:35:56.0957 3692        gupdate - ok
11:35:56.0957 3692        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
11:35:56.0957 3692        gupdatem - ok
11:35:57.0019 3692        gusvc          (408ddd80eede47175f6844817b90213e) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
11:35:57.0019 3692        gusvc - ok
11:35:57.0113 3692        Hardlock        (d95554949082fd29a04d351b58396718) C:\WINDOWS\system32\drivers\hardlock.sys
11:35:57.0129 3692        Hardlock - ok
11:35:57.0176 3692        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:35:57.0176 3692        HDAudBus - ok
11:35:57.0285 3692        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:35:57.0285 3692        helpsvc - ok
11:35:57.0316 3692        HidServ        (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
11:35:57.0332 3692        HidServ - ok
11:35:57.0348 3692        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:35:57.0348 3692        HidUsb - ok
11:35:57.0394 3692        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
11:35:57.0410 3692        hkmsvc - ok
11:35:57.0410 3692        hpn - ok
11:35:57.0457 3692        HSFHWAZL        (0aaef566e6782957252fa79f566fbc0b) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
11:35:57.0473 3692        HSFHWAZL - ok
11:35:57.0769 3692        HSF_DPV        (e472e0cb4e716cc34c0e045f2c196221) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
11:35:57.0801 3692        HSF_DPV - ok
11:35:57.0848 3692        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:35:57.0894 3692        HTTP - ok
11:35:57.0910 3692        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
11:35:57.0926 3692        HTTPFilter - ok
11:35:57.0926 3692        i2omgmt - ok
11:35:57.0926 3692        i2omp - ok
11:35:57.0957 3692        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:35:57.0957 3692        i8042prt - ok
11:35:57.0973 3692        IBMPMDRV        (fa3d0a6da7bb7968efe5c5bc267f0e55) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
11:35:57.0973 3692        IBMPMDRV - ok
11:35:57.0988 3692        IBMPMSVC        (495f184a29b80b51735bcee91d84fe8f) C:\WINDOWS\system32\ibmpmsvc.exe
11:35:57.0988 3692        IBMPMSVC - ok
11:35:58.0332 3692        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:35:58.0363 3692        idsvc - ok
11:35:58.0379 3692        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:35:58.0379 3692        Imapi - ok
11:35:58.0426 3692        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
11:35:58.0426 3692        ImapiService - ok
11:35:58.0441 3692        ini910u - ok
11:35:58.0457 3692        IntelIde - ok
11:35:58.0473 3692        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:35:58.0473 3692        intelppm - ok
11:35:58.0488 3692        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:35:58.0488 3692        Ip6Fw - ok
11:35:58.0519 3692        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:35:58.0519 3692        IpFilterDriver - ok
11:35:58.0551 3692        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:35:58.0551 3692        IpInIp - ok
11:35:58.0707 3692        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:35:58.0707 3692        IpNat - ok
11:35:58.0816 3692        iPod Service    (178fe38b7740f598391eb2f51ae4ccac) C:\Programme\iPod\bin\iPodService.exe
11:35:58.0848 3692        iPod Service - ok
11:35:58.0863 3692        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:35:58.0863 3692        IPSec - ok
11:35:58.0879 3692        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:35:58.0879 3692        IRENUM - ok
11:35:58.0910 3692        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:35:58.0910 3692        isapnp - ok
11:35:58.0910 3692        jsenujoft - ok
11:35:58.0910 3692        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:35:58.0926 3692        Kbdclass - ok
11:35:58.0926 3692        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:35:58.0926 3692        kbdhid - ok
11:35:58.0957 3692        kl1            (45056287cdd70803bad130bf71fe6890) C:\WINDOWS\system32\drivers\kl1.sys
11:35:58.0957 3692        kl1 - ok
11:35:58.0988 3692        KLIF            (283609e026c8becc757c8ac21f050a5a) C:\WINDOWS\system32\drivers\klif.sys
11:35:58.0988 3692        KLIF - ok
11:35:59.0019 3692        klim5          (967e2224217431b21f1d04fbb4c68a4b) C:\WINDOWS\system32\DRIVERS\klim5.sys
11:35:59.0019 3692        klim5 - ok
11:35:59.0066 3692        klnagent        (b1fbd0576e52d2816be7d18b5dac0636) C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe
11:35:59.0066 3692        klnagent - ok
11:35:59.0098 3692        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:35:59.0098 3692        kmixer - ok
11:35:59.0176 3692        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:35:59.0176 3692        KSecDD - ok
11:35:59.0223 3692        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
11:35:59.0223 3692        lanmanserver - ok
11:35:59.0254 3692        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
11:35:59.0254 3692        lanmanworkstation - ok
11:35:59.0269 3692        lbrtfdc - ok
11:35:59.0316 3692        LBTServ        (30974af764f6c454498f6b3325581799) C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe
11:35:59.0316 3692        LBTServ - ok
11:35:59.0363 3692        LENOVO.MICMUTE  (fce735941da27929dbfc1918f286ffd8) C:\Programme\LENOVO\HOTKEY\MICMUTE.exe
11:35:59.0363 3692        LENOVO.MICMUTE - ok
11:35:59.0394 3692        lenovo.smi      (9aac267a225f3caebb9e633f7eb16e4b) C:\WINDOWS\system32\DRIVERS\smiif32.sys
11:35:59.0410 3692        lenovo.smi - ok
11:35:59.0676 3692        LHidFilt        (23d84187822a0020b9f1ea71c7db3193) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
11:35:59.0676 3692        LHidFilt - ok
11:35:59.0707 3692        LicCtrlService  (29fab5363138f6e322f4cd780ed9d337) C:\WINDOWS\runservice.exe
11:36:01.0332 3692        LicCtrlService - ok
11:36:01.0394 3692        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
11:36:01.0394 3692        LmHosts - ok
11:36:01.0457 3692        LMouFilt        (596499c81cb4b5841f91cfe3f514d202) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
11:36:01.0457 3692        LMouFilt - ok
11:36:01.0488 3692        Macromedia Licensing Service (d5ba9b816afef5292fe13c9a6267b6ab) C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
11:36:01.0488 3692        Macromedia Licensing Service - ok
11:36:01.0707 3692        MarvinBus      (7584ffb07305d2e9e3823059a9310b0f) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
11:36:01.0707 3692        MarvinBus - ok
11:36:01.0738 3692        MDC8021X        (1bcec29a142168cc54c3f2669db8c681) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
11:36:01.0738 3692        MDC8021X - ok
11:36:01.0801 3692        MDM            (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
11:36:01.0832 3692        MDM - ok
11:36:01.0910 3692        mdmxsdk        (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:36:01.0910 3692        mdmxsdk - ok
11:36:01.0941 3692        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
11:36:01.0941 3692        Messenger - ok
11:36:01.0957 3692        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:36:01.0973 3692        mnmdd - ok
11:36:02.0004 3692        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
11:36:02.0004 3692        mnmsrvc - ok
11:36:02.0035 3692        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
11:36:02.0035 3692        Modem - ok
11:36:02.0082 3692        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:36:02.0082 3692        Mouclass - ok
11:36:02.0082 3692        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:36:02.0082 3692        mouhid - ok
11:36:02.0098 3692        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:36:02.0098 3692        MountMgr - ok
11:36:02.0098 3692        mraid35x - ok
11:36:02.0129 3692        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:36:02.0129 3692        MRxDAV - ok
11:36:02.0191 3692        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:36:02.0207 3692        MRxSmb - ok
11:36:02.0223 3692        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
11:36:02.0223 3692        MSDTC - ok
11:36:02.0254 3692        MSDV            (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
11:36:02.0254 3692        MSDV - ok
11:36:02.0254 3692        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:36:02.0269 3692        Msfs - ok
11:36:02.0269 3692        MSIServer - ok
11:36:02.0301 3692        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:36:02.0301 3692        MSKSSRV - ok
11:36:02.0316 3692        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:36:02.0316 3692        MSPCLOCK - ok
11:36:02.0332 3692        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:36:02.0332 3692        MSPQM - ok
11:36:02.0410 3692        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:36:02.0410 3692        mssmbios - ok
11:36:02.0457 3692        MSTEE          (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:36:02.0457 3692        MSTEE - ok
11:36:02.0473 3692        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:36:02.0473 3692        Mup - ok
11:36:02.0504 3692        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:36:02.0504 3692        NABTSFEC - ok
11:36:02.0551 3692        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
11:36:02.0566 3692        napagent - ok
11:36:02.0598 3692        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:36:02.0613 3692        NDIS - ok
11:36:02.0613 3692        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:36:02.0629 3692        NdisIP - ok
11:36:02.0660 3692        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:36:02.0660 3692        NdisTapi - ok
11:36:02.0676 3692        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:36:02.0926 3692        Ndisuio - ok
11:36:02.0957 3692        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:36:02.0957 3692        NdisWan - ok
11:36:02.0988 3692        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:36:02.0988 3692        NDProxy - ok
11:36:03.0035 3692        Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
11:36:03.0035 3692        Net Driver HPZ12 - ok
11:36:03.0035 3692        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:36:03.0035 3692        NetBIOS - ok
11:36:03.0066 3692        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:36:03.0082 3692        NetBT - ok
11:36:03.0113 3692        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
11:36:03.0113 3692        NetDDE - ok
11:36:03.0113 3692        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
11:36:03.0113 3692        NetDDEdsdm - ok
11:36:03.0144 3692        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
11:36:03.0144 3692        Netlogon - ok
11:36:03.0176 3692        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
11:36:03.0191 3692        Netman - ok
11:36:03.0285 3692        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:36:03.0301 3692        NetTcpPortSharing - ok
11:36:04.0582 3692        NETw4x32        (01f8a43ff0b77df0e115a7ed4bd76d68) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
11:36:04.0598 3692        NETw4x32 - ok
11:36:04.0738 3692        NetwareWorkstation (9152b3a38ad0147eae4342281ae65883) C:\WINDOWS\system32\NetWare\nwfs.sys
11:36:04.0754 3692        NetwareWorkstation - ok
11:36:04.0879 3692        NIC1394        (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:36:04.0879 3692        NIC1394 - ok
11:36:04.0894 3692        NICM            (c501404558ea82e8a875de6331f0748d) C:\WINDOWS\system32\drivers\nicm.sys
11:36:04.0894 3692        NICM - ok
11:36:04.0941 3692        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
11:36:04.0957 3692        Nla - ok
11:36:04.0973 3692        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:36:04.0973 3692        Npfs - ok
11:36:05.0004 3692        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:36:05.0035 3692        Ntfs - ok
11:36:05.0051 3692        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
11:36:05.0051 3692        NtLmSsp - ok
11:36:05.0285 3692        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
11:36:05.0301 3692        NtmsSvc - ok
11:36:05.0332 3692        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:36:05.0332 3692        Null - ok
11:36:05.0832 3692        nv              (8f91d713ebb1682f36dd93525861149f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:36:06.0129 3692        nv - ok
11:36:06.0348 3692        NVSvc          (ea9cf40a176bf4b6c7a9dc4ae1db6fb6) C:\WINDOWS\system32\nvsvc32.exe
11:36:06.0348 3692        NVSvc - ok
11:36:06.0394 3692        NWDHCP          (a4b071419e0ea596ffb3da89c1f04e61) C:\WINDOWS\system32\NetWare\nwdhcp.sys
11:36:06.0394 3692        NWDHCP - ok
11:36:06.0410 3692        NWDNS          (6327cec99fd740dd1cff11a047789bcc) C:\WINDOWS\system32\NetWare\nwdns.sys
11:36:06.0410 3692        NWDNS - ok
11:36:06.0426 3692        NWFILTER        (7bbf493e2b4979312fa5b350fcf5a4c4) C:\WINDOWS\system32\NetWare\nwfilter.sys
11:36:06.0426 3692        NWFILTER - ok
11:36:06.0441 3692        NWHOST          (baa75acf404bebce7065663664a7c3e4) C:\WINDOWS\system32\NetWare\NWHOST.sys
11:36:06.0441 3692        NWHOST - ok
11:36:06.0473 3692        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:36:06.0473 3692        NwlnkFlt - ok
11:36:06.0488 3692        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:36:06.0488 3692        NwlnkFwd - ok
11:36:06.0504 3692        NWSAP          (2726a6792bbb080ff345ed9a8111360f) C:\WINDOWS\system32\NetWare\NWSAP.sys
11:36:06.0504 3692        NWSAP - ok
11:36:06.0519 3692        NWSIPX32        (0c19ea7bf54f23ef37d8a14c61f64891) C:\WINDOWS\system32\NetWare\nwsipx32.sys
11:36:06.0519 3692        NWSIPX32 - ok
11:36:06.0535 3692        NWSLP          (0b5c354bebc5381b59a196bd7e517814) C:\WINDOWS\system32\NetWare\nwslp.sys
11:36:06.0535 3692        NWSLP - ok
11:36:06.0551 3692        NWSNS          (172308996609da67e99c87fa784df8bc) C:\WINDOWS\system32\NetWare\NWSNS.sys
11:36:06.0551 3692        NWSNS - ok
11:36:06.0582 3692        ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:36:06.0582 3692        ohci1394 - ok
11:36:06.0644 3692        ose            (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
11:36:06.0644 3692        ose - ok
11:36:06.0676 3692        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
11:36:06.0676 3692        Parport - ok
11:36:06.0676 3692        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:36:06.0676 3692        PartMgr - ok
11:36:06.0707 3692        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
11:36:06.0723 3692        ParVdm - ok
11:36:06.0738 3692        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
11:36:06.0738 3692        PCI - ok
11:36:06.0738 3692        PCIDump - ok
11:36:06.0754 3692        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:36:06.0769 3692        PCIIde - ok
11:36:06.0785 3692        PCLEPCI        (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
11:36:06.0785 3692        PCLEPCI - ok
11:36:06.0801 3692        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:36:06.0801 3692        Pcmcia - ok
11:36:06.0816 3692        pcouffin        (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
11:36:06.0816 3692        pcouffin - ok
11:36:06.0832 3692        PDCOMP - ok
11:36:06.0832 3692        PDFRAME - ok
11:36:06.0832 3692        PDRELI - ok
11:36:06.0848 3692        PDRFRAME - ok
11:36:06.0848 3692        perc2 - ok
11:36:06.0848 3692        perc2hib - ok
11:36:06.0879 3692        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
11:36:06.0879 3692        PlugPlay - ok
11:36:06.0926 3692        Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
11:36:06.0926 3692        Pml Driver HPZ12 - ok
11:36:06.0957 3692        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
11:36:06.0957 3692        PolicyAgent - ok
11:36:07.0238 3692        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:36:07.0238 3692        PptpMiniport - ok
11:36:07.0238 3692        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
11:36:07.0238 3692        ProtectedStorage - ok
11:36:07.0301 3692        ProtexisLicensing (64e413ba0c529aa40c3924bbcc4153db) C:\WINDOWS\system32\PSIService.exe
11:36:07.0301 3692        ProtexisLicensing - ok
11:36:07.0316 3692        psadd          (aac08defb15aaab00b30341c716efa35) C:\WINDOWS\system32\DRIVERS\psadd.sys
11:36:07.0332 3692        psadd - ok
11:36:07.0332 3692        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:36:07.0332 3692        PSched - ok
11:36:07.0363 3692        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:36:07.0363 3692        Ptilink - ok
11:36:07.0363 3692        ql1080 - ok
11:36:07.0379 3692        Ql10wnt - ok
11:36:07.0379 3692        ql12160 - ok
11:36:07.0394 3692        ql1240 - ok
11:36:07.0394 3692        ql1280 - ok
11:36:07.0426 3692        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:36:07.0426 3692        RasAcd - ok
11:36:07.0457 3692        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
11:36:07.0473 3692        RasAuto - ok
11:36:07.0488 3692        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:36:07.0488 3692        Rasl2tp - ok
11:36:07.0551 3692        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
11:36:07.0551 3692        RasMan - ok
11:36:07.0551 3692        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:36:07.0551 3692        RasPppoe - ok
11:36:07.0566 3692        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:36:07.0566 3692        Raspti - ok
11:36:07.0598 3692        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:36:07.0598 3692        Rdbss - ok
11:36:07.0613 3692        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:36:07.0613 3692        RDPCDD - ok
11:36:07.0629 3692        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:36:07.0629 3692        rdpdr - ok
11:36:07.0754 3692        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
11:36:07.0769 3692        RDPWD - ok
11:36:07.0801 3692        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
11:36:07.0801 3692        RDSessMgr - ok
11:36:07.0832 3692        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:36:07.0832 3692        redbook - ok
11:36:07.0863 3692        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
11:36:07.0879 3692        RemoteAccess - ok
11:36:07.0910 3692        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
11:36:07.0910 3692        RemoteRegistry - ok
11:36:07.0957 3692        RESMGR          (16c27d650113b0aa0c8255c561a71cd4) C:\WINDOWS\system32\NetWare\resmgr.sys
11:36:07.0957 3692        RESMGR - ok
11:36:08.0004 3692        rimmptsk        (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
11:36:08.0004 3692        rimmptsk - ok
11:36:08.0191 3692        rimsptsk        (a4216c71dd4f60b26418ccfd99cd0815) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
11:36:08.0191 3692        rimsptsk - ok
11:36:08.0207 3692        rismxdp        (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
11:36:08.0207 3692        rismxdp - ok
11:36:08.0238 3692        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
11:36:08.0238 3692        RpcLocator - ok
11:36:08.0301 3692        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
11:36:08.0301 3692        RpcSs - ok
11:36:08.0348 3692        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
11:36:08.0348 3692        RSVP - ok
11:36:08.0379 3692        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
11:36:08.0379 3692        SamSs - ok
11:36:08.0426 3692        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
11:36:08.0426 3692        SCardSvr - ok
11:36:08.0473 3692        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
11:36:08.0488 3692        Schedule - ok
11:36:08.0519 3692        sdbus          (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
11:36:08.0519 3692        sdbus - ok
11:36:08.0551 3692        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:36:08.0551 3692        Secdrv - ok
11:36:08.0566 3692        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
11:36:08.0582 3692        seclogon - ok
11:36:08.0613 3692        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
11:36:08.0613 3692        SENS - ok
11:36:08.0676 3692        Serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:36:08.0676 3692        Serenum - ok
11:36:08.0691 3692        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
11:36:08.0707 3692        Serial - ok
11:36:08.0738 3692        sffdisk        (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
11:36:08.0738 3692        sffdisk - ok
11:36:08.0738 3692        sffp_sd        (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
11:36:08.0738 3692        sffp_sd - ok
11:36:08.0754 3692        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:36:08.0754 3692        Sfloppy - ok
11:36:08.0910 3692        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
11:36:08.0926 3692        SharedAccess - ok
11:36:08.0957 3692        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
11:36:08.0957 3692        ShellHWDetection - ok
11:36:08.0957 3692        Simbad - ok
11:36:08.0988 3692        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:36:08.0988 3692        SLIP - ok
11:36:09.0238 3692        smihlp          (8b098d7113f39ab9c51d071bf0ff11f6) C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys
11:36:09.0238 3692        smihlp - ok
11:36:09.0238 3692        Sparrow - ok
11:36:09.0254 3692        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:36:09.0254 3692        splitter - ok
11:36:09.0285 3692        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
11:36:09.0301 3692        Spooler - ok
11:36:09.0316 3692        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
11:36:09.0316 3692        sr - ok
11:36:09.0348 3692        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
11:36:09.0348 3692        srservice - ok
11:36:09.0394 3692        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:36:09.0394 3692        Srv - ok
11:36:09.0473 3692        SRVLOC          (21d0242d37ab7b275261ed030adaaad5) C:\WINDOWS\system32\NetWare\srvloc.sys
11:36:09.0473 3692        SRVLOC - ok
11:36:09.0488 3692        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
11:36:09.0504 3692        SSDPSRV - ok
11:36:09.0535 3692        ssudmdm        (1b4052f016ba5e087689aba536a0a927) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:36:09.0551 3692        ssudmdm - ok
11:36:09.0598 3692        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
11:36:09.0644 3692        stisvc - ok
11:36:09.0723 3692        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:36:09.0723 3692        streamip - ok
11:36:09.0863 3692        SUService      (ecc419e6ac1fe8ea5f9e792d2c9b1737) C:\Programme\Lenovo\System Update\SUService.exe
11:36:09.0863 3692        SUService - ok
11:36:09.0879 3692        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:36:09.0879 3692        swenum - ok
11:36:09.0894 3692        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:36:09.0894 3692        swmidi - ok
11:36:09.0894 3692        SwPrv - ok
11:36:09.0910 3692        symc810 - ok
11:36:09.0910 3692        symc8xx - ok
11:36:09.0910 3692        sym_hi - ok
11:36:09.0926 3692        sym_u3 - ok
11:36:10.0160 3692        SynTP          (58f3288f83a3e8169eeb6a10787c7f2e) C:\WINDOWS\system32\DRIVERS\SynTP.sys
11:36:10.0191 3692        SynTP - ok
11:36:10.0238 3692        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:36:10.0238 3692        sysaudio - ok
11:36:10.0269 3692        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
11:36:10.0285 3692        SysmonLog - ok
11:36:10.0316 3692        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
11:36:10.0332 3692        TapiSrv - ok
11:36:10.0394 3692        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:36:10.0426 3692        Tcpip - ok
11:36:10.0488 3692        TcUsb          (07d174a992ab0ea6001f390de1afa27b) C:\WINDOWS\system32\Drivers\tcusb.sys
11:36:10.0488 3692        TcUsb - ok
11:36:10.0519 3692        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:36:10.0519 3692        TDPIPE - ok
11:36:10.0535 3692        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:36:10.0535 3692        TDTCP - ok
11:36:10.0551 3692        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:36:10.0551 3692        TermDD - ok
11:36:10.0629 3692        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
11:36:10.0644 3692        TermService - ok
11:36:10.0801 3692        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
11:36:10.0801 3692        Themes - ok
11:36:10.0926 3692        ThinkVantage Registry Monitor Service (6a31e2966354e4ded9533875899ca708) C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
11:36:10.0957 3692        ThinkVantage Registry Monitor Service - ok
11:36:10.0988 3692        TlntSvr        (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
11:36:11.0098 3692        TlntSvr - ok
11:36:11.0238 3692        TosIde - ok
11:36:11.0269 3692        TPHKDRV        (8aef2188630f5ecd79ad9abba630630b) C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys
11:36:11.0269 3692        TPHKDRV - ok
11:36:11.0363 3692        TPHKLOAD        (88d609bfdeb7e013e9e491434190ba43) C:\Programme\LENOVO\HOTKEY\TPHKLOAD.exe
11:36:11.0363 3692        TPHKLOAD - ok
11:36:11.0410 3692        TPHKSVC        (9e6e4a9789f76593cc5a6a5af8fc5929) C:\Programme\LENOVO\HOTKEY\TPHKSVC.exe
11:36:11.0410 3692        TPHKSVC - ok
11:36:11.0441 3692        TpKmpSVC        (dfb268ff0a6dcb9280015ff527f892ff) C:\WINDOWS\system32\TpKmpSVC.exe
11:36:11.0457 3692        TpKmpSVC - ok
11:36:11.0473 3692        TPPWRIF        (44672de6cea9569c21c4b7a8d2560750) C:\WINDOWS\system32\drivers\Tppwrif.sys
11:36:11.0473 3692        TPPWRIF - ok
11:36:11.0519 3692        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
11:36:11.0519 3692        TrkWks - ok
11:36:11.0566 3692        TSP            (283609e026c8becc757c8ac21f050a5a) C:\WINDOWS\system32\drivers\klif.sys
11:36:11.0566 3692        TSP - ok
11:36:11.0676 3692        TSSCoreService  (384383e999450ea1f0117b55461e3a55) C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe
11:36:11.0754 3692        TSSCoreService - ok
11:36:12.0051 3692        TVT Scheduler  (e9ea448f1174be4052416b62263ea4ee) C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
11:36:12.0082 3692        TVT Scheduler - ok
11:36:12.0426 3692        TVTI2C          (8ab24d4b7da715c2c80455137910e792) C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
11:36:12.0426 3692        TVTI2C - ok
11:36:12.0457 3692        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:36:12.0457 3692        Udfs - ok
11:36:12.0473 3692        ultra - ok
11:36:12.0504 3692        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:36:12.0504 3692        Update - ok
11:36:12.0551 3692        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
11:36:12.0566 3692        upnphost - ok
11:36:12.0613 3692        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
11:36:12.0613 3692        UPS - ok
11:36:12.0629 3692        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:36:12.0676 3692        USBAAPL - ok
11:36:12.0707 3692        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
11:36:12.0738 3692        usbaudio - ok
11:36:12.0832 3692        usbcamcl        (8e0b04a707daf7e50a0234f22e343731) C:\WINDOWS\system32\DRIVERS\usbcamcl.sys
11:36:12.0848 3692        usbcamcl - ok
11:36:12.0879 3692        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:36:12.0879 3692        usbccgp - ok
11:36:12.0910 3692        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:36:12.0910 3692        usbehci - ok
11:36:12.0926 3692        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:36:12.0926 3692        usbhub - ok
11:36:12.0957 3692        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:36:12.0973 3692        usbscan - ok
11:36:12.0988 3692        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:36:12.0988 3692        USBSTOR - ok
11:36:13.0004 3692        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:36:13.0004 3692        usbuhci - ok
11:36:13.0269 3692        usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
11:36:13.0285 3692        usbvideo - ok
11:36:13.0301 3692        usb_rndisx      (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
11:36:13.0301 3692        usb_rndisx - ok
11:36:13.0332 3692        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:36:13.0332 3692        VgaSave - ok
11:36:13.0332 3692        ViaIde - ok
11:36:13.0379 3692        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
11:36:13.0379 3692        VolSnap - ok
11:36:13.0410 3692        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
11:36:13.0457 3692        VSS - ok
11:36:13.0488 3692        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
11:36:13.0504 3692        W32Time - ok
11:36:13.0519 3692        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:36:13.0535 3692        Wanarp - ok
11:36:13.0566 3692        wceusbsh        (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
11:36:13.0598 3692        wceusbsh - ok
11:36:14.0644 3692        Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
11:36:14.0660 3692        Wdf01000 - ok
11:36:14.0660 3692        WDICA - ok
11:36:14.0676 3692        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:36:14.0676 3692        wdmaud - ok
11:36:14.0707 3692        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
11:36:14.0707 3692        WebClient - ok
11:36:14.0769 3692        winachsf        (0e666ac2766f2fd860cc03f405a2ace1) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:36:14.0801 3692        winachsf - ok
11:36:14.0863 3692        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:36:14.0863 3692        winmgmt - ok
11:36:14.0910 3692        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
11:36:14.0910 3692        WmdmPmSN - ok
11:36:14.0988 3692        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
11:36:15.0004 3692        Wmi - ok
11:36:15.0019 3692        WmiAcpi        (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:36:15.0019 3692        WmiAcpi - ok
11:36:15.0035 3692        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:36:15.0051 3692        WmiApSrv - ok
11:36:15.0394 3692        WMPNetworkSvc  (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
11:36:15.0426 3692        WMPNetworkSvc - ok
11:36:15.0457 3692        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:36:15.0457 3692        WpdUsb - ok
11:36:15.0488 3692        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
11:36:15.0504 3692        wscsvc - ok
11:36:15.0535 3692        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:36:15.0535 3692        WSTCODEC - ok
11:36:15.0660 3692        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
11:36:15.0738 3692        wuauserv - ok
11:36:15.0769 3692        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:36:15.0769 3692        WudfPf - ok
11:36:15.0801 3692        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:36:15.0801 3692        WudfRd - ok
11:36:15.0816 3692        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
11:36:15.0832 3692        WudfSvc - ok
11:36:15.0879 3692        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
11:36:15.0879 3692        WZCSVC - ok
11:36:15.0926 3692        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
11:36:15.0926 3692        xmlprov - ok
11:36:15.0957 3692        zebrbus        (c95dd99e29e2d5ae7c1aac26b02a111c) C:\WINDOWS\system32\DRIVERS\zebrbus.sys
11:36:15.0973 3692        zebrbus - ok
11:36:16.0004 3692        zebrceb        (c24c28fbd91e912707ac92b34d729fed) C:\WINDOWS\system32\DRIVERS\zebrceb.sys
11:36:16.0004 3692        zebrceb - ok
11:36:16.0035 3692        zebrmdfl        (78f045074b1a6ad699e76e573b5ea82a) C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys
11:36:16.0035 3692        zebrmdfl - ok
11:36:16.0051 3692        zebrmdm        (636df12276af9ee94a34ded15f620714) C:\WINDOWS\system32\DRIVERS\zebrmdm.sys
11:36:16.0066 3692        zebrmdm - ok
11:36:16.0082 3692        zebrmdmc        (4fd7eb4d3c7bd3550c2e15f0a25fc52f) C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys
11:36:16.0082 3692        zebrmdmc - ok
11:36:16.0098 3692        zebrsce        (316954e84d17b985760d8160aa75ed08) C:\WINDOWS\system32\DRIVERS\zebrsce.sys
11:36:16.0098 3692        zebrsce - ok
11:36:16.0129 3692        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
11:36:16.0644 3692        \Device\Harddisk0\DR0 - ok
11:36:16.0644 3692        Boot (0x1200)  (e803142cb8ca80f6b994b557ce30a076) \Device\Harddisk0\DR0\Partition0
11:36:16.0644 3692        \Device\Harddisk0\DR0\Partition0 - ok
11:36:16.0676 3692        Boot (0x1200)  (fbaf61d6765a5a5a4985a74a24d08aae) \Device\Harddisk0\DR0\Partition1
11:36:16.0676 3692        \Device\Harddisk0\DR0\Partition1 - ok
11:36:16.0676 3692        ============================================================
11:36:16.0676 3692        Scan finished
11:36:16.0676 3692        ============================================================
11:36:16.0691 3952        Detected object count: 0
11:36:16.0691 3952        Actual detected object count: 0
Grüße

cosinus 13.06.2012 15:48
Zitat:
Hmm, jetzt bin ich etwas ratlos, das Log von Malwarbytes soll unvollständig sein ? Ich habe alles gepostet was im Log stand, da fehlt nichts, ich kann Dir gerne die TXT Datei senden.
Ja, da fehlt etwas vom Kopf des MBAM-Logs
Und sry, ich glaube ich versteh erst jetzt, dass du mit dem TDSS-Killer nichts gefixt hast, sondern mit einem anderen Tool, erst dann lief der TDSS-Killer? :wtf:
Log von diesem anderen Tool hast du noch?

robee 15.06.2012 08:04
Hallo,

Danke für Deine Hilfe,

ich habe alles abgesucht, aber das Tool von Symatec (FixTDSS) macht wohl kein Log, deshalb ist es leider nicht möglich dieses zu posten.

Anbei ein neuer Versuch das komplette Log File vom Mapwarebytes zu posten:

Code:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.10.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Schedler-M :: MG-107315 [Administrator]

12.06.12 20:44:01
mbam-log-2012-06-12 (20-44-01).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 418716
Laufzeit: 1 Stunde(n), 23 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
ich will schon sicher sein, dass ich nichts mehr auf dem Rechner habe, was würdest Du mir empfehlen jetzt zu machen?

Vielen Dank für Dein Engagement.

Grüße Robee

cosinus 15.06.2012 14:56
ESET hast du ja auch schon ausgeführt. Wo ist das Log?

robee 18.06.2012 12:50
Hallo Cosinus,

Anbei ein ESET Log,

Code:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=79c053dcc2cdfb4291e1caf02e194618
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-09 03:29:45
# local_time=2012-06-09 05:29:45 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1280 16777175 100 0 129267865 129267865 0 0
# compatibility_mode=8192 67108863 100 0 184 184 0 0
# scanned=218981
# found=10
# cleaned=10
# scan_time=5992
C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Temporary Internet Files\Content.IE5\MVCVWYDV\dasdasaseq[1].htm        JS/Kryptik.PH trojan (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Temporary Internet Files\Content.IE5\TRIMBSYH\firstload_com[1].htm        HTML/ScrInject.B.Gen virus (deleted - quarantined)        00000000000000000000000000000000        C
C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Temporary Internet Files\Content.IE5\TRIMBSYH\firstload_com[1].txt        HTML/ScrInject.B.Gen virus (deleted - quarantined)        00000000000000000000000000000000        C
C:\RECYCLER\S-1-5-21-1078081533-1957994488-839522115-1003\Dc17.tmp        Java/Exploit.CVE-2012-0507.AK trojan (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
C:\RECYCLER\S-1-5-21-1078081533-1957994488-839522115-1003\Dc18.tmp        Java/TrojanDownloader.OpenStream.NCV trojan (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
C:\RECYCLER\S-1-5-21-1078081533-1957994488-839522115-1003\Dc19.tmp        Java/TrojanDownloader.OpenStream.NCV trojan (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
D:\Download wichtig\CRC Killer\CRC-Killer.exe        Win32/Packed.Autoit.C.Gen application (deleted - quarantined)        00000000000000000000000000000000        C
Update failed (41217). Trying proxy mg-proxy8080
finished. ret_update=0 e_gle=0
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=79c053dcc2cdfb4291e1caf02e194618
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-18 10:58:01
# local_time=2012-06-18 12:58:01 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1280 16777175 100 0 130024076 130024076 0 0
# compatibility_mode=8192 67108863 100 0 756395 756395 0 0
# scanned=215988
# found=0
# cleaned=0
# scan_time=6729
Danke für Deine Hilfe

cosinus 18.06.2012 14:23
Code:
D:\Download wichtig\CRC Killer\CRC-Killer.exe
Was soll das denn sein? Quelle?

robee 18.06.2012 15:06
Hallo Cosiuns,

das war ein Prog, das hilft, wenn Archive einen CRC Fehler haben. Arbeitet mit Winrar und Zip

Quelle: hxxp://www.perfectsoft.tk/Programme.php?n=CRC-Killer

lg Robee

cosinus 18.06.2012 15:56
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

robee 10.07.2012 08:10
Hallo cosinus,

sorry für die Verspätung, war auf Dienstreise.

Anbei das OTL Log

OTL Logfile:
Code:
OTL logfile created on: 23.06.12 14:34:14 - Run 2
OTL by OldTimer - Version 3.2.48.0    Folder = C:\Dokumente und Einstellungen\*****-M\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yy
 
3,00 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 76,62% Memory free
4,84 Gb Paging File | 3,88 Gb Available in Paging File | 80,16% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 7,21 Gb Free Space | 14,77% Space Free | Partition Type: NTFS
Drive D: | 100,22 Gb Total Space | 26,12 Gb Free Space | 26,07% Space Free | Partition Type: NTFS
 
Computer Name: MG-107315 | User Name: *****-M | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\*****-M\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Canon\Solution Menu EX\CNSEUPDT.EXE (CANON INC.)
PRC - C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited)
PRC - C:\Programme\Pc Camera\3288.exe (Microsoft)
PRC - C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab)
PRC - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe ()
PRC - C:\WINDOWS\Runservice.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\Client Security Solution\password_manager.exe (Lenovo Group Limited)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\Programme\ThinkPad\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe (Kaspersky Lab)
PRC - C:\WINDOWS\system32\PSIService.exe ()
PRC - C:\WINDOWS\system32\TpKmpSvc.exe ()
PRC - C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe (iPass Inc)
PRC - C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.)
PRC - C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\nwtray.exe (Novell, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\WINDOWS\system32\nview.dll ()
MOD - C:\WINDOWS\system32\nvshell.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe ()
MOD - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\K2NPROXY.dll ()
MOD - C:\WINDOWS\mmfs.dll ()
MOD - C:\WINDOWS\Runservice.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Programme\ThinkPad\Utilities\PWRMGRIF.DLL ()
MOD - C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL ()
MOD - C:\WINDOWS\system32\btwicons.dll ()
MOD - C:\WINDOWS\system32\PSIService.exe ()
MOD - C:\WINDOWS\system32\TpKmpSvc.exe ()
MOD - C:\WINDOWS\system32\nwshlxnt.dll ()
MOD - C:\WINDOWS\system32\nls\DEUTSCH\nwshlxnr.dll ()
MOD - C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\libeay32.dll ()
MOD - C:\Programme\Adobe\Acrobat 6.0\Distillr\AdistRes.DEU ()
MOD - C:\WINDOWS\system32\HPBHEALR.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (jsenujoft) -- C:\WINDOWS\system32\zxjaux.dll File not found
SRV - (bxlst) -- C:\WINDOWS\system32\zxjaux.dll File not found
SRV - (bpsyorcy) -- C:\WINDOWS\system32\zxjaux.dll File not found
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TPHKLOAD) -- C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited)
SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
SRV - (LENOVO.MICMUTE) -- C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
SRV - (SUService) -- C:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab)
SRV - (LicCtrlService) -- C:\WINDOWS\Runservice.exe ()
SRV - (Macromedia Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe ()
SRV - (TVT Scheduler) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (ThinkVantage Registry Monitor Service) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (klnagent) -- C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe (Kaspersky Lab)
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (cusrvc) -- C:\WINDOWS\system32\cusrvc.exe (Novell, Inc.)
SRV - (TpKmpSVC) -- C:\WINDOWS\system32\TpKmpSvc.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (lenovo.smi) -- C:\WINDOWS\system32\drivers\smiif32.sys (Lenovo Group Limited)
DRV - (usbcamcl) -- C:\WINDOWS\system32\drivers\usbcamcl.sys (usb camera)
DRV - (TSP) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (cdrblock) -- C:\WINDOWS\system32\drivers\cdrblock.sys (Canopus Co,. Ltd.)
DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications)
DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS ()
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (NETw4x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.)
DRV - (zebrsce) -- C:\WINDOWS\system32\drivers\zebrsce.sys (MCCI)
DRV - (zebrmdmc) Sony Ericsson mRouter Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdmc.sys (MCCI)
DRV - (zebrmdm) Sony Ericsson Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdm.sys (MCCI)
DRV - (zebrmdfl) -- C:\WINDOWS\system32\drivers\zebrmdfl.sys (MCCI Corporation)
DRV - (zebrbus) -- C:\WINDOWS\system32\drivers\zebrbus.sys (MCCI)
DRV - (zebrceb) Sony Ericsson Cable Emulation Bus (WDM) -- C:\WINDOWS\system32\drivers\zebrceb.sys (MCCI)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (NetwareWorkstation) -- C:\WINDOWS\system32\NetWare\nwfs.sys (Novell, Inc.)
DRV - (NWDNS) -- C:\WINDOWS\system32\NetWare\nwdns.sys (Novell, Inc.)
DRV - (SRVLOC) -- C:\WINDOWS\system32\NetWare\srvloc.sys (Novell, Inc.)
DRV - (NICM) -- C:\WINDOWS\system32\drivers\nicm.sys (Novell, Inc.)
DRV - (NWDHCP) -- C:\WINDOWS\system32\NetWare\nwdhcp.sys (Novell, Inc.)
DRV - (NWSIPX32) -- C:\WINDOWS\system32\NetWare\nwsipx32.sys (Novell, Inc.)
DRV - (NWHOST) -- C:\WINDOWS\system32\NetWare\nwhost.sys (Novell, Inc.)
DRV - (NWSNS) -- C:\WINDOWS\system32\NetWare\nwsns.sys (Novell, Inc.)
DRV - (NWFILTER) -- C:\WINDOWS\system32\NetWare\nwfilter.sys (Novell, Inc.)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (NWSLP) -- C:\WINDOWS\system32\NetWare\nwslp.sys (Novell, Inc.)
DRV - (RESMGR) -- C:\WINDOWS\system32\NetWare\resmgr.sys (Novell, Inc.)
DRV - (ASAPIW2k) -- C:\WINDOWS\system32\drivers\asapiW2k.sys (Pinnacle Systems GmbH)
DRV - (NWSAP) -- C:\WINDOWS\system32\NetWare\nwsap.sys ()
DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 172.19.*.*;172.16.16.*;80.146.166.*;<local>
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ftp=proxyserver:21;gopher=proxyserver:8080;http=proxyserver:8080;https=proxyserver:8080
 
 
IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ds-technologie.de/
IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 51 BA 3B 0B 7C CA 01  [binary data]
IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..\SearchScopes,DefaultScope = {6221EBD2-4870-4CC4-9778-E6576CED9E43}
IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..\SearchScopes\{6221EBD2-4870-4CC4-9778-E6576CED9E43}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGIT_de
IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = mg-proxy:8080
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..network.proxy.backup.ftp: "mg-proxy"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "mg-proxy"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "mg-proxy"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "mg-proxy"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "mg-proxy"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "mg-proxy"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "mg-proxy"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.socks: "mg-proxy"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "mg-proxy"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.03.19 11:10:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.03.19 11:10:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FCF36B88-1BBA-487f-B64B-D2E8980A9293}: C:\Programme\Lenovo\Client Security Solution\PWM Firefox Extension [2008.05.07 16:08:41 | 000,000,000 | ---D | M]
 
[2009.04.16 13:11:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mozilla\Extensions
[2008.05.28 21:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.05.08 09:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions
[2011.06.29 10:18:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.03.19 11:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.07 09:31:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.03.13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.24 00:49:22 | 001,826,192 | ---- | M] (Caminova, Inc.) -- C:\Programme\mozilla firefox\plugins\npdjvu.dll
[2003.09.04 14:37:44 | 000,892,928 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\NPSWF32.dll
[2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  File not found
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} -  File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -  File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -  File not found
O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} -  File not found
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -  File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  File not found
O3 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  File not found
O3 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  File not found
O4 - HKLM..\Run: [3288] C:\Programme\Pc Camera\3288.exe (Microsoft)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [iPCCheck] C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe (iPass Inc)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [LPMailChecker] C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NexusServer] C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [NWTRAY] C:\WINDOWS\System32\nwtray.exe (Novell, Inc.)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [PSQLLauncher] C:\Programme\ThinkVantage Fingerprint Software\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003..\Run: [iecfgRpl] rundll32.exe "C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\iecfgRpl\SecurityMapServ.dll", appMapTrust msWebnt5 File not found
O4 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003..\Run: [SkypePM] C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Skype\SkypePM.exe File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: CompatibleRUPSecurity = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office2003\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save page in SuperOffice - C:\Programme\SuperOffice\SoIeExtensions.dll (SuperOffice AS)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\NetWare\nwws2nds.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\NetWare\nwws2sap.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\NetWare\nwws2slp.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-1078081533-1957994488-839522115-1003\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} https://photoservice.fujicolor.de/ips-opdata/objects/jordan-canvasx.cab (JordanUploader Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209556674671 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = starrag.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{007E9E8C-277D-49B5-8454-B8FE8ED9DCD8}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\adialhk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\WINDOWS\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\psfus: DllName - (C:\WINDOWS\system32\psqlpwd.dll) - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwv1_0) - C:\WINDOWS\System32\nwv1_0.dll (Novell, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.30 15:52:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell - "" = AutoRun
O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{8a22bd91-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\StartPortableApps.exe
O33 - MountPoints2\{8a22bdf9-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\pstart.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: bxlst - C:\WINDOWS\system32\zxjaux.dll File not found
NetSvcs: bpsyorcy - C:\WINDOWS\system32\zxjaux.dll File not found
NetSvcs: jsenujoft - C:\WINDOWS\system32\zxjaux.dll File not found
 
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: PC Suite for Smartphones - hkey= - key= - C:\Programme\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WdfLoadGroup -
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WdfLoadGroup -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.CDV5 - C:\WINDOWS\System32\cdv5codc.dll (Canopus Co., Ltd.)
Drivers32: vidc.CDVC - C:\WINDOWS\System32\cdvccodc.dll (Canopus Co., Ltd.)
Drivers32: vidc.CDVH - C:\WINDOWS\System32\cdvhcodc.dll (Canopus Co., Ltd.)
Drivers32: vidc.CLLC - C:\WINDOWS\System32\cllccodc.dll (Canopus Co., Ltd.)
Drivers32: vidc.CMIC - C:\WINDOWS\System32\cmiccodc.dll (Thomson Canopus Co., Ltd.)
Drivers32: vidc.CUVC - C:\WINDOWS\System32\cuvccodc.dll (Canopus Co., Ltd.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: vidc.pDAD - C:\WINDOWS\System32\prodad-codec.dll (proDAD GmbH)
Drivers32: VIDC.PIM1 - C:\WINDOWS\System32\pclepim1.dll (Pinnacle Systems)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.19 14:46:37 | 000,000,000 | ---D | C] -- C:\StarragHeckert
[2012.06.19 14:46:16 | 000,000,000 | ---D | C] -- C:\VDW Kommunikationsausschuss
[2012.06.11 09:16:49 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.06.10 13:38:57 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\*****-M\Desktop\TDSSKiller.exe
[2012.06.10 13:19:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.06.10 13:16:18 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\*****-M\Desktop\OTL.exe
[2012.06.09 15:46:49 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.06.08 10:53:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*****-M\Startmenü\Programme\Google Chrome
[2012.06.08 10:48:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\Deployment
[2012.06.04 14:28:33 | 000,000,000 | ---D | C] -- C:\IMTS 2012
[2012.06.02 15:28:06 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJSolutionMenuEX
[2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEPPEX2
[2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonEPP
[2012.06.02 15:27:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Canon
[2012.06.02 15:27:32 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter
[2012.06.02 15:17:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2012.06.02 15:15:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canon IJ Network Tool
[2012.06.02 15:14:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\medias
[2012.06.02 15:14:04 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJFAX
[2012.06.02 15:12:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Benutzerregistrierung
[2012.06.02 15:09:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\CANON
[2012.06.02 15:09:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJWSpt
[2012.06.02 15:05:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon Utilities
[2012.06.02 15:04:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Manual
[2012.06.02 15:03:05 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012.06.02 15:02:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2012.06.02 15:02:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series
[2012.06.02 15:02:01 | 000,000,000 | -H-D | C] -- C:\Programme\CanonBJ
[2012.06.02 15:01:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\STRING
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.23 14:40:03 | 272,104,480 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2012.06.23 14:40:02 | 010,434,592 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2012.06.23 14:28:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.23 14:16:53 | 000,168,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2012.06.23 13:54:00 | 000,001,230 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job
[2012.06.23 13:28:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.23 13:27:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012.06.23 10:54:00 | 000,001,178 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job
[2012.06.23 10:16:26 | 000,185,449 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.06.23 10:16:19 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2012.06.23 10:15:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.06.23 10:15:37 | 000,001,977 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys
[2012.06.23 10:15:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.06.23 10:15:09 | 3219,435,520 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.22 22:41:32 | 003,659,660 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2012.06.22 22:41:32 | 000,991,676 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2012.06.22 20:16:49 | 000,000,184 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2012.06.22 11:39:36 | 000,168,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2012.06.22 08:17:29 | 000,001,004 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012.06.18 11:12:05 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.06.15 09:27:27 | 000,001,168 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Calendar.lnk
[2012.06.15 08:13:28 | 000,444,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.14 23:13:09 | 000,453,030 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.06.14 23:13:09 | 000,436,080 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.06.14 23:13:09 | 000,081,810 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.06.14 23:13:09 | 000,068,976 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.06.14 23:08:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.06.14 13:50:47 | 000,008,790 | RHS- | M] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol
[2012.06.10 13:18:24 | 002,108,959 | ---- | M] () -- C:\Dokumente und Einstellungen\*****-M\Desktop\tdsskiller.zip
[2012.06.10 13:16:27 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\*****-M\Desktop\OTL.exe
[2012.06.02 15:09:09 | 000,001,686 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk
[2012.06.02 15:04:40 | 000,001,935 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk
 
========== Files Created - No Company Name ==========
 
[2012.06.15 09:27:27 | 000,001,168 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Calendar.lnk
[2012.06.10 13:18:17 | 002,108,959 | ---- | C] () -- C:\Dokumente und Einstellungen\*****-M\Desktop\tdsskiller.zip
[2012.06.10 13:08:47 | 3219,435,520 | -HS- | C] () -- C:\hiberfil.sys
[2012.06.08 10:49:47 | 000,001,230 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job
[2012.06.08 10:49:46 | 000,001,178 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job
[2012.06.02 15:14:15 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\CNC175ED.TBL
[2012.06.02 15:09:09 | 000,001,686 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk
[2012.06.02 15:04:40 | 000,001,935 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk
[2012.05.23 10:34:01 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.17 09:19:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.09.20 21:13:00 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\*****-M\Lokale Einstellungen\Anwendungsdaten\{CE2EE4B6-4EE3-456B-A851-2F4B01E978E5}
[2011.03.01 10:16:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\SoIds.ini
[2011.03.01 10:13:07 | 000,000,041 | ---- | C] () -- C:\WINDOWS\souser.ini
[2011.02.20 13:40:56 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.02.17 20:55:33 | 000,038,469 | ---- | C] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Kommagetrennte Werte (Windows).ADR
[2011.01.26 09:42:20 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CmdFile.INI
[2011.01.17 15:12:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI
[2010.08.24 12:00:16 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\CoUninstall.dll
[2010.08.24 11:35:45 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.08.24 11:24:39 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\camera.ini
[2010.07.07 13:37:54 | 000,155,700 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.DLL
 
========== LOP Check ==========
 
[2008.05.05 15:56:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Lenovo
[2008.05.07 11:18:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\administrator\Anwendungsdaten\Lenovo
[2008.05.07 11:18:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\administrator\Anwendungsdaten\Teleca
[2012.06.02 15:15:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canon IJ Network Tool
[2012.06.02 15:03:05 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012.06.02 15:27:59 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonEPP
[2012.06.02 15:27:59 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEPPEX2
[2012.06.02 15:14:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJFAX
[2012.06.02 15:27:33 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter
[2012.06.02 16:00:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2012.06.02 15:28:06 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJSolutionMenuEX
[2012.06.02 15:09:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJWSpt
[2010.04.13 11:54:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canopus
[2012.05.20 12:06:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2010.02.27 11:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Grass Valley
[2011.03.31 13:40:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lenovo
[2008.05.05 13:09:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2008.05.05 13:06:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SmartSound Software Inc
[2008.05.06 15:43:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Teleca
[2008.04.30 13:00:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UIB
[2010.02.12 11:12:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\vsosdk
[2011.06.09 21:12:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012.02.09 10:50:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\.oit
[2010.01.10 18:24:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\AnvSoft
[2010.05.07 09:37:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\AudioMoves
[2010.01.10 19:20:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\avidemux
[2012.06.02 15:27:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Canon
[2010.04.13 09:43:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Canopus
[2010.04.02 20:42:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Digiarty
[2011.11.07 21:57:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular
[2008.05.18 17:05:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Haenlein-Software
[2011.06.30 21:34:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Imaxel
[2008.05.05 21:08:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\K9
[2011.03.31 13:50:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Lenovo
[2010.05.07 09:01:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mp3tag
[2008.05.05 15:20:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\OfficeUpdate12
[2010.02.25 11:50:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\proDAD
[2009.12.22 18:13:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\ProtectDisc
[2011.04.20 11:12:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\SOGroupWiseLink
[2010.01.22 16:31:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\TeamViewer
[2008.05.07 08:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Teleca
[2010.02.12 12:19:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Vso
[2011.08.12 10:11:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\XMedia Recode
[2012.06.23 10:16:19 | 000,000,300 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.02.09 10:50:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\.oit
[2008.05.08 09:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Adobe
[2008.09.21 17:31:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\AdobeUM
[2010.01.10 18:24:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\AnvSoft
[2012.01.01 20:14:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Apple Computer
[2010.05.07 09:37:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\AudioMoves
[2010.01.10 19:20:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\avidemux
[2012.06.02 15:27:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Canon
[2010.04.13 09:43:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Canopus
[2012.06.22 08:17:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Corel
[2010.04.02 20:42:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Digiarty
[2012.02.16 12:13:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\dvdcss
[2011.11.07 21:57:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular
[2011.02.08 13:38:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Google
[2008.05.18 17:05:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Haenlein-Software
[2008.06.24 12:55:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Help
[2008.04.30 16:36:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Identities
[2011.06.30 21:34:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Imaxel
[2008.05.07 09:42:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\InstallShield
[2008.05.05 21:08:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\K9
[2011.03.31 13:50:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Lenovo
[2008.05.07 09:46:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Logitech
[2010.06.23 09:24:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Macromedia
[2012.05.04 18:35:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Malwarebytes
[2011.11.10 13:48:25 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Microsoft
[2008.05.28 21:01:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mozilla
[2010.05.07 09:01:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Mp3tag
[2008.05.05 15:20:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\OfficeUpdate12
[2010.02.25 11:50:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\proDAD
[2009.12.22 18:13:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\ProtectDisc
[2008.05.21 13:12:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Real
[2011.12.07 15:31:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Skype
[2011.12.07 09:29:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\skypePM
[2011.04.20 11:12:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\SOGroupWiseLink
[2008.05.06 15:43:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Sony Ericsson
[2008.05.18 19:49:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Sun
[2010.01.22 16:31:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\TeamViewer
[2008.05.07 08:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Teleca
[2009.10.13 08:23:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\U3
[2012.06.13 11:42:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\vlc
[2010.02.12 12:19:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Vso
[2010.07.24 14:36:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\WinRAR
[2011.08.12 10:11:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\XMedia Recode
 
< %APPDATA%\*.exe /s >
[2010.02.12 10:23:20 | 000,087,608 | ---- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\inst.exe
[2008.08.19 08:38:28 | 015,919,168 | ---- | M] (Adobe Systems Inc                                          ) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Adobe\Acrobat\6.0\Updater\Ac60PrP1.exe
[2012.05.20 12:06:15 | 006,220,536 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\install_eur11.exe
[2012.05.20 12:06:34 | 005,924,512 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\install_gst11.exe
[2012.05.20 12:06:52 | 005,358,992 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\install_ust11.exe
[2012.02.09 19:40:01 | 004,939,152 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\install_ustva12.exe
[2012.05.20 12:07:08 | 004,782,000 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_dfv_10_7094_8623.exe
[2012.05.20 12:07:25 | 004,780,824 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_dfv_11_7094_8623.exe
[2012.05.20 12:07:44 | 004,882,440 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_eur_09_7094_8623.exe
[2012.05.20 12:08:03 | 004,892,792 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_eur_10_7094_8623.exe
[2012.05.20 12:09:21 | 004,809,616 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_gstz_09_7094_8623.exe
[2012.05.20 12:09:40 | 004,810,128 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_gstz_10_7094_8623.exe
[2012.05.20 12:08:31 | 004,817,040 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_gst_09_7094_8623.exe
[2012.05.20 12:08:54 | 004,813,680 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_gst_10_7094_8623.exe
[2012.05.20 12:09:58 | 004,798,488 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_lsta_10_7094_8623.exe
[2012.05.20 12:10:15 | 004,799,024 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_lsta_11_7094_8623.exe
[2012.05.20 12:10:33 | 004,863,224 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_lstb_10_7094_8623.exe
[2012.05.20 12:10:53 | 004,874,792 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_lstb_11_7094_8623.exe
[2012.05.20 12:11:14 | 005,208,440 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_par34a_09_7094_8623.exe
[2012.05.20 12:11:35 | 005,211,920 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_par34a_10_7094_8623.exe
[2012.02.09 19:49:32 | 012,718,200 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_pica_0_7094_8086.exe
[2012.05.20 12:05:36 | 007,941,880 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_pica_0_8086_8623.exe
[2012.05.20 12:12:30 | 004,812,784 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_ustva_10_7094_8623.exe
[2012.05.20 12:12:49 | 004,832,384 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_ustva_11_7094_8623.exe
[2012.05.20 12:13:08 | 004,729,800 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_ustva_12_8086_8623.exe
[2012.05.20 12:11:54 | 004,835,224 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_ust_09_7094_8623.exe
[2012.05.20 12:12:13 | 004,846,696 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\pluginmanager\tmp\update_ust_10_7094_8623.exe
[2011.11.07 21:49:29 | 011,250,312 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\elsterformular\update\ElsterFormular_update-12_3_2_6814u.exe
[2010.04.12 19:26:19 | 000,029,184 | R--- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
[2010.12.15 14:40:11 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2008.05.28 21:09:09 | 018,878,872 | ---- | M] (TomTom International B.V.) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\TomTom\HOME\Profiles\0i55q4cq.default\Updates\v2_3_1_92_win.exe
[2009.05.27 09:48:09 | 019,165,248 | ---- | M] (TomTom International B.V.) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\TomTom\HOME\Profiles\0i55q4cq.default\Updates\v2_6_2_1586_win.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\U3\1738311B2CC3658F\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | ---- | M] (SanDisk Corporation) -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\U3\1738311B2CC3658F\Launchpad Removal.exe
[2008.05.04 16:02:26 | 004,603,904 | ---- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\U3\1738311B2CC3658F\LaunchPad.exe
[2007.10.23 09:44:48 | 000,054,584 | ---- | M] () -- C:\Dokumente und Einstellungen\*****-M\Anwendungsdaten\U3\1738311B2CC3658F\U3AccessGrant.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007.02.08 23:42:28 | 000,024,064 | ---- | M] () -- C:\fat32format.exe
 
< MD5 for: AGP440.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.05.20 08:38:45 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.05.20 08:38:45 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.05.20 08:38:45 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.05.20 08:38:45 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2007.08.14 15:57:16 | 000,033,280 | ---- | M] (UPEK Inc.) MD5=0E7DFE44AAA02A1F523CD4180A443C30 -- C:\Programme\ThinkVantage Fingerprint Software\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.04.30 17:36:53 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.04.30 17:36:53 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.04.30 17:36:53 | 000,458,752 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<          >

< End of report >
--- --- ---
[/code]

Und hier das Log nach dem Custom Scan

OTL Logfile:
Code:
OTL logfile created on: 23.06.12 10:39:37 - Run 2
OTL by OldTimer - Version 3.2.48.0    Folder = C:\Dokumente und Einstellungen\******-M\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yy
 
3,00 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 75,39% Memory free
4,84 Gb Paging File | 3,84 Gb Available in Paging File | 79,43% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 7,21 Gb Free Space | 14,76% Space Free | Partition Type: NTFS
Drive D: | 100,22 Gb Total Space | 26,12 Gb Free Space | 26,07% Space Free | Partition Type: NTFS
 
Computer Name: MG-107315 | User Name: ******-M | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\******-M\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Canon\Solution Menu EX\CNSEUPDT.EXE (CANON INC.)
PRC - C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited)
PRC - C:\Programme\Pc Camera\3288.exe (Microsoft)
PRC - C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab)
PRC - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe ()
PRC - C:\WINDOWS\Runservice.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\Client Security Solution\password_manager.exe (Lenovo Group Limited)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\Programme\ThinkPad\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe (Kaspersky Lab)
PRC - C:\WINDOWS\system32\PSIService.exe ()
PRC - C:\WINDOWS\system32\TpKmpSvc.exe ()
PRC - C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe (iPass Inc)
PRC - C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.)
PRC - C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\nwtray.exe (Novell, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\WINDOWS\system32\nview.dll ()
MOD - C:\WINDOWS\system32\nvshell.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe ()
MOD - C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\K2NPROXY.dll ()
MOD - C:\WINDOWS\mmfs.dll ()
MOD - C:\WINDOWS\Runservice.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Programme\ThinkPad\Utilities\PWRMGRIF.DLL ()
MOD - C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL ()
MOD - C:\WINDOWS\system32\btwicons.dll ()
MOD - C:\WINDOWS\system32\PSIService.exe ()
MOD - C:\WINDOWS\system32\TpKmpSvc.exe ()
MOD - C:\WINDOWS\system32\nwshlxnt.dll ()
MOD - C:\WINDOWS\system32\nls\DEUTSCH\nwshlxnr.dll ()
MOD - C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\libeay32.dll ()
MOD - C:\Programme\Adobe\Acrobat 6.0\Distillr\AdistRes.DEU ()
MOD - C:\WINDOWS\system32\HPBHEALR.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (jsenujoft) -- C:\WINDOWS\system32\zxjaux.dll File not found
SRV - (bxlst) -- C:\WINDOWS\system32\zxjaux.dll File not found
SRV - (bpsyorcy) -- C:\WINDOWS\system32\zxjaux.dll File not found
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TPHKLOAD) -- C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited)
SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
SRV - (LENOVO.MICMUTE) -- C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
SRV - (SUService) -- C:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab)
SRV - (LicCtrlService) -- C:\WINDOWS\Runservice.exe ()
SRV - (Macromedia Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe ()
SRV - (TVT Scheduler) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (ThinkVantage Registry Monitor Service) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (klnagent) -- C:\Programme\Kaspersky Lab\NetworkAgent\klnagent.exe (Kaspersky Lab)
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (cusrvc) -- C:\WINDOWS\system32\cusrvc.exe (Novell, Inc.)
SRV - (TpKmpSVC) -- C:\WINDOWS\system32\TpKmpSvc.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (lenovo.smi) -- C:\WINDOWS\system32\drivers\smiif32.sys (Lenovo Group Limited)
DRV - (usbcamcl) -- C:\WINDOWS\system32\drivers\usbcamcl.sys (usb camera)
DRV - (TSP) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (cdrblock) -- C:\WINDOWS\system32\drivers\cdrblock.sys (Canopus Co,. Ltd.)
DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications)
DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS ()
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (NETw4x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.)
DRV - (zebrsce) -- C:\WINDOWS\system32\drivers\zebrsce.sys (MCCI)
DRV - (zebrmdmc) Sony Ericsson mRouter Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdmc.sys (MCCI)
DRV - (zebrmdm) Sony Ericsson Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdm.sys (MCCI)
DRV - (zebrmdfl) -- C:\WINDOWS\system32\drivers\zebrmdfl.sys (MCCI Corporation)
DRV - (zebrbus) -- C:\WINDOWS\system32\drivers\zebrbus.sys (MCCI)
DRV - (zebrceb) Sony Ericsson Cable Emulation Bus (WDM) -- C:\WINDOWS\system32\drivers\zebrceb.sys (MCCI)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (NetwareWorkstation) -- C:\WINDOWS\system32\NetWare\nwfs.sys (Novell, Inc.)
DRV - (NWDNS) -- C:\WINDOWS\system32\NetWare\nwdns.sys (Novell, Inc.)
DRV - (SRVLOC) -- C:\WINDOWS\system32\NetWare\srvloc.sys (Novell, Inc.)
DRV - (NICM) -- C:\WINDOWS\system32\drivers\nicm.sys (Novell, Inc.)
DRV - (NWDHCP) -- C:\WINDOWS\system32\NetWare\nwdhcp.sys (Novell, Inc.)
DRV - (NWSIPX32) -- C:\WINDOWS\system32\NetWare\nwsipx32.sys (Novell, Inc.)
DRV - (NWHOST) -- C:\WINDOWS\system32\NetWare\nwhost.sys (Novell, Inc.)
DRV - (NWSNS) -- C:\WINDOWS\system32\NetWare\nwsns.sys (Novell, Inc.)
DRV - (NWFILTER) -- C:\WINDOWS\system32\NetWare\nwfilter.sys (Novell, Inc.)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (NWSLP) -- C:\WINDOWS\system32\NetWare\nwslp.sys (Novell, Inc.)
DRV - (RESMGR) -- C:\WINDOWS\system32\NetWare\resmgr.sys (Novell, Inc.)
DRV - (ASAPIW2k) -- C:\WINDOWS\system32\drivers\asapiW2k.sys (Pinnacle Systems GmbH)
DRV - (NWSAP) -- C:\WINDOWS\system32\NetWare\nwsap.sys ()
DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ds-technologie.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 51 BA 3B 0B 7C CA 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6221EBD2-4870-4CC4-9778-E6576CED9E43}
IE - HKCU\..\SearchScopes\{6221EBD2-4870-4CC4-9778-E6576CED9E43}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGIT_de
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = mg-proxy:8080
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..network.proxy.backup.ftp: "mg-proxy"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "mg-proxy"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "mg-proxy"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "mg-proxy"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "mg-proxy"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "mg-proxy"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "mg-proxy"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.socks: "mg-proxy"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "mg-proxy"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.03.19 11:10:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.03.19 11:10:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FCF36B88-1BBA-487f-B64B-D2E8980A9293}: C:\Programme\Lenovo\Client Security Solution\PWM Firefox Extension [2008.05.07 16:08:41 | 000,000,000 | ---D | M]
 
[2009.04.16 13:11:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Mozilla\Extensions
[2008.05.28 21:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.05.08 09:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions
[2011.06.29 10:18:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Mozilla\Firefox\Profiles\lxr297nk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.03.19 11:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.07 09:31:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.03.13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.24 00:49:22 | 001,826,192 | ---- | M] (Caminova, Inc.) -- C:\Programme\mozilla firefox\plugins\npdjvu.dll
[2003.09.04 14:37:44 | 000,892,928 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\NPSWF32.dll
[2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  File not found
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} -  File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -  File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -  File not found
O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} -  File not found
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -  File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  File not found
O4 - HKLM..\Run: [3288] C:\Programme\Pc Camera\3288.exe (Microsoft)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [iPCCheck] C:\Programme\T-Online\T-Online Internationaler Zugang\downloader\ipccheck.exe (iPass Inc)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [LPMailChecker] C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NexusServer] C:\Programme\Gemeinsame Dateien\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [NWTRAY] C:\WINDOWS\System32\nwtray.exe (Novell, Inc.)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [PSQLLauncher] C:\Programme\ThinkVantage Fingerprint Software\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKCU..\Run: [iecfgRpl] rundll32.exe "C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\iecfgRpl\SecurityMapServ.dll", appMapTrust msWebnt5 File not found
O4 - HKCU..\Run: [SkypePM] C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Skype\SkypePM.exe File not found
O4 - HKCU..\Run: [TomTomHOME.exe] "C:\Programme\TomTom HOME 2\HOMERunner.exe" File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: CompatibleRUPSecurity = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Programme\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Programme\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office2003\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save page in SuperOffice - C:\Programme\SuperOffice\SoIeExtensions.dll (SuperOffice AS)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Programme\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: SuperOror - {CC88D81F-6166-4F46-AC89-B75CD9CEB292} - Reg Error: Key error. File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\NetWare\nwws2nds.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\NetWare\nwws2sap.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\NetWare\nwws2slp.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} https://photoservice.fujicolor.de/ips-opdata/objects/jordan-canvasx.cab (JordanUploader Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209556674671 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = starrag.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{007E9E8C-277D-49B5-8454-B8FE8ED9DCD8}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\adialhk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\WINDOWS\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\psfus: DllName - (C:\WINDOWS\system32\psqlpwd.dll) - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwv1_0) - C:\WINDOWS\System32\nwv1_0.dll (Novell, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.30 15:52:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0074100d-2ce7-11dd-ab94-001e4cdace2a}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe
O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell - "" = AutoRun
O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1b0b19cb-40af-11e0-907b-001e4cdace2a}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{8a22bd91-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\StartPortableApps.exe
O33 - MountPoints2\{8a22bdf9-90c2-11de-b971-001e4cdace2a}\Shell\AutoRun\command - "" = F:\pstart.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.19 14:46:37 | 000,000,000 | ---D | C] -- C:\StarragHeckert
[2012.06.19 14:46:16 | 000,000,000 | ---D | C] -- C:\VDW Kommunikationsausschuss
[2012.06.14 19:10:25 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012.06.11 09:16:49 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.06.10 13:38:57 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\******-M\Desktop\TDSSKiller.exe
[2012.06.10 13:19:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.06.10 13:16:18 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\******-M\Desktop\OTL.exe
[2012.06.09 15:46:49 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.06.08 10:53:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******-M\Startmenü\Programme\Google Chrome
[2012.06.08 10:48:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\Deployment
[2012.06.04 14:28:33 | 000,000,000 | ---D | C] -- C:\IMTS 2012
[2012.06.02 15:28:06 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJSolutionMenuEX
[2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEPPEX2
[2012.06.02 15:27:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonEPP
[2012.06.02 15:27:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Canon
[2012.06.02 15:27:32 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter
[2012.06.02 15:17:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2012.06.02 15:15:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canon IJ Network Tool
[2012.06.02 15:14:16 | 000,337,920 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZC.dll
[2012.06.02 15:14:16 | 000,122,880 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZU.dll
[2012.06.02 15:14:16 | 000,107,520 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZI.dll
[2012.06.02 15:14:15 | 000,424,448 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC_AZL.dll
[2012.06.02 15:14:15 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll
[2012.06.02 15:14:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\medias
[2012.06.02 15:14:04 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJFAX
[2012.06.02 15:12:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Benutzerregistrierung
[2012.06.02 15:09:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\CANON
[2012.06.02 15:09:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJWSpt
[2012.06.02 15:05:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon Utilities
[2012.06.02 15:04:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series Manual
[2012.06.02 15:03:08 | 000,257,536 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNCALAZ.DLL
[2012.06.02 15:03:05 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012.06.02 15:02:51 | 000,311,296 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMAZ.DLL
[2012.06.02 15:02:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2012.06.02 15:02:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon MX890 series
[2012.06.02 15:02:27 | 000,184,832 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIUAZ.DLL
[2012.06.02 15:02:01 | 000,000,000 | -H-D | C] -- C:\Programme\CanonBJ
[2012.06.02 15:01:30 | 000,363,520 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPPM.DLL
[2012.06.02 15:01:30 | 000,035,840 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPUI.DLL
[2012.06.02 15:01:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\STRING
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.23 10:38:31 | 272,100,896 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2012.06.23 10:28:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.23 10:26:04 | 010,434,080 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2012.06.23 10:16:37 | 000,168,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2012.06.23 10:16:26 | 000,185,449 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.06.23 10:16:19 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2012.06.23 10:15:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.06.23 10:15:45 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.23 10:15:37 | 000,001,977 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys
[2012.06.23 10:15:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.06.23 10:15:09 | 3219,435,520 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.22 22:41:32 | 003,659,660 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2012.06.22 22:41:32 | 000,991,676 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2012.06.22 21:54:00 | 000,001,230 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job
[2012.06.22 20:16:49 | 000,000,184 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2012.06.22 11:39:36 | 000,168,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2012.06.22 10:54:00 | 000,001,178 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job
[2012.06.22 08:17:29 | 000,001,004 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012.06.20 13:27:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012.06.18 11:12:05 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.06.15 09:27:27 | 000,001,168 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Calendar.lnk
[2012.06.15 08:13:28 | 000,444,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.14 23:13:09 | 000,453,030 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.06.14 23:13:09 | 000,436,080 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.06.14 23:13:09 | 000,081,810 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.06.14 23:13:09 | 000,068,976 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.06.14 23:08:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.06.14 13:50:47 | 000,008,790 | RHS- | M] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol
[2012.06.10 13:18:24 | 002,108,959 | ---- | M] () -- C:\Dokumente und Einstellungen\******-M\Desktop\tdsskiller.zip
[2012.06.10 13:16:27 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\******-M\Desktop\OTL.exe
[2012.06.02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2012.06.02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2012.06.02 15:19:38 | 000,219,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2012.06.02 15:19:38 | 000,210,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2012.06.02 15:19:38 | 000,015,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2012.06.02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2012.06.02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll
[2012.06.02 15:19:34 | 000,053,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2012.06.02 15:19:34 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2012.06.02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2012.06.02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2012.06.02 15:19:28 | 000,023,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2012.06.02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2012.06.02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2012.06.02 15:19:18 | 001,933,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2012.06.02 15:18:58 | 000,275,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2012.06.02 15:18:58 | 000,018,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2012.06.02 15:09:09 | 000,001,686 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk
[2012.06.02 15:04:40 | 000,001,935 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk
[2012.05.31 15:22:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
 
========== Files Created - No Company Name ==========
 
[2012.06.15 09:27:27 | 000,001,168 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Calendar.lnk
[2012.06.10 13:18:17 | 002,108,959 | ---- | C] () -- C:\Dokumente und Einstellungen\******-M\Desktop\tdsskiller.zip
[2012.06.10 13:08:47 | 3219,435,520 | -HS- | C] () -- C:\hiberfil.sys
[2012.06.08 10:49:47 | 000,001,230 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003UA.job
[2012.06.08 10:49:46 | 000,001,178 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1957994488-839522115-1003Core.job
[2012.06.02 15:14:15 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\CNC175ED.TBL
[2012.06.02 15:09:09 | 000,001,686 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon Solution Menu EX.lnk
[2012.06.02 15:04:40 | 000,001,935 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Canon MX890 series Online-Handbuch.lnk
[2012.05.23 10:34:01 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.17 09:19:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.09.20 21:13:00 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\******-M\Lokale Einstellungen\Anwendungsdaten\{CE2EE4B6-4EE3-456B-A851-2F4B01E978E5}
[2011.03.01 10:16:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\SoIds.ini
[2011.03.01 10:13:07 | 000,000,041 | ---- | C] () -- C:\WINDOWS\souser.ini
[2011.02.20 13:40:56 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.02.17 20:55:33 | 000,038,469 | ---- | C] () -- C:\Dokumente und Einstellungen\******-M\Anwendungsdaten\Kommagetrennte Werte (Windows).ADR
[2011.01.26 09:42:20 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CmdFile.INI
[2011.01.17 15:12:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI
[2010.08.24 12:00:16 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\CoUninstall.dll
[2010.08.24 11:35:45 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.08.24 11:24:39 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\camera.ini
[2010.07.07 13:37:54 | 000,155,700 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.DLL

< End of report >
--- --- ---
[/code]


Tausend Dank für Deine Hilfe.

Greets Robee

cosinus 10.07.2012 12:53
adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

robee 10.07.2012 19:09
Hallo Arne,

anbei die TXT Datei

Code:
# AdwCleaner v1.701 - Logfile created 07/10/2012 at 20:04:17
# Updated 02/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User :******-M - MG-107315
# Running from : C:\Dokumente und Einstellungen\******-M\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Conduit

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{38EE5CEE-4B62-11D3-854F-00A0C9C898E7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8D670533-270B-4549-B19B-414FB9C6EBDB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [1049 octets] - [10/07/2012 20:04:17]

########## EOF - C:\AdwCleaner[R1].txt - [1177 octets] ##########
Tausend Danke Robee


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:42 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19