Trojaner-Board - Trojaner clickcompare entfernen

Hey t'john,
erstmal herzlichen Dank für deine Antwort!

1.: Hier die AdwCleanerergebnisse:AdwCleaner Logfile:

Code:

# AdwCleaner v2.112 - Datei am 11/02/2013 um 21:23:10 erstellt

# Aktualisiert am 10/02/2013 von Xplode

# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)

# Benutzer : Janna - YOUR-2D1ABB0973

# Bootmodus : Normal

# Ausgeführt unter : C:\Dokumente und Einstellungen\Janna\Desktop\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Datei Gelöscht : C:\Programme\Mozilla FireFox\searchplugins\fast.xml

Gelöscht mit Neustart : C:\Dokumente und Einstellungen\Janna\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj

Ordner Gelöscht : C:\DOKUME~1\Janna\LOKALE~1\Temp\AskSearch

Ordner Gelöscht : C:\DOKUME~1\Janna\LOKALE~1\Temp\boost_interprocess

Ordner Gelöscht : C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Mozilla\Firefox\Profiles\6o7p0wv8.default\extensions\crossriderapp4479@crossrider.com

Ordner Gelöscht : C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\OpenCandy

Ordner Gelöscht : C:\Dokumente und Einstellungen\Janna\Lokale Einstellungen\Anwendungsdaten\Giant Savings

Ordner Gelöscht : C:\Programme\Giant Savings
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\Cr_Installer

Schlüssel Gelöscht : HKCU\Software\Crossrider

Schlüssel Gelöscht : HKCU\Software\Giant Savings

Schlüssel Gelöscht : HKCU\Software\ICQToolbar

Schlüssel Gelöscht : HKCU\Software\InstallCore

Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011441179}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011441179}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Schlüssel Gelöscht : HKCU\Software\Softonic

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011441179}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022442279}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445579}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044444479}

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Giant Savings

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011441179}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Giant Savings

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v8.0.6001.18702
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Mozilla Firefox v18.0.2 (de)
 

Datei : C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Mozilla\Firefox\Profiles\6o7p0wv8.default\prefs.js
 

Gelöscht : user_pref("browser.search.defaultenginename", "Fast Browser Search");

Gelöscht : user_pref("browser.search.defaulturl", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&[...]

Gelöscht : user_pref("browser.search.order.1", "Fast Browser Search");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.InstallationThankYouPage", true);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.InstallationTime", 1352131418);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.searchUserConifrmation", false[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setHomepage", false);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setNewTab", false);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setSearch", false);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.active", true);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.addressbar", "");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.addressbarenhanced", "");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.backgroundjs", "\n\n//\n");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.backgroundver", 35);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.can_run_bg_code", true);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.certdomaininstaller", "");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.changeprevious", false);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.value", "1352131418");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.value", "1352131418");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_arbitrary_code.expiration", "Mon Feb 11 201[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_arbitrary_code.value", "%22%28function%28%2[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.expiration", "Mon Feb 11 2013 21:[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_cf_bu1.expiration", "Fri Feb 01 2030 00:00:[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_cf_bu1.value", "1360613535");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.expiration", "Fri Feb 15 2013 [...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.value", "%22DE%22");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.value", "1360613523");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 0[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_currenttime.value", "%221360595384%22");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.value", "%221%22");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.value", "%2214019%22");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.value", "1352133675324");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.value", "%221171%22");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.value", "%22102874%22");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.value", "1352132410851");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie.lastrequest.expiration", "Fri Feb 01 2030 00:00:[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.cookie.lastrequest.value", "%7B%22path%22%3A%22/forum/v[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.description", "Save big with Giant Savings! Coupons dis[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.domain", "");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.enablesearch", false);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.fbremoteurl", "");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.group", 0);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.homepage", "");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.iframe", false);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.value", "86");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.value", "0");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.value", "%7B%7D");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.expiration", "Tue Feb 12[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.value", "true");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.value", "%7B%7D");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.expiration", "Fri[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.value", "%7B%22re[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.SoftwareDetected.expiration", "Fri Feb 01 20[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.manifesturl", "");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.name", "Giant Savings");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.newtab", "");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.opensearch", "");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.name", "base");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.ver", 4);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.name", "GPL Plugin (Loader)");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.ver", 15);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.code", "var a=appAPI.db.getList([...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.name", "GPL Background (BG)");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.ver", 32);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.name", "CrossriderAppUtils");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.ver", 2);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.name", "CrossriderUtils");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.ver", 2);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.code", "if((typeof isBackground===\"u[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.name", "FFAppAPIWrapper");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.ver", 4);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.name", "jQuery");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.ver", 3);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.name", "debug");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.ver", 3);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.name", "resources");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.ver", 2);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.name", "initializer");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.ver", 2);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.name", "jquery_1_7_1");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.ver", 3);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.name", "resources_background");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.ver", 1);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPT[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.name", "appApiMessage");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.ver", 1);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.code", "if(appAPI.__should_activate_v[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.name", "appApiValidation");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.ver", 1);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_78.code", "(function(a){if(typeof a===\"[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_78.name", "CrossriderInfo");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_78.ver", 2);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_0", "4,14,78,16,64,47,72,1000015"[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]

Gelöscht : user_pref("extensions.crossriderapp4479.4479.pluginsversion", 57);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.publisher", "215 Apps");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.searchstatus", 0);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.setnewtab", false);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.settingsurl", "");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.thankyou", "");

Gelöscht : user_pref("extensions.crossriderapp4479.4479.updateinterval", 360);

Gelöscht : user_pref("extensions.crossriderapp4479.4479.ver", 86);

Gelöscht : user_pref("extensions.crossriderapp4479.adsOldValue", -1);

Gelöscht : user_pref("extensions.crossriderapp4479.apps", "4479");

Gelöscht : user_pref("extensions.crossriderapp4479.bic", "13ad15f3366e6b35799e3e9b12f2c2c7");

Gelöscht : user_pref("extensions.crossriderapp4479.cid", 4479);

Gelöscht : user_pref("extensions.crossriderapp4479.firstrun", false);

Gelöscht : user_pref("extensions.crossriderapp4479.hadappinstalled", true);

Gelöscht : user_pref("extensions.crossriderapp4479.installationdate", 1352132408);

Gelöscht : user_pref("extensions.crossriderapp4479.lastcheck", 22676892);

Gelöscht : user_pref("extensions.crossriderapp4479.lastcheckitem", 22676892);

Gelöscht : user_pref("extensions.crossriderapp4479.modetype", "production");

Gelöscht : user_pref("extensions.crossriderapp4479.reportInstall", true);

Gelöscht : user_pref("extensions.enabledAddons", "ich%40maltegoetz.de:1.4.3,%7Be4a8a97b-f2ed-450b-b12d-ee082ba2[...]
 

-\\ Google Chrome v [Version kann nicht ermittelt werden]
 

Datei : C:\Dokumente und Einstellungen\Janna\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[S1].txt - [19837 octets] - [11/02/2013 21:23:10]
 

########## EOF - C:\AdwCleaner[S1].txt - [19898 octets] ##########

--- --- ---

2. Die OTL.Txt-Ergebnisse:OTL Logfile:

Code:

OTL logfile created on: 11.02.2013 21:33:24 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Janna\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1014,11 Mb Total Physical Memory | 498,49 Mb Available Physical Memory | 49,16% Memory free

2,39 Gb Paging File | 1,89 Gb Available in Paging File | 79,32% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 74,28 Gb Total Space | 3,07 Gb Free Space | 4,13% Space Free | Partition Type: NTFS

 

Computer Name: YOUR-2D1ABB0973 | User Name: Janna | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Dokumente und Einstellungen\Janna\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()

PRC - C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)

PRC - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)

PRC - C:\Programme\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)

PRC - C:\Programme\Synaptics\SynTP\Toshiba.exe (Synaptics, Inc.)

PRC - C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)

PRC - C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)

PRC - C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)

PRC - C:\Programme\Toshiba\ConfigFree\CFSServ.exe (TOSHIBA CORPORATION)

PRC - C:\Programme\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)

PRC - C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)

PRC - C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)

PRC - C:\Programme\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

PRC - C:\Programme\Toshiba\Bluetooth Monitor\BtMon2.exe (TOSHIBA)

PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()

MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()

MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()

MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\WINDOWS\system32\sbe.dll ()

MOD - C:\WINDOWS\system32\msdmo.dll ()

MOD - C:\WINDOWS\system32\tsbwls.dll ()

MOD - C:\Programme\Intel\Wireless\Bin\Libeay32.dll ()

MOD - C:\Programme\Intel\Wireless\Bin\iWMSProv.dll ()

MOD - C:\Programme\Intel\Wireless\Bin\IntStngs.dll ()

MOD - C:\Programme\Intel\Wireless\Bin\acAuth.dll ()

MOD - C:\WINDOWS\system32\TosBtHcrpAPI.dll ()

 

 
 ========== Services (SafeList) ==========

 

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (vpnagent) -- C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)

SRV - (LiveUpdate Notice Service) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)

SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_0.EXE (Symantec Corporation)

SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)

SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (CFSvcs) -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (Winsock - Google Desktop Search Backup Before Last Install) --  File not found

DRV - (Winsock - Google Desktop Search Backup Before First Install) --  File not found

DRV - (WDICA) --  File not found

DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found

DRV - (PDRFRAME) --  File not found

DRV - (PDRELI) --  File not found

DRV - (PDFRAME) --  File not found

DRV - (PDCOMP) --  File not found

DRV - (PCIDump) --  File not found

DRV - (lbrtfdc) --  File not found

DRV - (i2omgmt) --  File not found

DRV - (Changer) --  File not found

DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (vpnva) -- C:\WINDOWS\system32\drivers\vpnva.sys (Cisco Systems, Inc.)

DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)

DRV - (SMCB000) -- C:\WINDOWS\system32\drivers\HIDSMSC.SYS (SMSC)

DRV - (qkbfiltr) -- C:\WINDOWS\system32\drivers\qkbfiltr.sys (Quanta Computer, Inc.)

DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\CHDAud.sys (Conexant Systems Inc.)

DRV - (w39n51) -- C:\WINDOWS\system32\drivers\w39n51.sys (Intel® Corporation)

DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)

DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)

DRV - (X10Hid) -- C:\WINDOWS\system32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)

DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)

DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)

DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)

DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)

DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)

DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)

DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)

DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)

DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)

DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)

DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\tosrfec.sys (TOSHIBA Corporation)

DRV - (BDA_Loader_220) -- C:\WINDOWS\system32\drivers\BDA_Loader_220.sys (WideView Technology Inc.)

DRV - (BDA_Capture_220) -- C:\WINDOWS\system32\drivers\BDA_Capture_220.sys (WideViewer Electronics CO., LTD)

DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)

DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)

DRV - (BoiHwsetup) -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys (Quanta Computer Corp)

DRV - (qmofiltr) -- C:\WINDOWS\system32\drivers\qmofiltr.sys (Quanta Computer, Inc.)

DRV - (ovt530) -- C:\WINDOWS\system32\drivers\ov530vid.sys (OmniVision Technologies, Inc.)

DRV - (Pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)

DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)

DRV - (VcomPort) -- C:\WINDOWS\system32\drivers\vcomrico.sys (HSDS)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Startfenster.de - Mein Startfenster im Internet

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\..\SearchScopes\{2F52A2DD-EA96-4CD8-8E69-D1066ACE67F5}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7RNWN

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

IE - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6092

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "hxxp://www.hiergehtslos.de"

FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900

FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.7

FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.04.22 19:19:05 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Programme\Google\Google Gears\Firefox\ [2010.03.05 11:15:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.17 18:58:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.02.07 07:25:22 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.02.07 07:24:24 | 000,000,000 | ---D | M]

 

[2009.09.21 11:33:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Mozilla\Extensions

[2009.09.21 11:33:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com

[2013.02.11 21:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Mozilla\Firefox\Profiles\6o7p0wv8.default\extensions

[2012.09.16 09:50:53 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Mozilla\Firefox\Profiles\6o7p0wv8.default\extensions\ich@maltegoetz.de

[2012.12.11 16:10:58 | 000,036,098 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Mozilla\Firefox\Profiles\6o7p0wv8.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

[2013.02.01 12:50:01 | 000,817,973 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Mozilla\Firefox\Profiles\6o7p0wv8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2013.01.27 10:33:22 | 000,242,136 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Mozilla\Firefox\Profiles\6o7p0wv8.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

[2013.02.07 07:24:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\JANNA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\6O7P0WV8.DEFAULT\EXTENSIONS\CROSSRIDERAPP4479@CROSSRIDER.COM

[2013.02.07 07:25:21 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2012.06.27 06:53:35 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.08.30 04:45:44 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2012.06.27 06:53:35 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2009.10.02 19:18:33 | 000,003,700 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\fast.png

[2012.06.27 06:53:35 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.06.27 06:53:35 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.06.27 06:53:35 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - homepage: 

CHR - homepage: 

CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.64\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.64\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeploytk.dll

CHR - plugin: Java(TM) Platform SE 6 U18 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Move Media Player 7 (Enabled) = C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Move Networks\plugins\071802000001\npqmp071802000001.dll

CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Programme\DivX\DivX Content Uploader\npUpload.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: DivX Plus Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Dokumente und Einstellungen\Janna\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\

CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\Janna\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

 

O1 HOSTS File: ([2004.08.10 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)

O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.

O3 - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.

O3 - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found

O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe ()

O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)

O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)

O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)

O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)

O4 - HKLM..\Run: [NBKeyScan] "C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" File not found

O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found

O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [swxermanco.tmp] "C:\DOKUME~1\Janna\LOKALE~1\Temp\swxermanco.tmp" File not found

O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)

O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Programme\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)

O4 - HKLM..\Run: [xrwncosame.tmp] "C:\DOKUME~1\Janna\LOKALE~1\Temp\xrwncosame.tmp" File not found

O4 - HKU\S-1-5-21-180914410-1256611159-1260016420-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe" File not found

O4 - HKU\S-1-5-21-180914410-1256611159-1260016420-1005..\Run: [TomTomHOME.exe] "C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe" File not found

O4 - HKU\S-1-5-21-180914410-1256611159-1260016420-1005..\Run: [updateMgr] "C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 File not found

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Monitor.lnk = C:\Programme\Toshiba\Bluetooth Monitor\BtMon2.exe (TOSHIBA)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Office-Bibliothek-Direktsuche.lnk = C:\Programme\Office-Bibliothek\PCLib.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-180914410-1256611159-1260016420-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)

O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://vpngate.uni-koeln.de/CACHE/stc/2/binaries/vpnweb.cab (Cisco AnyConnect VPN Client Web Control)

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1224438493 (Image Uploader Control)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1184336875890 (MUWebControl Class)

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.ak.studivz.net/photouploader/ImageUploader4.cab (Image Uploader Control)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {96512D57-F751-4088-A689-5778FCC77F7A} studiVZ | Bist Du schon drin? (Photo Uploader Control)

O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1214330372 (Image Uploader Control)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EAC0943A-D640-473F-AA94-A96257E3A965}: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Janna\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Janna\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.03.17 13:02:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.02.08 22:26:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Janna\Desktop\OTL.exe

[2013.02.08 20:55:37 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2013.02.07 07:24:09 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox

[2013.02.02 11:16:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Janna\Desktop\__MACOSX

[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

File not found -- C:\Dokumente und Einstellungen\Janna\Eigene Dateien\CAJECVZH.

File not found -- C:\Dokumente und Einstellungen\Janna\Eigene Dateien\CAEZOPUB.

[2013.02.11 21:28:42 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013.02.11 21:28:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013.02.11 21:28:36 | 1063,440,384 | -HS- | M] () -- C:\hiberfil.sys

[2013.02.11 21:27:07 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat

[2013.02.11 21:20:22 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013.02.11 21:16:09 | 000,587,659 | ---- | M] () -- C:\Dokumente und Einstellungen\Janna\Desktop\adwcleaner.exe

[2013.02.11 01:53:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013.02.09 07:25:01 | 000,128,914 | ---- | M] () -- C:\Dokumente und Einstellungen\Janna\Desktop\Unbenannt.JPG

[2013.02.08 23:06:57 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2013.02.08 22:21:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Janna\Desktop\OTL.exe

[2013.02.08 22:10:01 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Janna\defogger_reenable

[2013.02.08 20:55:14 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013.02.07 23:53:37 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2013.02.07 23:53:35 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2013.02.06 15:48:23 | 000,368,568 | ---- | M] () -- C:\Dokumente und Einstellungen\Janna\Desktop\img173.pdf

[2013.02.05 11:23:17 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk

[2013.02.04 15:18:04 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013.01.13 11:05:16 | 000,463,298 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013.01.13 11:05:16 | 000,444,810 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013.01.13 11:05:16 | 000,086,134 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013.01.13 11:05:16 | 000,072,686 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013.01.13 10:48:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

File not found -- C:\Dokumente und Einstellungen\Janna\Eigene Dateien\CAJECVZH.

File not found -- C:\Dokumente und Einstellungen\Janna\Eigene Dateien\CAEZOPUB.

[2013.02.11 21:16:15 | 000,587,659 | ---- | C] () -- C:\Dokumente und Einstellungen\Janna\Desktop\adwcleaner.exe

[2013.02.09 07:25:00 | 000,128,914 | ---- | C] () -- C:\Dokumente und Einstellungen\Janna\Desktop\Unbenannt.JPG

[2013.02.08 22:10:01 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Janna\defogger_reenable

[2013.02.06 15:48:21 | 000,368,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Janna\Desktop\img173.pdf

[2012.05.12 09:04:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSBrow.INI

[2012.02.15 09:45:51 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012.01.07 20:48:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011.04.12 12:11:28 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat

[2011.01.19 12:48:22 | 000,000,845 | ---- | C] () -- C:\Dokumente und Einstellungen\Janna\.recently-used.xbel

[2008.08.25 17:47:42 | 000,001,343 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache

[2007.11.08 21:53:16 | 000,000,288 | ---- | C] () -- C:\Dokumente und Einstellungen\Janna\default.pls

[2007.01.11 13:27:38 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html

[2006.10.10 16:11:19 | 000,107,008 | ---- | C] () -- C:\Dokumente und Einstellungen\Janna\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006.10.09 18:15:50 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Janna\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

 
 ========== ZeroAccess Check ==========

 

[2006.03.17 12:59:10 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both
 

< End of report >

--- --- ---

Und 3.: Die Extras.Txt-Datei:OTL Logfile:

Code:

OTL Extras logfile created on: 11.02.2013 21:33:24 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Janna\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1014,11 Mb Total Physical Memory | 498,49 Mb Available Physical Memory | 49,16% Memory free

2,39 Gb Paging File | 1,89 Gb Available in Paging File | 79,32% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 74,28 Gb Total Space | 3,07 Gb Free Space | 4,13% Space Free | Partition Type: NTFS

 

Computer Name: YOUR-2D1ABB0973 | User Name: Janna | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

 

[HKEY_USERS\S-1-5-21-180914410-1256611159-1260016420-1005\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- (ICQ Ltd.)

"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"C:\Programme\AntiVir PersonalEdition Classic\avcenter.exe" = C:\Programme\AntiVir PersonalEdition Classic\avcenter.exe:*:Enabled:AntiVir PersonalEdition Classic starten

"C:\Programme\Internet Explorer\iexplore.exe" = C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)

"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)

"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)

"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)

"C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\Janna\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)

"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth

"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()

"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- (Apple Inc.)

"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player

"{099D12EC-0321-4CAC-A0CC-33D020156FCD}" = Toshiba Utility

"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView

"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA

"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist

"{1B6C0E95-182C-48E0-9C4B-4F916308249C}" = iTunes

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email

"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe

"{2A6355EB-273D-4368-9DB6-FB99EBA9FABD}" = Cisco AnyConnect VPN Client

"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant

"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears

"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2

"{314F6D08-A8B7-11D8-8446-0050BA1D384D}" = EPSON Image Clip Palette

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup

"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA

"{3EB6332B-AF02-457C-A31C-835458C5B48B}" = TOSHIBA Benutzerhandbücher

"{44087BB4-73BC-4341-B40D-0A2D31262751}" = Toshiba Hotkey Utility

"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI

"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support

"{45E55CFF-A44A-4DD1-8BD4-D87026D3E480}" = Fischer Weltalmanach 2006

"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD-Speicherkarten-Formatierung

"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU

"{4B55E0A8-07F5-4966-9B7B-D32C8ADC0FF4}" = Digimax Converter

"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works

"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel

"{54971F17-9D16-4D43-95D6-3A86E3D20EDB}" = Office-Bibliothek 4.1

"{55A4E9CC-3F8D-4940-A2A4-EE04D3BADF74}" = OpenOffice.org 2.0

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1" = grafstat4

"{61539202-097E-487E-9237-B291AB56D54C}" = Bluetooth Monitor 2

"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zoom-Dienstprogramm

"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files

"{713E5AB1-2389-43A6-8313-CB4D3C44C4FA}" = Samsung USB Driver

"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7B63B2922B174135AFC0E1377DD81EC2}" = 

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit

"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver

"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr

"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp

"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz

"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA

"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig

"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)

"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!

"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML

"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer

"{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}" = Hercules Webcam

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch

"{ACA1086B-9B62-4F80-B4B9-5659395E4F25}" = Toshiba Controls Utility

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD-Sicherheitsmodul

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba

"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)

"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack

"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore

"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager

"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0

"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F19D07BC-6240-49D3-BA5C-59B015DF8916}" = EPSON Easy Photo Print

"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi

"{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA}" = Toshiba Touchpad Utility

"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe

"AC3Filter" = AC3Filter (remove only)

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9

"Audacity_is1" = Audacity 2.0.2

"Avira AntiVir Desktop" = Avira Free Antivirus

"CANONBJ_Deinstall_CNMCP4b.DLL" = Canon i850

"CNXT_HDAUDIO" = Conexant HD Audio

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5047&SUBSYS_1179FF31" = HDAUDIO Soft Data Fax Modem with SmartCP

"DivX Setup" = DivX-Setup

"Druckschriften Nord_is1" = Pelikan Schulschriften

"DVD Shrink_is1" = DVD Shrink 3.2

"ENTERPRISE" = Microsoft Office Enterprise 2007

"EPSON Printer and Utilities" = EPSON-Drucker-Software

"EPSON Scanner" = EPSON Scan

"ESDX4800_4200 Benutzerhandbuch" = ESDX4800_4200 Benutzerhandbuch

"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0

"Free MP3 Cutter and Editor_is1" = Free MP3 Cutter and Editor 2.6

"Free Studio_is1" = Free Studio version 4.2

"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.4.628

"Free YouTube Download_is1" = Free YouTube Download version 3.1.22.319

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031

"ICQLite" = ICQ 5.1

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"Inca Ball_is1" = Inca Ball

"InstallShield_{099D12EC-0321-4CAC-A0CC-33D020156FCD}" = Toshiba Utility

"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email

"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.

"InstallShield_{45E55CFF-A44A-4DD1-8BD4-D87026D3E480}" = Fischer Weltalmanach 2006

"InstallShield_{ACA1086B-9B62-4F80-B4B9-5659395E4F25}" = Toshiba Controls Utility

"InstallShield_{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA}" = Toshiba Touchpad Utility

"Klinisches Wörterbuch 258/2" = Klinisches Wörterbuch 258/2

"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)

"Luxor 3" = Luxor 3

"Magic Match The Genies Journey" = Magic Match The Genies Journey

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100

"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU

"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MPEG4E" = MPEG4E VFW - H.264/MPEG-4 AVC codec (remove only)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"PC-Diagnose-Tool" = TOSHIBA PC-Diagnose-Tool

"ProInst" = Intel(R) PROSet/Wireless Software

"PROSet" = Intel(R) PRO Network Connections Drivers

"Prozess" = Prozess

"RDC-7 Camera Utility" = RDC-7 Camera Utility

"RealPlayer 6.0" = RealPlayer

"SciTE_{14906E3B-DA79-49B7-A747-49260999BA4B}_is1" = SciTE - Scintilla Text Editor 1.70 with Extensions (wbd-1)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"Tumblebugs" = Tumblebugs

"Uninstall_is1" = Uninstall 1.0.0.1

"VLC media player" = VLC media player 1.1.11

"WIC" = Windows Imaging Component

"Winamp" = Winamp (remove only)

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinGimp-2.0_is1" = GIMP 2.6.3

"WinRAR archiver" = WinRAR Archivierer

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"WordToPDF_is1" = WordToPDF 2.4

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"X10Hardware" = X10 Hardware(TM)

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"Zuma Deluxe" = Zuma Deluxe

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-180914410-1256611159-1260016420-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"Move Media Player" = Move Media Player

"Music Converter" = Music Converter

"Music Converter Packages" = Music Converter Packages

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 10.02.2013 21:28:23 | Computer Name = YOUR-2D1ABB0973 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 2547

 

Error - 10.02.2013 22:28:28 | Computer Name = YOUR-2D1ABB0973 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 10.02.2013 22:28:28 | Computer Name = YOUR-2D1ABB0973 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 3608313

 

Error - 10.02.2013 22:28:28 | Computer Name = YOUR-2D1ABB0973 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 3608313

 

Error - 10.02.2013 22:28:30 | Computer Name = YOUR-2D1ABB0973 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 10.02.2013 22:28:30 | Computer Name = YOUR-2D1ABB0973 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 3610469

 

Error - 10.02.2013 22:28:30 | Computer Name = YOUR-2D1ABB0973 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 3610469

 

Error - 10.02.2013 22:28:32 | Computer Name = YOUR-2D1ABB0973 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 10.02.2013 22:28:32 | Computer Name = YOUR-2D1ABB0973 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 3612485

 

Error - 10.02.2013 22:28:32 | Computer Name = YOUR-2D1ABB0973 | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 3612485

 

[ OSession Events ]

Error - 22.11.2012 12:15:01 | Computer Name = YOUR-2D1ABB0973 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 80

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 22.11.2012 12:15:53 | Computer Name = YOUR-2D1ABB0973 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 29

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 22.11.2012 12:19:54 | Computer Name = YOUR-2D1ABB0973 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 212

 seconds with 60 seconds of active time.  This session ended with a crash.

 

Error - 22.11.2012 12:20:25 | Computer Name = YOUR-2D1ABB0973 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 9

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 22.11.2012 12:23:06 | Computer Name = YOUR-2D1ABB0973 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 139

 seconds with 60 seconds of active time.  This session ended with a crash.

 

Error - 22.11.2012 12:25:43 | Computer Name = YOUR-2D1ABB0973 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 121

 seconds with 120 seconds of active time.  This session ended with a crash.

 

Error - 22.11.2012 12:33:11 | Computer Name = YOUR-2D1ABB0973 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 433

 seconds with 360 seconds of active time.  This session ended with a crash.

 

Error - 22.11.2012 12:34:44 | Computer Name = YOUR-2D1ABB0973 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 52

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 22.11.2012 12:35:27 | Computer Name = YOUR-2D1ABB0973 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 22.11.2012 12:35:55 | Computer Name = YOUR-2D1ABB0973 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 17

 seconds with 0 seconds of active time.  This session ended with a crash.

 

[ System Events ]

Error - 10.02.2013 22:28:34 | Computer Name = YOUR-2D1ABB0973 | Source = W32Time | ID = 39452701

Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren

 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der

 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle

 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.

 

Error - 11.02.2013 06:15:10 | Computer Name = YOUR-2D1ABB0973 | Source = W32Time | ID = 39452689

Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten

 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15

 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.

 (0x80072751)

 

Error - 11.02.2013 06:15:10 | Computer Name = YOUR-2D1ABB0973 | Source = W32Time | ID = 39452701

Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren

 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der

 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle

 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.

 

Error - 11.02.2013 16:02:59 | Computer Name = YOUR-2D1ABB0973 | Source = Windows Update Agent | ID = 16

Description = Verbindung nicht möglich: Es konnte keine Verbindung mit dem Dienst

 "Automatische Updates" hergestellt werden, daher können Updates nicht nach dem 

angegebenen Zeitplan heruntergeladen und installiert werden. Es wird weiterhin versucht,

 eine Verbindung herzustellen.

 

Error - 11.02.2013 16:04:05 | Computer Name = YOUR-2D1ABB0973 | Source = W32Time | ID = 39452689

Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten

 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15

 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.

 (0x80072751)

 

Error - 11.02.2013 16:04:05 | Computer Name = YOUR-2D1ABB0973 | Source = W32Time | ID = 39452701

Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren

 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der

 nächsten 15 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle

 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.

 

Error - 11.02.2013 16:10:19 | Computer Name = YOUR-2D1ABB0973 | Source = W32Time | ID = 39452689

Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten

 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15

 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.

 (0x80072751)

 

Error - 11.02.2013 16:10:19 | Computer Name = YOUR-2D1ABB0973 | Source = W32Time | ID = 39452701

Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren

 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der

 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle

 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.

 

Error - 11.02.2013 16:10:20 | Computer Name = YOUR-2D1ABB0973 | Source = W32Time | ID = 39452689

Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten

 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15

 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.

 (0x80072751)

 

Error - 11.02.2013 16:10:20 | Computer Name = YOUR-2D1ABB0973 | Source = W32Time | ID = 39452701

Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren

 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der

 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle

 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.

 

 

< End of report >

--- --- ---

Die Dateien, die das Malewareprogramm gefunden hat habe ich bislang nicht angerührt, soll ich da noch irgendwas machen, löschen oder Quarantäne, oder hat sich das erübrigt?

Danke nochmal und viele Grüße,
Janna

Hey t'john,
hier die 3 Logfiles.

1. tdsskiller:

15:05:01.0156 1668 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:05:01.0531 1668 ============================================================
15:05:01.0531 1668 Current date / time: 2013/02/13 15:05:01.0531
15:05:01.0531 1668 SystemInfo:
15:05:01.0531 1668
15:05:01.0531 1668 OS Version: 5.1.2600 ServicePack: 3.0
15:05:01.0531 1668 Product type: Workstation
15:05:01.0531 1668 ComputerName: YOUR-2D1ABB0973
15:05:01.0531 1668 UserName: Janna
15:05:01.0531 1668 Windows directory: C:\WINDOWS
15:05:01.0531 1668 System windows directory: C:\WINDOWS
15:05:01.0531 1668 Processor architecture: Intel x86
15:05:01.0531 1668 Number of processors: 2
15:05:01.0531 1668 Page size: 0x1000
15:05:01.0531 1668 Boot type: Normal boot
15:05:01.0531 1668 ============================================================
15:05:03.0843 1668 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:05:03.0890 1668 ============================================================
15:05:03.0890 1668 \Device\Harddisk0\DR0:
15:05:03.0937 1668 MBR partitions:
15:05:03.0937 1668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9490C62
15:05:03.0937 1668 ============================================================
15:05:03.0953 1668 C: <-> \Device\Harddisk0\DR0\Partition1
15:05:04.0000 1668 ============================================================
15:05:04.0000 1668 Initialize success
15:05:04.0000 1668 ============================================================
15:06:03.0171 1700 ============================================================
15:06:03.0171 1700 Scan started
15:06:03.0171 1700 Mode: Manual; SigCheck; TDLFS;
15:06:03.0171 1700 ============================================================
15:06:04.0093 1700 ================ Scan system memory ========================
15:06:07.0593 1700 System memory - ok
15:06:07.0593 1700 ================ Scan services =============================
15:06:07.0796 1700 Abiosdsk - ok
15:06:07.0796 1700 abp480n5 - ok
15:06:07.0843 1700 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:06:12.0156 1700 ACPI - ok
15:06:12.0187 1700 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:06:12.0515 1700 ACPIEC - ok
15:06:12.0609 1700 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:06:12.0656 1700 AdobeFlashPlayerUpdateSvc - ok
15:06:12.0656 1700 adpu160m - ok
15:06:12.0671 1700 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:06:12.0890 1700 aec - ok
15:06:12.0921 1700 [ 12DAFD934641DCF61E446313BC261EC2 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
15:06:13.0078 1700 AegisP ( UnsignedFile.Multi.Generic ) - warning
15:06:13.0078 1700 AegisP - detected UnsignedFile.Multi.Generic (1)
15:06:13.0125 1700 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:06:13.0156 1700 AFD - ok
15:06:13.0171 1700 Aha154x - ok
15:06:13.0171 1700 aic78u2 - ok
15:06:13.0187 1700 aic78xx - ok
15:06:13.0218 1700 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:06:13.0515 1700 Alerter - ok
15:06:13.0546 1700 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
15:06:13.0765 1700 ALG - ok
15:06:13.0781 1700 AliIde - ok
15:06:13.0781 1700 amsint - ok
15:06:13.0921 1700 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
15:06:14.0109 1700 AntiVirSchedulerService - ok
15:06:14.0156 1700 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
15:06:14.0234 1700 AntiVirService - ok
15:06:14.0359 1700 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:06:14.0437 1700 Apple Mobile Device - ok
15:06:14.0468 1700 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:06:14.0718 1700 AppMgmt - ok
15:06:14.0765 1700 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:06:14.0968 1700 Arp1394 - ok
15:06:14.0968 1700 asc - ok
15:06:14.0984 1700 asc3350p - ok
15:06:14.0984 1700 asc3550 - ok
15:06:15.0093 1700 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:06:15.0187 1700 aspnet_state - ok
15:06:15.0218 1700 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:06:15.0421 1700 AsyncMac - ok
15:06:15.0437 1700 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:06:15.0578 1700 atapi - ok
15:06:15.0593 1700 Atdisk - ok
15:06:15.0609 1700 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:06:15.0843 1700 Atmarpc - ok
15:06:15.0875 1700 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:06:16.0125 1700 AudioSrv - ok
15:06:16.0156 1700 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:06:16.0468 1700 audstub - ok
15:06:16.0593 1700 [ 7768CE75C5CBF0D8F441CE2BBD806B7F ] Automatisches LiveUpdate - Scheduler C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
15:06:16.0671 1700 Automatisches LiveUpdate - Scheduler - ok
15:06:16.0703 1700 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:06:17.0640 1700 avgntflt - ok
15:06:17.0687 1700 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:06:17.0765 1700 avipbb - ok
15:06:17.0796 1700 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:06:17.0843 1700 avkmgr - ok
15:06:17.0890 1700 [ E00F4431DE291C2D393F31F12445CB3D ] BDA_Capture_220 C:\WINDOWS\system32\Drivers\BDA_Capture_220.sys
15:06:17.0968 1700 BDA_Capture_220 ( UnsignedFile.Multi.Generic ) - warning
15:06:17.0968 1700 BDA_Capture_220 - detected UnsignedFile.Multi.Generic (1)
15:06:18.0015 1700 [ 01DAB88E8242549A8231714D4ED05328 ] BDA_Loader_220 C:\WINDOWS\system32\Drivers\BDA_Loader_220.sys
15:06:18.0109 1700 BDA_Loader_220 ( UnsignedFile.Multi.Generic ) - warning
15:06:18.0109 1700 BDA_Loader_220 - detected UnsignedFile.Multi.Generic (1)
15:06:18.0203 1700 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:06:18.0562 1700 Beep - ok
15:06:18.0687 1700 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
15:06:19.0046 1700 BITS - ok
15:06:19.0062 1700 [ 141BEFBD4F2A84A66E2F54B9E32E40D1 ] BoiHwsetup C:\WINDOWS\system32\drivers\BoiHwSetup.sys
15:06:19.0140 1700 BoiHwsetup - ok
15:06:19.0218 1700 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
15:06:19.0343 1700 Bonjour Service - ok
15:06:19.0406 1700 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
15:06:19.0468 1700 Browser - ok
15:06:19.0515 1700 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
15:06:19.0796 1700 BthEnum - ok
15:06:19.0859 1700 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
15:06:20.0125 1700 BthPan - ok
15:06:20.0171 1700 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
15:06:20.0234 1700 BTHPORT - ok
15:06:20.0265 1700 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
15:06:20.0546 1700 BthServ - ok
15:06:20.0578 1700 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
15:06:20.0781 1700 BTHUSB - ok
15:06:20.0812 1700 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:06:21.0031 1700 cbidf2k - ok
15:06:21.0078 1700 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:06:21.0281 1700 CCDECODE - ok
15:06:21.0281 1700 cd20xrnt - ok
15:06:21.0375 1700 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:06:21.0562 1700 Cdaudio - ok
15:06:21.0593 1700 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:06:21.0750 1700 Cdfs - ok
15:06:21.0765 1700 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:06:21.0968 1700 Cdrom - ok
15:06:22.0140 1700 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
15:06:22.0203 1700 CFSvcs ( UnsignedFile.Multi.Generic ) - warning
15:06:22.0203 1700 CFSvcs - detected UnsignedFile.Multi.Generic (1)
15:06:22.0218 1700 Changer - ok
15:06:22.0250 1700 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:06:22.0515 1700 CiSvc - ok
15:06:22.0578 1700 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:06:22.0828 1700 ClipSrv - ok
15:06:22.0906 1700 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:06:23.0234 1700 clr_optimization_v2.0.50727_32 - ok
15:06:23.0265 1700 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:06:23.0515 1700 CmBatt - ok
15:06:23.0531 1700 CmdIde - ok
15:06:23.0578 1700 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:06:23.0718 1700 Compbatt - ok
15:06:23.0718 1700 COMSysApp - ok
15:06:23.0734 1700 Cpqarray - ok
15:06:23.0750 1700 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:06:23.0953 1700 CryptSvc - ok
15:06:23.0953 1700 dac2w2k - ok
15:06:23.0953 1700 dac960nt - ok
15:06:24.0031 1700 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:06:24.0125 1700 DcomLaunch - ok
15:06:24.0171 1700 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:06:24.0421 1700 Dhcp - ok
15:06:24.0421 1700 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:06:24.0625 1700 Disk - ok
15:06:24.0703 1700 [ EE4325BECEF51B8C32B4329097E4F301 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
15:06:24.0765 1700 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
15:06:24.0765 1700 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
15:06:24.0781 1700 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
15:06:24.0781 1700 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
15:06:24.0781 1700 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
15:06:24.0812 1700 [ F17CFEB7F7E90496931523E5BA11D399 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
15:06:24.0843 1700 DLADResN ( UnsignedFile.Multi.Generic ) - warning
15:06:24.0843 1700 DLADResN - detected UnsignedFile.Multi.Generic (1)
15:06:24.0875 1700 [ 752376E109A090970BFA9722F0F40B03 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
15:06:25.0000 1700 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
15:06:25.0000 1700 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
15:06:25.0031 1700 [ 62EE7902E74B90BF1CCC4643FC6C07A7 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
15:06:25.0156 1700 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
15:06:25.0156 1700 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
15:06:25.0171 1700 [ 5C220124C5AFEAEE84A9BB89D685C17B ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
15:06:25.0250 1700 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
15:06:25.0250 1700 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
15:06:25.0265 1700 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
15:06:25.0281 1700 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
15:06:25.0281 1700 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
15:06:25.0312 1700 [ 4EBB78D9BBF072119363B35B9B3E518F ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
15:06:25.0390 1700 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
15:06:25.0390 1700 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
15:06:25.0421 1700 [ 333B770E52D2CEA7BD86391120466E43 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
15:06:25.0500 1700 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
15:06:25.0500 1700 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
15:06:25.0515 1700 dmadmin - ok
15:06:25.0562 1700 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:06:25.0906 1700 dmboot - ok
15:06:26.0015 1700 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:06:26.0156 1700 dmio - ok
15:06:26.0187 1700 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:06:26.0343 1700 dmload - ok
15:06:26.0375 1700 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:06:26.0593 1700 dmserver - ok
15:06:26.0609 1700 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:06:26.0812 1700 DMusic - ok
15:06:26.0906 1700 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:06:27.0156 1700 Dnscache - ok
15:06:27.0234 1700 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:06:27.0578 1700 Dot3svc - ok
15:06:27.0593 1700 dpti2o - ok
15:06:27.0625 1700 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:06:27.0875 1700 drmkaud - ok
15:06:27.0921 1700 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
15:06:27.0937 1700 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
15:06:27.0937 1700 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
15:06:27.0937 1700 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
15:06:27.0953 1700 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
15:06:27.0953 1700 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
15:06:28.0015 1700 [ 2646883E6DD867CD872D5B51B6036710 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
15:06:28.0171 1700 E100B - ok
15:06:28.0218 1700 [ E1FA10ED8F9F700C1BE1EAE05A80EF57 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
15:06:28.0312 1700 e1express - ok
15:06:28.0359 1700 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:06:28.0562 1700 EapHost - ok
15:06:28.0640 1700 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
15:06:28.0734 1700 ehRecvr - ok
15:06:28.0781 1700 [ E774BF24A6CB798DCE67AD1C8E917152 ] ehSched C:\WINDOWS\eHome\ehSched.exe
15:06:28.0859 1700 ehSched - ok
15:06:28.0906 1700 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:06:29.0125 1700 ERSvc - ok
15:06:29.0234 1700 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
15:06:29.0265 1700 Eventlog - ok
15:06:29.0328 1700 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
15:06:29.0390 1700 EventSystem - ok
15:06:29.0453 1700 [ 56DED3ADE453272E6A0AD582D945D1A4 ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe
15:06:29.0515 1700 EvtEng ( UnsignedFile.Multi.Generic ) - warning
15:06:29.0515 1700 EvtEng - detected UnsignedFile.Multi.Generic (1)
15:06:29.0562 1700 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:06:29.0750 1700 Fastfat - ok
15:06:29.0796 1700 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:06:29.0859 1700 FastUserSwitchingCompatibility - ok
15:06:29.0875 1700 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
15:06:30.0093 1700 Fdc - ok
15:06:30.0109 1700 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:06:30.0281 1700 Fips - ok
15:06:30.0296 1700 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:06:30.0515 1700 Flpydisk - ok
15:06:30.0625 1700 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:06:30.0796 1700 FltMgr - ok
15:06:30.0906 1700 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:06:30.0984 1700 FontCache3.0.0.0 - ok
15:06:31.0062 1700 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:06:31.0328 1700 Fs_Rec - ok
15:06:31.0343 1700 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:06:31.0500 1700 Ftdisk - ok
15:06:31.0562 1700 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
15:06:31.0609 1700 GEARAspiWDM - ok
15:06:31.0671 1700 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:06:31.0875 1700 Gpc - ok
15:06:31.0968 1700 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9a80e8bf8ed48 C:\Programme\Google\Update\GoogleUpdate.exe
15:06:31.0984 1700 gupdate1c9a80e8bf8ed48 - ok
15:06:32.0000 1700 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
15:06:32.0015 1700 gupdatem - ok
15:06:32.0046 1700 [ A8BCCB6AB8E43C39F4EF1BC4DB8D6165 ] HdAudAddService C:\WINDOWS\system32\drivers\CHDAud.sys
15:06:32.0218 1700 HdAudAddService - ok
15:06:32.0250 1700 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:06:32.0453 1700 HDAudBus - ok
15:06:32.0578 1700 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:06:32.0812 1700 helpsvc - ok
15:06:32.0859 1700 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
15:06:33.0125 1700 HidServ - ok
15:06:33.0218 1700 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:06:33.0406 1700 HidUsb - ok
15:06:33.0453 1700 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:06:33.0640 1700 hkmsvc - ok
15:06:33.0640 1700 hpn - ok
15:06:33.0734 1700 [ A30D7011C1B80A0BC16602D99218D522 ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
15:06:33.0828 1700 HSFHWAZL - ok
15:06:33.0906 1700 [ 5A5A7721D9C62D77FC0FABA9B2CF5BE9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
15:06:34.0046 1700 HSF_DPV - ok
15:06:34.0140 1700 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:06:34.0203 1700 HTTP - ok
15:06:34.0250 1700 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:06:34.0546 1700 HTTPFilter - ok
15:06:34.0546 1700 i2omgmt - ok
15:06:34.0562 1700 i2omp - ok
15:06:34.0609 1700 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:06:34.0812 1700 i8042prt - ok
15:06:34.0906 1700 [ 81EFE1C5542AFB2570758F39AE3B1151 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
15:06:35.0046 1700 ialm - ok
15:06:35.0109 1700 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:06:35.0203 1700 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:06:35.0203 1700 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:06:35.0281 1700 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:06:35.0453 1700 idsvc - ok
15:06:35.0484 1700 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:06:35.0781 1700 Imapi - ok
15:06:35.0859 1700 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
15:06:36.0000 1700 ImapiService - ok
15:06:36.0015 1700 ini910u - ok
15:06:36.0031 1700 IntelIde - ok
15:06:36.0078 1700 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:06:36.0218 1700 intelppm - ok
15:06:36.0234 1700 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:06:36.0453 1700 Ip6Fw - ok
15:06:36.0578 1700 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:06:36.0937 1700 IpFilterDriver - ok
15:06:36.0953 1700 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:06:37.0296 1700 IpInIp - ok
15:06:37.0359 1700 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:06:37.0609 1700 IpNat - ok
15:06:37.0687 1700 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Programme\iPod\bin\iPodService.exe
15:06:37.0750 1700 iPod Service - ok
15:06:37.0796 1700 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:06:38.0156 1700 IPSec - ok
15:06:38.0187 1700 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:06:38.0406 1700 IRENUM - ok
15:06:38.0437 1700 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:06:38.0578 1700 isapnp - ok
15:06:38.0625 1700 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
15:06:38.0656 1700 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
15:06:38.0656 1700 Iviaspi - detected UnsignedFile.Multi.Generic (1)
15:06:38.0671 1700 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:06:38.0859 1700 Kbdclass - ok
15:06:38.0859 1700 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:06:39.0140 1700 kbdhid - ok
15:06:39.0156 1700 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:06:39.0437 1700 kmixer - ok
15:06:39.0468 1700 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:06:39.0593 1700 KSecDD - ok
15:06:39.0625 1700 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:06:39.0703 1700 lanmanserver - ok
15:06:39.0734 1700 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:06:39.0796 1700 lanmanworkstation - ok
15:06:39.0796 1700 lbrtfdc - ok
15:06:39.0937 1700 [ FB466FAA799EACE5075FC1DE269F0066 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
15:06:40.0078 1700 LiveUpdate - ok
15:06:40.0296 1700 [ C837D17DE0B349539AA527EE750EBE2A ] LiveUpdate Notice Service C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
15:06:40.0328 1700 LiveUpdate Notice Service - ok
15:06:40.0406 1700 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:06:40.0609 1700 LmHosts - ok
15:06:40.0703 1700 [ 52404CC76E9D53843BDF97564BB16BED ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
15:06:40.0781 1700 McrdSvc - ok
15:06:40.0812 1700 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:06:40.0890 1700 mdmxsdk - ok
15:06:40.0906 1700 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:06:41.0125 1700 Messenger - ok
15:06:41.0171 1700 [ DED60230E3019C508769EC3C15BCDA44 ] MHN C:\WINDOWS\System32\mhn.dll
15:06:41.0250 1700 MHN ( UnsignedFile.Multi.Generic ) - warning
15:06:41.0250 1700 MHN - detected UnsignedFile.Multi.Generic (1)
15:06:41.0265 1700 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
15:06:41.0312 1700 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
15:06:41.0312 1700 MHNDRV - detected UnsignedFile.Multi.Generic (1)
15:06:41.0437 1700 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
15:06:41.0500 1700 Microsoft Office Groove Audit Service - ok
15:06:41.0500 1700 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:06:41.0750 1700 mnmdd - ok
15:06:41.0781 1700 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:06:42.0000 1700 mnmsrvc - ok
15:06:42.0062 1700 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:06:42.0234 1700 Modem - ok
15:06:42.0265 1700 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:06:42.0484 1700 Mouclass - ok
15:06:42.0515 1700 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:06:42.0734 1700 mouhid - ok
15:06:42.0781 1700 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:06:42.0937 1700 MountMgr - ok
15:06:43.0093 1700 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
15:06:43.0203 1700 MozillaMaintenance - ok
15:06:43.0234 1700 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
15:06:43.0453 1700 MPE - ok
15:06:43.0468 1700 mraid35x - ok
15:06:43.0468 1700 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:06:43.0687 1700 MRxDAV - ok
15:06:43.0750 1700 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:06:43.0859 1700 MRxSmb - ok
15:06:43.0906 1700 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:06:44.0109 1700 MSDTC - ok
15:06:44.0187 1700 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:06:44.0328 1700 Msfs - ok
15:06:44.0328 1700 MSIServer - ok
15:06:44.0390 1700 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:06:44.0578 1700 MSKSSRV - ok
15:06:44.0593 1700 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:06:44.0796 1700 MSPCLOCK - ok
15:06:44.0812 1700 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:06:45.0031 1700 MSPQM - ok
15:06:45.0062 1700 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:06:45.0218 1700 mssmbios - ok
15:06:45.0296 1700 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:06:45.0500 1700 MSTEE - ok
15:06:45.0609 1700 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:06:45.0640 1700 Mup - ok
15:06:45.0656 1700 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:06:45.0890 1700 NABTSFEC - ok
15:06:45.0937 1700 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
15:06:46.0250 1700 napagent - ok
15:06:46.0312 1700 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:06:46.0515 1700 NDIS - ok
15:06:46.0625 1700 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:06:46.0875 1700 NdisIP - ok
15:06:46.0921 1700 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:06:47.0046 1700 NdisTapi - ok
15:06:47.0062 1700 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:06:47.0343 1700 Ndisuio - ok
15:06:47.0421 1700 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:06:47.0640 1700 NdisWan - ok
15:06:47.0671 1700 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:06:47.0718 1700 NDProxy - ok
15:06:47.0718 1700 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:06:47.0875 1700 NetBIOS - ok
15:06:47.0906 1700 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:06:48.0125 1700 NetBT - ok
15:06:48.0234 1700 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
15:06:48.0468 1700 NetDDE - ok
15:06:48.0484 1700 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:06:48.0609 1700 NetDDEdsdm - ok
15:06:48.0718 1700 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio C:\WINDOWS\system32\DRIVERS\netdevio.sys
15:06:48.0765 1700 Netdevio ( UnsignedFile.Multi.Generic ) - warning
15:06:48.0765 1700 Netdevio - detected UnsignedFile.Multi.Generic (1)
15:06:48.0796 1700 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:06:48.0937 1700 Netlogon - ok
15:06:49.0015 1700 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
15:06:49.0375 1700 Netman - ok
15:06:49.0453 1700 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:06:49.0531 1700 NetTcpPortSharing - ok
15:06:49.0562 1700 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:06:49.0687 1700 NIC1394 - ok
15:06:49.0750 1700 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
15:06:49.0781 1700 Nla - ok
15:06:49.0812 1700 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:06:49.0953 1700 Npfs - ok
15:06:50.0015 1700 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:06:50.0171 1700 Ntfs - ok
15:06:50.0187 1700 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:06:50.0328 1700 NtLmSsp - ok
15:06:50.0375 1700 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:06:50.0625 1700 NtmsSvc - ok
15:06:50.0656 1700 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:06:50.0859 1700 Null - ok
15:06:51.0078 1700 [ E955C80EEB77E809263B9C4443A1D188 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:06:51.0468 1700 nv - ok
15:06:51.0515 1700 [ 5ECB80F1A9E530AEE7574DCAC7068796 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
15:06:51.0640 1700 NVSvc - ok
15:06:51.0671 1700 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:06:51.0859 1700 NwlnkFlt - ok
15:06:51.0906 1700 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:06:52.0140 1700 NwlnkFwd - ok
15:06:52.0312 1700 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
15:06:52.0421 1700 odserv - ok
15:06:52.0500 1700 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:06:52.0640 1700 ohci1394 - ok
15:06:52.0671 1700 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
15:06:52.0765 1700 ose - ok
15:06:52.0859 1700 [ 71CFFB1E06AA8978A7B4A346C191F8BA ] ovt530 C:\WINDOWS\system32\Drivers\ov530vid.sys
15:06:52.0937 1700 ovt530 ( UnsignedFile.Multi.Generic ) - warning
15:06:52.0937 1700 ovt530 - detected UnsignedFile.Multi.Generic (1)
15:06:52.0953 1700 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
15:06:53.0281 1700 Parport - ok
15:06:53.0343 1700 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:06:53.0484 1700 PartMgr - ok
15:06:53.0515 1700 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:06:53.0703 1700 ParVdm - ok
15:06:53.0734 1700 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:06:53.0906 1700 PCI - ok
15:06:53.0906 1700 PCIDump - ok
15:06:53.0921 1700 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:06:54.0093 1700 PCIIde - ok
15:06:54.0109 1700 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
15:06:54.0234 1700 Pcmcia - ok
15:06:54.0234 1700 PDCOMP - ok
15:06:54.0234 1700 PDFRAME - ok
15:06:54.0250 1700 PDRELI - ok
15:06:54.0250 1700 PDRFRAME - ok
15:06:54.0265 1700 perc2 - ok
15:06:54.0265 1700 perc2hib - ok
15:06:54.0312 1700 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys
15:06:54.0375 1700 Pfc ( UnsignedFile.Multi.Generic ) - warning
15:06:54.0375 1700 Pfc - detected UnsignedFile.Multi.Generic (1)
15:06:54.0406 1700 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
15:06:54.0437 1700 PlugPlay - ok
15:06:54.0453 1700 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:06:54.0593 1700 PolicyAgent - ok
15:06:54.0625 1700 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:06:54.0859 1700 PptpMiniport - ok
15:06:54.0859 1700 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:06:55.0046 1700 ProtectedStorage - ok
15:06:55.0078 1700 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:06:55.0281 1700 PSched - ok
15:06:55.0312 1700 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:06:55.0515 1700 Ptilink - ok
15:06:55.0531 1700 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:06:55.0546 1700 PxHelp20 - ok
15:06:55.0562 1700 [ 7DC7ACA4E775E9D823F5773A2F47A2AC ] qkbfiltr C:\WINDOWS\system32\drivers\qkbfiltr.sys
15:06:55.0625 1700 qkbfiltr ( UnsignedFile.Multi.Generic ) - warning
15:06:55.0625 1700 qkbfiltr - detected UnsignedFile.Multi.Generic (1)
15:06:55.0625 1700 ql1080 - ok
15:06:55.0640 1700 Ql10wnt - ok
15:06:55.0640 1700 ql12160 - ok
15:06:55.0656 1700 ql1240 - ok
15:06:55.0656 1700 ql1280 - ok
15:06:55.0671 1700 [ 8652B9E134C3478BE948BF089DF8ED5E ] qmofiltr C:\WINDOWS\system32\drivers\qmofiltr.sys
15:06:55.0750 1700 qmofiltr ( UnsignedFile.Multi.Generic ) - warning
15:06:55.0750 1700 qmofiltr - detected UnsignedFile.Multi.Generic (1)
15:06:55.0765 1700 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:06:55.0937 1700 RasAcd - ok
15:06:56.0046 1700 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:06:56.0406 1700 RasAuto - ok
15:06:56.0453 1700 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:06:56.0640 1700 Rasl2tp - ok
15:06:56.0687 1700 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:06:56.0875 1700 RasMan - ok
15:06:56.0953 1700 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:06:57.0187 1700 RasPppoe - ok
15:06:57.0265 1700 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:06:57.0484 1700 Raspti - ok
15:06:57.0515 1700 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:06:57.0703 1700 Rdbss - ok
15:06:57.0750 1700 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:06:57.0937 1700 RDPCDD - ok
15:06:57.0968 1700 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:06:58.0156 1700 rdpdr - ok
15:06:58.0281 1700 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:06:58.0359 1700 RDPWD - ok
15:06:58.0390 1700 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:06:58.0593 1700 RDSessMgr - ok
15:06:58.0625 1700 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:06:58.0812 1700 redbook - ok
15:06:58.0828 1700 [ 1B2857EF12D79A9F9ADBA14B0637CBF8 ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
15:06:58.0906 1700 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
15:06:58.0906 1700 RegSrvc - detected UnsignedFile.Multi.Generic (1)
15:06:58.0953 1700 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:06:59.0203 1700 RemoteAccess - ok
15:06:59.0234 1700 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:06:59.0453 1700 RemoteRegistry - ok
15:06:59.0484 1700 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
15:06:59.0671 1700 RFCOMM - ok
15:06:59.0687 1700 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:06:59.0875 1700 RpcLocator - ok
15:06:59.0968 1700 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:07:00.0062 1700 RpcSs - ok
15:07:00.0109 1700 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:07:00.0375 1700 RSVP - ok
15:07:00.0500 1700 [ 6C5155CC0E805C7BE6028BFF7AC14524 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
15:07:00.0609 1700 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
15:07:00.0609 1700 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
15:07:00.0625 1700 [ 1CC074E0D48383D4E9BFFC6A26C2A58A ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
15:07:00.0687 1700 s24trans ( UnsignedFile.Multi.Generic ) - warning
15:07:00.0687 1700 s24trans - detected UnsignedFile.Multi.Generic (1)
15:07:00.0703 1700 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
15:07:00.0843 1700 SamSs - ok
15:07:00.0875 1700 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:07:01.0156 1700 SCardSvr - ok
15:07:01.0203 1700 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:07:01.0421 1700 Schedule - ok
15:07:01.0453 1700 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
15:07:01.0609 1700 sdbus - ok
15:07:01.0640 1700 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:07:01.0953 1700 Secdrv - ok
15:07:01.0968 1700 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
15:07:02.0250 1700 seclogon - ok
15:07:02.0265 1700 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
15:07:02.0421 1700 SENS - ok
15:07:02.0468 1700 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
15:07:02.0687 1700 Serial - ok
15:07:02.0781 1700 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
15:07:03.0000 1700 sffdisk - ok
15:07:03.0125 1700 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
15:07:03.0328 1700 sffp_sd - ok
15:07:03.0343 1700 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:07:03.0546 1700 Sfloppy - ok
15:07:03.0609 1700 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:07:03.0859 1700 SharedAccess - ok
15:07:03.0890 1700 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:07:03.0906 1700 ShellHWDetection - ok
15:07:03.0906 1700 Simbad - ok
15:07:03.0953 1700 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
15:07:03.0968 1700 SkypeUpdate - ok
15:07:04.0000 1700 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:07:04.0203 1700 SLIP - ok
15:07:04.0281 1700 [ 6C7F2B518F8A7ABE1C145F26AA48C633 ] SMCB000 C:\WINDOWS\system32\DRIVERS\hidsmsc.sys
15:07:04.0343 1700 SMCB000 - ok
15:07:04.0343 1700 Sparrow - ok
15:07:04.0375 1700 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:07:04.0640 1700 splitter - ok
15:07:04.0703 1700 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:07:04.0734 1700 Spooler - ok
15:07:04.0750 1700 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:07:04.0921 1700 sr - ok
15:07:05.0000 1700 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
15:07:05.0312 1700 srservice - ok
15:07:05.0437 1700 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:07:05.0546 1700 Srv - ok
15:07:05.0562 1700 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:07:05.0765 1700 SSDPSRV - ok
15:07:05.0812 1700 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:07:05.0843 1700 ssmdrv - ok
15:07:05.0906 1700 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:07:06.0171 1700 stisvc - ok
15:07:06.0218 1700 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:07:06.0421 1700 streamip - ok
15:07:06.0500 1700 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:07:06.0906 1700 swenum - ok
15:07:06.0921 1700 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:07:07.0109 1700 swmidi - ok
15:07:07.0109 1700 SwPrv - ok
15:07:07.0125 1700 symc810 - ok
15:07:07.0125 1700 symc8xx - ok
15:07:07.0140 1700 sym_hi - ok
15:07:07.0140 1700 sym_u3 - ok
15:07:07.0187 1700 [ A6CC8C28D5AAD4179EF32F05BED55E91 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:07:07.0296 1700 SynTP - ok
15:07:07.0328 1700 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:07:07.0515 1700 sysaudio - ok
15:07:07.0546 1700 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:07:07.0734 1700 SysmonLog - ok
15:07:07.0781 1700 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:07:08.0000 1700 TapiSrv - ok
15:07:08.0109 1700 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:07:08.0171 1700 Tcpip - ok
15:07:08.0203 1700 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:07:08.0406 1700 TDPIPE - ok
15:07:08.0437 1700 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:07:08.0656 1700 TDTCP - ok
15:07:08.0703 1700 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:07:08.0890 1700 TermDD - ok
15:07:08.0968 1700 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
15:07:09.0187 1700 TermService - ok
15:07:09.0203 1700 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:07:09.0218 1700 Themes - ok
15:07:09.0265 1700 [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
15:07:09.0375 1700 tifm21 - ok
15:07:09.0406 1700 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:07:09.0656 1700 TlntSvr - ok
15:07:09.0656 1700 TosIde - ok
15:07:09.0718 1700 [ CC069342EE0EAE55B32A0AE99CF6185C ] tosrfec C:\WINDOWS\system32\DRIVERS\tosrfec.sys
15:07:09.0765 1700 tosrfec ( UnsignedFile.Multi.Generic ) - warning
15:07:09.0765 1700 tosrfec - detected UnsignedFile.Multi.Generic (1)
15:07:09.0781 1700 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:07:10.0015 1700 TrkWks - ok
15:07:10.0078 1700 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:07:10.0312 1700 Udfs - ok
15:07:10.0312 1700 UIUSys - ok
15:07:10.0312 1700 ultra - ok
15:07:10.0437 1700 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:07:10.0625 1700 Update - ok
15:07:10.0656 1700 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:07:10.0859 1700 upnphost - ok
15:07:10.0890 1700 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
15:07:11.0171 1700 UPS - ok
15:07:11.0203 1700 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
15:07:11.0312 1700 USBAAPL - ok
15:07:11.0359 1700 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:07:11.0531 1700 usbccgp - ok
15:07:11.0609 1700 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:07:11.0796 1700 usbehci - ok
15:07:11.0812 1700 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:07:12.0015 1700 usbhub - ok
15:07:12.0031 1700 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:07:12.0359 1700 usbprint - ok
15:07:12.0375 1700 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:07:12.0562 1700 usbscan - ok
15:07:12.0578 1700 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:07:12.0765 1700 USBSTOR - ok
15:07:12.0765 1700 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:07:12.0984 1700 usbuhci - ok
15:07:13.0015 1700 [ 7FD4FECFA6B8431C7F182F9E1C84784D ] VcomPort C:\WINDOWS\system32\DRIVERS\vcomrico.sys
15:07:13.0093 1700 VcomPort ( UnsignedFile.Multi.Generic ) - warning
15:07:13.0093 1700 VcomPort - detected UnsignedFile.Multi.Generic (1)
15:07:13.0140 1700 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:07:13.0328 1700 VgaSave - ok
15:07:13.0343 1700 ViaIde - ok
15:07:13.0406 1700 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:07:13.0562 1700 VolSnap - ok
15:07:13.0640 1700 [ E4D2305EBB9DE0871A1E13294D0F349B ] vpnagent C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
15:07:13.0750 1700 vpnagent - ok
15:07:13.0781 1700 [ E1F2333A88EC4A5C8EA6BE357323B72D ] vpnva C:\WINDOWS\system32\DRIVERS\vpnva.sys
15:07:13.0859 1700 vpnva - ok
15:07:13.0921 1700 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
15:07:14.0187 1700 VSS - ok
15:07:14.0218 1700 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
15:07:14.0453 1700 W32Time - ok
15:07:14.0593 1700 [ B1F126E7E28877106D60E6FF3998D033 ] w39n51 C:\WINDOWS\system32\DRIVERS\w39n51.sys
15:07:14.0734 1700 w39n51 - ok
15:07:14.0781 1700 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:07:14.0984 1700 Wanarp - ok
15:07:14.0984 1700 WDICA - ok
15:07:15.0015 1700 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:07:15.0343 1700 wdmaud - ok
15:07:15.0390 1700 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:07:15.0625 1700 WebClient - ok
15:07:15.0671 1700 [ E0A00B06EA067C84E124B407DFFA1AF1 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:07:15.0796 1700 winachsf - ok
15:07:15.0875 1700 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:07:16.0062 1700 winmgmt - ok
15:07:16.0109 1700 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
15:07:16.0218 1700 WmdmPmSN - ok
15:07:16.0296 1700 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:07:16.0343 1700 Wmi - ok
15:07:16.0406 1700 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:07:16.0625 1700 WmiAcpi - ok
15:07:16.0718 1700 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:07:17.0000 1700 WmiApSrv - ok
15:07:17.0109 1700 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
15:07:17.0265 1700 WMPNetworkSvc - ok
15:07:17.0312 1700 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:07:17.0421 1700 WpdUsb - ok
15:07:17.0453 1700 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:07:17.0796 1700 WS2IFSL - ok
15:07:17.0859 1700 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:07:18.0062 1700 wscsvc - ok
15:07:18.0109 1700 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:07:18.0296 1700 WSTCODEC - ok
15:07:18.0312 1700 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:07:18.0515 1700 wuauserv - ok
15:07:18.0546 1700 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:07:18.0625 1700 WudfPf - ok
15:07:18.0656 1700 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:07:19.0015 1700 WudfRd - ok
15:07:19.0062 1700 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:07:19.0156 1700 WudfSvc - ok
15:07:19.0203 1700 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:07:19.0468 1700 WZCSVC - ok
15:07:19.0562 1700 [ 81E8DA36CE70858898D5EB81E28A47D2 ] X10Hid C:\WINDOWS\system32\Drivers\x10hid.sys
15:07:19.0671 1700 X10Hid - ok
15:07:19.0703 1700 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
15:07:19.0765 1700 x10nets ( UnsignedFile.Multi.Generic ) - warning
15:07:19.0765 1700 x10nets - detected UnsignedFile.Multi.Generic (1)
15:07:19.0796 1700 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:07:20.0093 1700 xmlprov - ok
15:07:20.0125 1700 ================ Scan global ===============================
15:07:20.0156 1700 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
15:07:20.0250 1700 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
15:07:20.0265 1700 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
15:07:20.0296 1700 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
15:07:20.0296 1700 [Global] - ok
15:07:20.0296 1700 ================ Scan MBR ==================================
15:07:20.0312 1700 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
15:07:20.0671 1700 \Device\Harddisk0\DR0 - ok
15:07:20.0671 1700 ================ Scan VBR ==================================
15:07:20.0671 1700 [ F461E5580FA3D954BB6FD46142113E20 ] \Device\Harddisk0\DR0\Partition1
15:07:20.0671 1700 \Device\Harddisk0\DR0\Partition1 - ok
15:07:20.0671 1700 ============================================================
15:07:20.0671 1700 Scan finished
15:07:20.0671 1700 ============================================================
15:07:20.0796 0548 Detected object count: 31
15:07:20.0796 0548 Actual detected object count: 31
15:08:08.0265 0548 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0265 0548 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0265 0548 BDA_Capture_220 ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0265 0548 BDA_Capture_220 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0265 0548 BDA_Loader_220 ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0265 0548 BDA_Loader_220 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0265 0548 CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0265 0548 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0265 0548 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0265 0548 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0281 0548 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0281 0548 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0281 0548 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0281 0548 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0281 0548 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0281 0548 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0281 0548 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0281 0548 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0281 0548 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0281 0548 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0296 0548 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0296 0548 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0296 0548 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0296 0548 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0296 0548 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0296 0548 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0296 0548 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0296 0548 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0296 0548 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0296 0548 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0296 0548 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0296 0548 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0296 0548 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0296 0548 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0296 0548 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0296 0548 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0312 0548 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0312 0548 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0312 0548 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0312 0548 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0312 0548 Netdevio ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0312 0548 Netdevio ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0312 0548 ovt530 ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0312 0548 ovt530 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0312 0548 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0312 0548 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0328 0548 qkbfiltr ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0328 0548 qkbfiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0328 0548 qmofiltr ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0328 0548 qmofiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0328 0548 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0328 0548 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0328 0548 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0328 0548 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0328 0548 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0328 0548 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0343 0548 tosrfec ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0343 0548 tosrfec ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0343 0548 VcomPort ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0343 0548 VcomPort ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:08.0343 0548 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
15:08:08.0343 0548 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:09:01.0609 2460 Deinitialize success

2. eset:

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6de680ff76e7484cb9ac46ebc2e18f0b
# engine=13145
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-13 06:15:53
# local_time=2013-02-13 07:15:53 (+0100, Westeuropäische Normalzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1799 16775165 100 100 34002 226202643 26643 0
# scanned=148645
# found=4
# cleaned=0
# scan_time=14474
sh=EF50E9B48CA05EC1423DD9C858738A2971BFB8A8 ft=1 fh=5f4591e8147a9bfd vn="Win32/StartPage.OIE trojan" ac=I fn="C:\Dokumente und Einstellungen\Janna\Eigene Dateien\Downloads\vlc-1.1.11-win32.exe"
sh=EF50E9B48CA05EC1423DD9C858738A2971BFB8A8 ft=1 fh=5f4591e8147a9bfd vn="Win32/StartPage.OIE trojan" ac=I fn="F:\System Volume Information\_restore{DD0FF237-AD14-4090-B42A-4C4F2C77CAA7}\RP1155\A0103641.exe"
sh=EF50E9B48CA05EC1423DD9C858738A2971BFB8A8 ft=1 fh=5f4591e8147a9bfd vn="Win32/StartPage.OIE trojan" ac=I fn="F:\Backup 29.11.11\Downloads\vlc-1.1.11-win32.exe"
sh=EF50E9B48CA05EC1423DD9C858738A2971BFB8A8 ft=1 fh=5f4591e8147a9bfd vn="Win32/StartPage.OIE trojan" ac=I fn="F:\Backup 03.02.13\Downloads\vlc-1.1.11-win32.exe"

3. security check:

Results of screen317's Security Check version 0.99.57
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.70.0.1100
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.5.502.149
Adobe Reader 10.1.5 Adobe Reader out of Date!
Mozilla Firefox (18.0.2)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````

LG, Janna