Google-Webseite von Virus blockiert?

Elfaron · 23.09.2011, 18:24

Hallo zusammen,

ich habe mich gerade erst hier registriert und sage lieber sofort am Anfang, dass ich absolut keine Ahnung von Computern habe

Mein Problem ist folgendes:

Seit etwa einem Monat funktioniert google.de bei mir immer weniger.

Zuerst wurde man nur manchmal auf eine falsche Seite weitergeleitet.
(z.B. gebe ich amazon.de ein und lande auf preisvergleich.de)

Dann wurden keine Bilder mehr angezeigt.

Und seit etwa einer Woche kann man bei google.de nichts mehr suchen. Ich gebe etwas in die Suchmaske ein und nichts passiert.

Ich habe schon das halbe Internet nach einer Lösung durchforstet und bin dann schließlich hier gelandet.

Auch habe ich den Eindruck, dass der Internet Explorer extrem langsam arbeitet. Manchmal hängt er sich bei drei geöffneten Registerkarten schon auf.
Auch kann ich unter Extras die Internetoptionen nicht mehr auswählen, außer ich habe den IE 5mal wieder geschlossen und geöffnet.

Gestern habe ich mir Malwarebytes runtergeladen und den PC gescannt. Dabei wurden 7 infizierte Registrierungsschlüssel, sowie eine infizierte Datei gefunden. Die Trojaner habe ich gelöscht, aber google.de funktioniert trotzdem nicht...

Hier einmal das Protokoll:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7772

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

22.09.2011 19:03:46
mbam-log-2011-09-22 (19-03-46).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 322558
Laufzeit: 1 Stunde(n), 40 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 7
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\system volume information\_restore{5abb79ca-d9f0-4440-85c9-2e56beee1136}\RP727\A0102712.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

Ich hoffe jemand kann mir bei meinem Problem helfen. Vielen Dank!

Gruß Elfaron

cosinus · 23.09.2011, 20:56

Führ bitte auch ESET aus, danach sehen wir weiter:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Elfaron · 25.09.2011, 09:27

Wenn ich versuche das ActiveX Element zu installieren, kommt danach nur ein rotes Kreuz oben links in der Ecke.

cosinus · 26.09.2011, 10:15

Dann versuch es mit dem Firefox

Elfaron · 26.09.2011, 15:37

Danke, mit Firefox hat es geklappt:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=05b0002c885b8244888a7fe0ac39a74a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-26 01:55:30
# local_time=2011-09-26 03:55:30 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 219 219 0 0
# scanned=97104
# found=2
# cleaned=0
# scan_time=5830
C:\WINDOWS\system32\shgina32.dll a variant of Win32/Spy.Agent.NTN trojan (unable to clean) 00000000000000000000000000000000 I
${Memory} a variant of Win32/Spy.Agent.NTN trojan 00000000000000000000000000000000 I

cosinus · 26.09.2011, 16:23

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Elfaron · 26.09.2011, 18:09

So, hier die Daten von OTL:

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 26.09.2011 18:32:22 - Run 1
OTL by OldTimer - Version 3.2.29.1     Folder = C:\Dokumente und Einstellungen\Jan\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1023,48 Mb Total Physical Memory | 445,46 Mb Available Physical Memory | 43,52% Memory free
2,40 Gb Paging File | 1,88 Gb Available in Paging File | 78,02% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 185,55 Gb Total Space | 113,92 Gb Free Space | 61,39% Space Free | Partition Type: NTFS
Drive E: | 54,69 Gb Total Space | 54,62 Gb Free Space | 99,88% Space Free | Partition Type: NTFS
Drive F: | 57,84 Gb Total Space | 57,78 Gb Free Space | 99,89% Space Free | Partition Type: NTFS
 
Computer Name: PRIVAT1 | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.09.26 18:30:14 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jan\Eigene Dateien\Downloads\OTL.exe
PRC - [2011.09.03 08:18:05 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.06.15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008.10.01 13:06:14 | 000,116,040 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.12.05 13:15:42 | 000,026,112 | ---- | M] () -- C:\Programme\Steganos Safe Home\SteganosAgent.exe
PRC - [2006.12.05 13:15:42 | 000,025,088 | ---- | M] () -- C:\Programme\Steganos Safe Home\SteganosHotKeyService.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2003.02.18 19:00:36 | 000,212,992 | ---- | M] (Ahead Software AG) -- C:\Programme\Ahead\NeroNET\nnservicectrl.exe
PRC - [2003.02.18 19:00:28 | 001,028,096 | ---- | M] (Ahead Software AG) -- C:\Programme\Ahead\NeroNET\neronet.exe
PRC - [2002.10.30 11:40:34 | 000,028,672 | R--- | M] () -- C:\WINDOWS\htpatch.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.09.03 08:18:05 | 001,846,232 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2009.02.27 17:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2008.10.23 18:45:04 | 000,019,456 | ---- | M] () -- C:\WINDOWS\system32\shgina32.dll
MOD - [2006.12.05 13:15:42 | 000,026,112 | ---- | M] () -- C:\Programme\Steganos Safe Home\SteganosAgent.exe
MOD - [2006.12.05 13:15:42 | 000,025,088 | ---- | M] () -- C:\Programme\Steganos Safe Home\SteganosHotKeyService.exe
MOD - [2006.11.08 15:19:34 | 000,143,360 | ---- | M] () -- C:\Programme\Steganos Safe Home\ShellExtension.dll
MOD - [2006.08.21 13:37:44 | 000,090,112 | ---- | M] () -- C:\Programme\Steganos Safe Home\lib\_ctypes.pyd
MOD - [2006.02.08 13:08:00 | 000,122,880 | ---- | M] () -- C:\Programme\Steganos Safe Home\lib\winxpgui.pyd
MOD - [2006.02.08 13:08:00 | 000,106,496 | ---- | M] () -- C:\Programme\Steganos Safe Home\lib\win32gui.pyd
MOD - [2006.02.08 13:08:00 | 000,073,728 | ---- | M] () -- C:\Programme\Steganos Safe Home\lib\win32api.pyd
MOD - [2006.02.08 13:08:00 | 000,014,848 | ---- | M] () -- C:\Programme\Steganos Safe Home\lib\win32event.pyd
MOD - [2006.02.06 13:41:28 | 000,102,400 | ---- | M] () -- C:\Programme\Steganos Safe Home\lib\pywintypes24.dll
MOD - [2005.10.20 11:36:08 | 000,077,824 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005.10.20 11:36:08 | 000,065,536 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2005.09.28 13:41:22 | 000,135,168 | ---- | M] () -- C:\Programme\Steganos Safe Home\lib\pyexpat.pyd
MOD - [2005.09.28 13:41:20 | 000,069,632 | ---- | M] () -- C:\Programme\Steganos Safe Home\lib\zlib.pyd
MOD - [2005.09.28 13:41:14 | 001,867,776 | ---- | M] () -- C:\Programme\Steganos Safe Home\python24.dll
MOD - [2005.03.28 11:48:54 | 000,315,392 | ---- | M] () -- C:\Programme\Steganos Safe Home\lib\_imaging.pyd
MOD - [2003.01.14 11:16:44 | 001,163,337 | ---- | M] () -- C:\Programme\Ahead\NeroNET\ace.dll
MOD - [2002.10.30 11:40:34 | 000,028,672 | R--- | M] () -- C:\WINDOWS\htpatch.exe
MOD - [2001.08.22 16:25:18 | 000,712,704 | ---- | M] () -- C:\Programme\Ahead\NeroNET\xslt.dll
MOD - [2001.08.22 16:25:18 | 000,458,752 | ---- | M] () -- C:\Programme\Ahead\NeroNET\xpath.dll
MOD - [2001.08.22 16:25:18 | 000,212,992 | ---- | M] () -- C:\Programme\Ahead\NeroNET\xercesparserliaison.dll
MOD - [2001.08.22 16:25:18 | 000,208,896 | ---- | M] () -- C:\Programme\Ahead\NeroNET\platformsupport.dll
MOD - [2001.08.22 16:25:18 | 000,155,648 | ---- | M] () -- C:\Programme\Ahead\NeroNET\xmlsupport.dll
MOD - [2001.08.22 16:25:18 | 000,131,072 | ---- | M] () -- C:\Programme\Ahead\NeroNET\xalansourcetree.dll
MOD - [2001.08.22 16:25:18 | 000,049,152 | ---- | M] () -- C:\Programme\Ahead\NeroNET\xalandom.dll
MOD - [2001.08.22 16:25:18 | 000,049,152 | ---- | M] () -- C:\Programme\Ahead\NeroNET\domsupport.dll
MOD - [2001.08.22 16:25:18 | 000,036,864 | ---- | M] () -- C:\Programme\Ahead\NeroNET\xalantransformer.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (JavaQuickStarterService)
SRV - File not found [On_Demand | Stopped] --  -- (iPod Service)
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008.10.01 13:06:14 | 000,116,040 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008.08.29 10:00:30 | 000,033,752 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [2003.02.18 19:00:28 | 001,028,096 | ---- | M] (Ahead Software AG) [Auto | Running] -- C:\Programme\Ahead\NeroNET\NeroNET.exe -- (NeroNET)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.09.26 16:47:56 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{5C29B0C6-8933-4105-98A0-E548AB483949}\MpKsl0988ce07.sys -- (MpKsl0988ce07)
DRV - [2008.04.13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006.11.08 15:19:24 | 000,072,480 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt ) [Driver] [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sleen14.sys -- (SLEE_14_DRIVER)
DRV - [2002.10.31 05:58:42 | 000,030,848 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002.07.10 17:39:34 | 000,032,256 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2001.08.17 14:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.youtube.com/
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.08.31 18:18:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.09.26 18:18:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 
[2011.09.26 18:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Mozilla\Extensions
[2011.09.26 18:18:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.09.03 20:15:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.09.03 08:18:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.09.03 02:19:44 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.03 02:13:56 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.09.03 02:19:44 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.03 02:19:44 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.03 02:19:44 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.03 02:19:44 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll File not found
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [Device Detection] C:\Programme\fotokasten comfort\dd.exe File not found
O4 - HKLM..\Run: [HTpatch] C:\WINDOWS\htpatch.exe ()
O4 - HKLM..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" File not found
O4 - HKLM..\Run: [MSC] c:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NeroNETTrayIcon] C:\Programme\Ahead\NeroNET\nnservicectrl.exe (Ahead Software AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime File not found
O4 - HKLM..\Run: [SAFEHOME Agent] C:\Programme\Steganos Safe Home\SteganosAgent.exe ()
O4 - HKLM..\Run: [SAFEHOME HotKeys] C:\Programme\Steganos Safe Home\SteganosHotKeyService.exe ()
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91CDB487-B060-42BC-B63D-2F87AFF0F185}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Jan\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Jan\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.21 16:48:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011.07.16 16:41:46 | 000,465,920 | ---- | M] () - F:\Autos Tankdateien und Ausgaben.xls -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt -  File not found
NetSvcs: HidServ -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
 
SafeBootMin: AppMgmt -  File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MsMpSvc - c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt -  File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MsMpSvc - c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Reg Error: Value error.
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package - 
 
Drivers32: MSACM.CEGSM - C:\WINDOWS\System32\mobileV.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.09.26 18:18:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Mozilla
[2011.09.26 18:18:09 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2011.09.26 16:48:28 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.09.26 14:13:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jan\Eigene Dateien\Downloads
[2011.09.26 14:11:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jan\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2011.09.22 17:21:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Malwarebytes
[2011.09.22 17:18:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.09.22 17:18:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.09.22 17:18:27 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.09.22 17:18:27 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2011.09.19 15:03:19 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Jan\Eigene Dateien\Eigene Musik
[2011.09.19 15:03:18 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Jan\Eigene Dateien\Eigene Bilder
[2011.09.19 14:57:11 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.09.18 09:55:39 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2011.09.17 19:33:10 | 000,000,000 | ---D | C] -- C:\Programme\Windows Defender
[2011.09.17 19:13:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jan\Lokale Einstellungen\Anwendungsdaten\NPE
[2011.09.17 18:56:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
[2011.09.17 18:56:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Symantec
[2011.09.17 18:56:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
[2011.09.17 11:26:24 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Jan\Eigene Dateien
[2011.09.17 11:21:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jan\Desktop\Jan
[2011.09.17 11:16:20 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Jan\Favoriten
[2011.09.17 11:16:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jan\Desktop
[2011.09.17 11:06:44 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Jan\Cookies
[2011.09.17 11:00:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jan\ElsterFormular
[2011.09.17 11:00:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jan\Application Data
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.09.26 18:32:30 | 000,000,382 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2011.09.26 18:32:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{CADBD029-0112-47AA-8330-1609ED782BE0}.job
[2011.09.26 18:28:00 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-1965331169-725345543-1010.job
[2011.09.26 18:28:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1010.job
[2011.09.26 18:18:15 | 000,000,696 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2011.09.26 18:16:06 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.26 18:01:22 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.09.26 16:53:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.09.26 16:48:28 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.09.26 16:48:10 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2011.09.26 16:48:10 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2011.09.26 16:47:40 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011.09.26 16:47:37 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.26 16:47:28 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1004.job
[2011.09.26 16:47:27 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1009.job
[2011.09.26 16:47:27 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1011.job
[2011.09.26 16:47:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.09.26 16:47:17 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.26 16:47:17 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.09.26 16:42:39 | 000,000,038 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2011.09.22 19:08:35 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-1965331169-725345543-1004.job
[2011.09.22 17:18:33 | 000,000,624 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.19 15:39:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.09.18 09:56:58 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011.09.17 19:20:05 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\SMRBackup210.dat
[2011.09.17 13:19:59 | 000,681,040 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.09.17 13:19:59 | 000,627,618 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.09.17 13:19:59 | 000,179,338 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.09.17 13:19:59 | 000,146,484 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.09.17 11:22:36 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Jan\Desktop\Arbeitsplatz.lnk
[2011.09.17 10:55:27 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-1965331169-725345543-1011.job
[2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.09.26 18:18:15 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2011.09.26 18:18:15 | 000,000,696 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2011.09.22 17:18:33 | 000,000,624 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.19 15:03:26 | 000,000,783 | ---- | C] () -- C:\Dokumente und Einstellungen\Jan\Startmenü\Programme\Internet Explorer.lnk
[2011.09.18 10:01:25 | 000,000,416 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.09.18 10:01:24 | 000,000,382 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2011.09.18 09:55:49 | 000,001,652 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Security Essentials.lnk
[2011.09.17 21:51:18 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011.09.17 19:49:46 | 000,001,085 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Defender.lnk
[2011.09.17 19:20:05 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\SMRBackup210.dat
[2011.09.17 11:22:35 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Jan\Desktop\Arbeitsplatz.lnk
[2011.09.17 11:02:53 | 000,001,044 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011.07.16 15:54:07 | 000,161,808 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.06.24 15:30:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010.11.12 19:34:39 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.11.12 19:34:38 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.11.12 19:34:38 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.07.10 00:38:00 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009.11.08 13:51:38 | 000,000,025 | ---- | C] () -- C:\WINDOWS\msftscc.ini
[2009.08.31 17:31:31 | 000,006,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Jan\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.23 18:45:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\shgina32.dll
[2008.09.15 17:10:57 | 000,000,009 | ---- | C] () -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\mdb.bin
[2008.04.15 17:22:21 | 000,105,302 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2007.12.08 16:00:34 | 000,000,921 | ---- | C] () -- C:\WINDOWS\banania.ini
[2007.10.30 13:26:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2007.10.14 16:41:53 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.10.14 16:40:18 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\NMOCOD.DLL
[2007.10.14 16:40:18 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\INETWH32.DLL
[2007.10.14 16:32:15 | 000,000,099 | ---- | C] () -- C:\WINDOWS\DYAHTZEE.INI
[2007.09.14 19:36:12 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE
[2007.09.14 19:36:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\gksl_ger.dll
[2007.07.18 10:39:51 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007.02.27 20:37:26 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007.02.27 20:24:35 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007.02.27 20:20:08 | 000,128,778 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2007.02.24 14:16:03 | 000,003,038 | ---- | C] () -- C:\WINDOWS\tm.ini
[2007.01.21 18:19:58 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2007.01.21 18:19:58 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2007.01.21 18:19:54 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2007.01.21 18:19:54 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2007.01.21 18:19:50 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2007.01.21 18:19:50 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2007.01.21 18:19:50 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2007.01.21 18:19:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2007.01.21 18:19:14 | 000,028,672 | R--- | C] () -- C:\WINDOWS\htpatch.exe
[2007.01.21 18:19:14 | 000,003,072 | R--- | C] () -- C:\WINDOWS\winio.sys
[2007.01.21 18:18:19 | 000,002,140 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007.01.21 18:18:17 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.01.21 17:23:15 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.01.21 16:50:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.01.21 16:45:26 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.01.21 16:39:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.01.21 16:37:59 | 000,273,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.05.05 12:25:27 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2004.08.04 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.04 14:00:00 | 000,681,040 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004.08.04 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.04 14:00:00 | 000,627,618 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.04 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.04 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004.08.04 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.04 14:00:00 | 000,179,338 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004.08.04 14:00:00 | 000,146,484 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.04 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.04 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004.08.04 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.04 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.04 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.04 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.04 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003.07.10 21:45:46 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2003.07.10 21:45:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2003.07.10 21:45:46 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2003.07.10 21:45:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\AegisI2.exe
[2003.07.10 21:45:46 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AegisI4b.exe
[2001.07.07 04:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[2000.02.28 16:26:02 | 000,092,660 | ---- | C] () -- C:\WINDOWS\System32\bass.dll
[1998.05.20 15:17:12 | 000,280,064 | ---- | C] () -- C:\WINDOWS\System32\CNCS232.DLL
 
========== LOP Check ==========
 
[2011.05.15 09:53:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2008.08.16 10:38:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\ICQ Toolbar
[2009.04.29 13:04:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Image Zone Express
[2009.04.29 12:59:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Printer Info Cache
[2009.03.26 15:00:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\VirtuelleProbefahrt
[2011.09.26 18:01:22 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011.09.26 18:32:30 | 000,000,382 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2011.09.26 18:32:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{CADBD029-0112-47AA-8330-1609ED782BE0}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2008.08.26 17:01:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Adobe
[2009.05.30 16:32:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Apple Computer
[2009.04.19 19:56:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\CyberLink
[2009.03.02 16:32:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Google
[2008.08.16 10:53:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\HP
[2009.12.14 14:51:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\HpUpdate
[2008.08.16 10:38:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\ICQ Toolbar
[2008.08.16 10:32:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Identities
[2009.04.29 13:04:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Image Zone Express
[2008.10.20 16:44:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Macromedia
[2011.09.22 17:21:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Malwarebytes
[2011.04.30 11:29:05 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Microsoft
[2011.09.26 18:27:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Mozilla
[2009.04.29 12:59:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Printer Info Cache
[2008.10.23 16:53:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Real
[2008.08.17 18:21:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\Sun
[2009.03.26 15:00:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\VirtuelleProbefahrt
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
[2007.01.21 18:41:42 | 023,067,984 | ---- | M] (                            ) -- C:\AdbeRdr80_de_DE.exe
 
 
< MD5 for: AGP440.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.08.22 17:50:40 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.08.22 17:50:40 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.08.22 17:50:40 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.08.22 17:50:40 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll
[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2004.08.04 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll
[2007.03.08 17:48:39 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2007.01.21 17:37:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2007.01.21 17:37:10 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2007.01.21 17:37:09 | 000,409,600 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >

--- --- ---

cosinus · 26.09.2011, 19:49

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll File not found
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O4 - HKLM..\Run: []  File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.21 16:48:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011.07.16 16:41:46 | 000,465,920 | ---- | M] () - F:\Autos Tankdateien und Ausgaben.xls -- [ NTFS ]
[2008.10.23 18:45:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\shgina32.dll
[2008.08.16 10:38:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\ICQ Toolbar
:Commands
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Elfaron · 27.09.2011, 13:58

So hier dann die Daten:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
F:\Autos Tankdateien und Ausgaben.xls moved successfully.
C:\WINDOWS\system32\shgina32.dll moved successfully.
C:\Dokumente und Einstellungen\Jan\Anwendungsdaten\ICQ Toolbar folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes

User: Ines
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 54460406 bytes
->Java cache emptied: 37680939 bytes
->Flash cache emptied: 35449 bytes

User: Jan
->Temp folder emptied: 37208274 bytes
->Temporary Internet Files folder emptied: 139924625 bytes
->Java cache emptied: 83806450 bytes
->FireFox cache emptied: 17205795 bytes
->Flash cache emptied: 470 bytes

User: Jan.PRIVAT1
->Temp folder emptied: 5037245 bytes
->Temporary Internet Files folder emptied: 151043777 bytes
->Flash cache emptied: 487 bytes

User: Jürgen
->Temp folder emptied: 4399250 bytes
->Temporary Internet Files folder emptied: 35487790 bytes
->Java cache emptied: 49183002 bytes
->Flash cache emptied: 1056 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 3034747 bytes

User: NetworkService
->Temp folder emptied: 48956 bytes
->Temporary Internet Files folder emptied: 40085242 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134333 bytes
%systemroot%\System32 .tmp files removed: 3095907 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1565738 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 635,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.29.1 log created on 09272011_145157

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus · 27.09.2011, 14:46

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )

Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!

Elfaron · 27.09.2011, 15:03

Hier das Log:

15:57:04.0062 3176 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
15:57:04.0203 3176 ============================================================
15:57:04.0203 3176 Current date / time: 2011/09/27 15:57:04.0203
15:57:04.0203 3176 SystemInfo:
15:57:04.0203 3176
15:57:04.0203 3176 OS Version: 5.1.2600 ServicePack: 3.0
15:57:04.0203 3176 Product type: Workstation
15:57:04.0203 3176 ComputerName: PRIVAT1
15:57:04.0203 3176 UserName: Jan
15:57:04.0203 3176 Windows directory: C:\WINDOWS
15:57:04.0203 3176 System windows directory: C:\WINDOWS
15:57:04.0203 3176 Processor architecture: Intel x86
15:57:04.0203 3176 Number of processors: 1
15:57:04.0203 3176 Page size: 0x1000
15:57:04.0203 3176 Boot type: Normal boot
15:57:04.0203 3176 ============================================================
15:57:08.0609 3176 Initialize success
15:58:07.0718 3888 ============================================================
15:58:07.0718 3888 Scan started
15:58:07.0718 3888 Mode: Manual;
15:58:07.0718 3888 ============================================================
15:58:08.0828 3888 Abiosdsk - ok
15:58:08.0859 3888 abp480n5 - ok
15:58:08.0937 3888 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:58:08.0937 3888 ACPI - ok
15:58:09.0015 3888 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:58:09.0015 3888 ACPIEC - ok
15:58:09.0062 3888 adpu160m - ok
15:58:09.0109 3888 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:58:09.0125 3888 aec - ok
15:58:09.0187 3888 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
15:58:09.0187 3888 AFD - ok
15:58:09.0218 3888 Aha154x - ok
15:58:09.0250 3888 aic78u2 - ok
15:58:09.0296 3888 aic78xx - ok
15:58:09.0343 3888 AliIde - ok
15:58:09.0406 3888 AmdK7 (3a0dafac778236559c14c7203fb550eb) C:\WINDOWS\system32\DRIVERS\amdk7.sys
15:58:09.0406 3888 AmdK7 - ok
15:58:09.0437 3888 amsint - ok
15:58:09.0484 3888 asc - ok
15:58:09.0515 3888 asc3350p - ok
15:58:09.0546 3888 asc3550 - ok
15:58:09.0609 3888 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:58:09.0609 3888 AsyncMac - ok
15:58:09.0671 3888 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:58:09.0671 3888 atapi - ok
15:58:09.0703 3888 Atdisk - ok
15:58:09.0781 3888 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:58:09.0781 3888 Atmarpc - ok
15:58:09.0843 3888 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:58:09.0843 3888 audstub - ok
15:58:09.0890 3888 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:58:09.0890 3888 Beep - ok
15:58:09.0968 3888 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:58:09.0984 3888 cbidf2k - ok
15:58:10.0000 3888 cd20xrnt - ok
15:58:10.0046 3888 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:58:10.0046 3888 Cdaudio - ok
15:58:10.0125 3888 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:58:10.0125 3888 Cdfs - ok
15:58:10.0156 3888 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:58:10.0156 3888 Cdrom - ok
15:58:10.0203 3888 Changer - ok
15:58:10.0265 3888 CmdIde - ok
15:58:10.0343 3888 cmuda (c9acb382326b55748b2fc38b8a6a0759) C:\WINDOWS\system32\drivers\cmuda.sys
15:58:10.0375 3888 cmuda - ok
15:58:10.0437 3888 Cpqarray - ok
15:58:10.0484 3888 dac2w2k - ok
15:58:10.0515 3888 dac960nt - ok
15:58:10.0562 3888 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:58:10.0562 3888 Disk - ok
15:58:10.0640 3888 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
15:58:10.0656 3888 dmboot - ok
15:58:10.0718 3888 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
15:58:10.0718 3888 dmio - ok
15:58:10.0765 3888 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:58:10.0765 3888 dmload - ok
15:58:10.0828 3888 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:58:10.0828 3888 DMusic - ok
15:58:10.0875 3888 dpti2o - ok
15:58:10.0937 3888 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:58:10.0937 3888 drmkaud - ok
15:58:10.0968 3888 DT154_A02 - ok
15:58:11.0078 3888 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:58:11.0093 3888 Fastfat - ok
15:58:11.0156 3888 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:58:11.0156 3888 Fdc - ok
15:58:11.0203 3888 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
15:58:11.0203 3888 Fips - ok
15:58:11.0234 3888 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:58:11.0234 3888 Flpydisk - ok
15:58:11.0312 3888 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:58:11.0312 3888 FltMgr - ok
15:58:11.0343 3888 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:58:11.0359 3888 Fs_Rec - ok
15:58:11.0375 3888 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:58:11.0390 3888 Ftdisk - ok
15:58:11.0421 3888 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
15:58:11.0421 3888 gagp30kx - ok
15:58:11.0468 3888 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
15:58:11.0484 3888 gameenum - ok
15:58:11.0515 3888 GEARAspiWDM - ok
15:58:11.0562 3888 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:58:11.0562 3888 Gpc - ok
15:58:11.0656 3888 hidgame (923ee4eef2582909a056904ca8026015) C:\WINDOWS\system32\DRIVERS\hidgame.sys
15:58:11.0656 3888 hidgame - ok
15:58:11.0734 3888 hpn - ok
15:58:11.0828 3888 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:58:11.0828 3888 HPZid412 - ok
15:58:11.0859 3888 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:58:11.0875 3888 HPZipr12 - ok
15:58:11.0937 3888 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:58:11.0953 3888 HPZius12 - ok
15:58:12.0031 3888 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:58:12.0046 3888 HTTP - ok
15:58:12.0078 3888 i2omgmt - ok
15:58:12.0125 3888 i2omp - ok
15:58:12.0171 3888 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:58:12.0187 3888 i8042prt - ok
15:58:12.0218 3888 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:58:12.0218 3888 Imapi - ok
15:58:12.0265 3888 ini910u - ok
15:58:12.0296 3888 IntelIde - ok
15:58:12.0359 3888 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:58:12.0375 3888 Ip6Fw - ok
15:58:12.0421 3888 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:58:12.0421 3888 IpFilterDriver - ok
15:58:12.0453 3888 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:58:12.0468 3888 IpInIp - ok
15:58:12.0718 3888 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:58:12.0734 3888 IpNat - ok
15:58:12.0890 3888 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:58:12.0890 3888 IPSec - ok
15:58:12.0937 3888 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:58:12.0937 3888 IRENUM - ok
15:58:13.0000 3888 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:58:13.0015 3888 isapnp - ok
15:58:13.0062 3888 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:58:13.0078 3888 Kbdclass - ok
15:58:13.0109 3888 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:58:13.0109 3888 kmixer - ok
15:58:13.0171 3888 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:58:13.0171 3888 KSecDD - ok
15:58:13.0218 3888 lbrtfdc - ok
15:58:13.0312 3888 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:58:13.0312 3888 mnmdd - ok
15:58:13.0375 3888 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
15:58:13.0375 3888 Modem - ok
15:58:13.0421 3888 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:58:13.0421 3888 Mouclass - ok
15:58:13.0468 3888 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:58:13.0468 3888 MountMgr - ok
15:58:13.0546 3888 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
15:58:13.0546 3888 MpFilter - ok
15:58:13.0656 3888 MpKslb64fdd7d (5f53edfead46fa7adb78eee9ecce8fdf) c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{D28B6866-7D4B-4535-92ED-855B702674B6}\MpKslb64fdd7d.sys
15:58:13.0656 3888 MpKslb64fdd7d - ok
15:58:13.0687 3888 mraid35x - ok
15:58:13.0750 3888 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:58:13.0750 3888 MRxDAV - ok
15:58:13.0812 3888 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:58:13.0843 3888 MRxSmb - ok
15:58:13.0890 3888 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:58:13.0890 3888 Msfs - ok
15:58:13.0937 3888 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:58:13.0953 3888 MSKSSRV - ok
15:58:13.0984 3888 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:58:14.0015 3888 MSPCLOCK - ok
15:58:14.0046 3888 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:58:14.0046 3888 MSPQM - ok
15:58:14.0125 3888 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:58:14.0125 3888 mssmbios - ok
15:58:14.0156 3888 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:58:14.0156 3888 Mup - ok
15:58:14.0234 3888 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:58:14.0234 3888 NDIS - ok
15:58:14.0281 3888 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:58:14.0296 3888 NdisTapi - ok
15:58:14.0343 3888 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:58:14.0343 3888 Ndisuio - ok
15:58:14.0390 3888 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:58:14.0390 3888 NdisWan - ok
15:58:14.0437 3888 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:58:14.0437 3888 NDProxy - ok
15:58:14.0500 3888 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:58:14.0500 3888 NetBIOS - ok
15:58:14.0531 3888 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:58:14.0546 3888 NetBT - ok
15:58:14.0609 3888 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:58:14.0609 3888 Npfs - ok
15:58:14.0671 3888 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:58:14.0687 3888 Ntfs - ok
15:58:14.0750 3888 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:58:14.0750 3888 Null - ok
15:58:15.0078 3888 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:58:15.0312 3888 nv - ok
15:58:15.0375 3888 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:58:15.0375 3888 NwlnkFlt - ok
15:58:15.0421 3888 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:58:15.0421 3888 NwlnkFwd - ok
15:58:15.0500 3888 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
15:58:15.0500 3888 Parport - ok
15:58:15.0531 3888 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:58:15.0531 3888 PartMgr - ok
15:58:15.0593 3888 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
15:58:15.0593 3888 ParVdm - ok
15:58:15.0656 3888 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
15:58:15.0656 3888 PCI - ok
15:58:15.0718 3888 PCIDump - ok
15:58:15.0781 3888 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:58:15.0781 3888 PCIIde - ok
15:58:15.0859 3888 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:58:15.0859 3888 Pcmcia - ok
15:58:15.0890 3888 PDCOMP - ok
15:58:15.0937 3888 PDFRAME - ok
15:58:15.0984 3888 PDRELI - ok
15:58:16.0000 3888 PDRFRAME - ok
15:58:16.0046 3888 perc2 - ok
15:58:16.0078 3888 perc2hib - ok
15:58:16.0203 3888 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:58:16.0203 3888 PptpMiniport - ok
15:58:16.0234 3888 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:58:16.0234 3888 PSched - ok
15:58:16.0312 3888 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:58:16.0312 3888 Ptilink - ok
15:58:16.0406 3888 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:58:16.0406 3888 PxHelp20 - ok
15:58:16.0437 3888 ql1080 - ok
15:58:16.0468 3888 Ql10wnt - ok
15:58:16.0500 3888 ql12160 - ok
15:58:16.0531 3888 ql1240 - ok
15:58:16.0562 3888 ql1280 - ok
15:58:16.0625 3888 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:58:16.0625 3888 RasAcd - ok
15:58:16.0703 3888 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:58:16.0703 3888 Rasl2tp - ok
15:58:16.0750 3888 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:58:16.0750 3888 RasPppoe - ok
15:58:16.0796 3888 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:58:16.0796 3888 Raspti - ok
15:58:16.0859 3888 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:58:16.0875 3888 Rdbss - ok
15:58:16.0906 3888 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:58:16.0906 3888 RDPCDD - ok
15:58:16.0984 3888 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
15:58:17.0000 3888 RDPWD - ok
15:58:17.0062 3888 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:58:17.0062 3888 redbook - ok
15:58:17.0203 3888 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:58:17.0203 3888 Secdrv - ok
15:58:17.0265 3888 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:58:17.0265 3888 serenum - ok
15:58:17.0296 3888 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
15:58:17.0296 3888 Serial - ok
15:58:17.0359 3888 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:58:17.0359 3888 Sfloppy - ok
15:58:17.0421 3888 Simbad - ok
15:58:17.0484 3888 SISAGP (1630fbdbcb0cf3a60c02b6f140bab98b) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
15:58:17.0515 3888 SISAGP - ok
15:58:17.0546 3888 SISNIC (8204c49cde112f7b9c2f15707fe2cc5a) C:\WINDOWS\system32\DRIVERS\sisnic.sys
15:58:17.0546 3888 SISNIC - ok
15:58:17.0640 3888 SLEE_14_DRIVER (c6e1c173e703666e80e6bf138319b501) C:\WINDOWS\system32\drivers\Sleen14.sys
15:58:17.0703 3888 SLEE_14_DRIVER - ok
15:58:17.0750 3888 Sparrow - ok
15:58:17.0812 3888 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:58:17.0812 3888 splitter - ok
15:58:17.0859 3888 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
15:58:17.0859 3888 sr - ok
15:58:17.0906 3888 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:58:17.0921 3888 Srv - ok
15:58:17.0968 3888 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:58:17.0968 3888 swenum - ok
15:58:18.0031 3888 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:58:18.0031 3888 swmidi - ok
15:58:18.0078 3888 symc810 - ok
15:58:18.0109 3888 symc8xx - ok
15:58:18.0140 3888 sym_hi - ok
15:58:18.0171 3888 sym_u3 - ok
15:58:18.0250 3888 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:58:18.0250 3888 sysaudio - ok
15:58:18.0328 3888 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:58:18.0343 3888 Tcpip - ok
15:58:18.0375 3888 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:58:18.0390 3888 TDPIPE - ok
15:58:18.0421 3888 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:58:18.0421 3888 TDTCP - ok
15:58:18.0468 3888 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:58:18.0468 3888 TermDD - ok
15:58:18.0500 3888 TosIde - ok
15:58:18.0562 3888 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:58:18.0562 3888 Udfs - ok
15:58:18.0625 3888 ultra - ok
15:58:18.0703 3888 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:58:18.0718 3888 Update - ok
15:58:18.0781 3888 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:58:18.0781 3888 usbccgp - ok
15:58:18.0828 3888 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:58:18.0828 3888 usbehci - ok
15:58:18.0906 3888 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:58:18.0906 3888 usbhub - ok
15:58:18.0937 3888 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:58:18.0953 3888 usbohci - ok
15:58:19.0000 3888 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:58:19.0015 3888 usbprint - ok
15:58:19.0062 3888 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:58:19.0078 3888 usbscan - ok
15:58:19.0125 3888 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:58:19.0125 3888 USBSTOR - ok
15:58:19.0187 3888 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:58:19.0187 3888 VgaSave - ok
15:58:19.0234 3888 ViaIde - ok
15:58:19.0296 3888 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
15:58:19.0296 3888 VolSnap - ok
15:58:19.0359 3888 w32n5223 - ok
15:58:19.0406 3888 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:58:19.0406 3888 Wanarp - ok
15:58:19.0484 3888 wceusbsh (dc7f91b2ed24a738c807ea07f298928c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
15:58:19.0484 3888 wceusbsh - ok
15:58:19.0515 3888 WDICA - ok
15:58:19.0562 3888 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:58:19.0562 3888 wdmaud - ok
15:58:19.0750 3888 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:58:19.0781 3888 WudfPf - ok
15:58:19.0843 3888 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:58:19.0875 3888 WudfRd - ok
15:58:19.0937 3888 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
15:58:20.0031 3888 \Device\Harddisk0\DR0 - ok
15:58:20.0046 3888 Boot (0x1200) (f83ebcabe2236626d6e93a067488e559) \Device\Harddisk0\DR0\Partition0
15:58:20.0046 3888 \Device\Harddisk0\DR0\Partition0 - ok
15:58:20.0093 3888 Boot (0x1200) (82d7f2678b880d34a89283a34e59f989) \Device\Harddisk0\DR0\Partition1
15:58:20.0093 3888 \Device\Harddisk0\DR0\Partition1 - ok
15:58:20.0125 3888 Boot (0x1200) (db6435b8a74a3c88c3d211893509803a) \Device\Harddisk0\DR0\Partition2
15:58:20.0125 3888 \Device\Harddisk0\DR0\Partition2 - ok
15:58:20.0125 3888 ============================================================
15:58:20.0125 3888 Scan finished
15:58:20.0125 3888 ============================================================
15:58:20.0156 3664 Detected object count: 0
15:58:20.0156 3664 Actual detected object count: 0
15:58:25.0093 1768 ============================================================
15:58:25.0093 1768 Scan started
15:58:25.0093 1768 Mode: Manual;
15:58:25.0093 1768 ============================================================
15:58:25.0484 1768 Abiosdsk - ok
15:58:25.0515 1768 abp480n5 - ok
15:58:25.0578 1768 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:58:25.0593 1768 ACPI - ok
15:58:25.0656 1768 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:58:25.0656 1768 ACPIEC - ok
15:58:25.0687 1768 adpu160m - ok
15:58:25.0765 1768 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:58:25.0765 1768 aec - ok
15:58:25.0812 1768 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
15:58:25.0812 1768 AFD - ok
15:58:25.0843 1768 Aha154x - ok
15:58:25.0875 1768 aic78u2 - ok
15:58:25.0906 1768 aic78xx - ok
15:58:25.0984 1768 AliIde - ok
15:58:26.0046 1768 AmdK7 (3a0dafac778236559c14c7203fb550eb) C:\WINDOWS\system32\DRIVERS\amdk7.sys
15:58:26.0046 1768 AmdK7 - ok
15:58:26.0093 1768 amsint - ok
15:58:26.0156 1768 asc - ok
15:58:26.0187 1768 asc3350p - ok
15:58:26.0218 1768 asc3550 - ok
15:58:26.0296 1768 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:58:26.0296 1768 AsyncMac - ok
15:58:26.0375 1768 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:58:26.0375 1768 atapi - ok
15:58:26.0390 1768 Atdisk - ok
15:58:26.0453 1768 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:58:26.0453 1768 Atmarpc - ok
15:58:26.0500 1768 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:58:26.0500 1768 audstub - ok
15:58:26.0562 1768 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:58:26.0562 1768 Beep - ok
15:58:26.0625 1768 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:58:26.0625 1768 cbidf2k - ok
15:58:26.0671 1768 cd20xrnt - ok
15:58:26.0703 1768 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:58:26.0703 1768 Cdaudio - ok
15:58:26.0765 1768 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:58:26.0765 1768 Cdfs - ok
15:58:26.0812 1768 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:58:26.0828 1768 Cdrom - ok
15:58:26.0859 1768 Changer - ok
15:58:26.0921 1768 CmdIde - ok
15:58:27.0000 1768 cmuda (c9acb382326b55748b2fc38b8a6a0759) C:\WINDOWS\system32\drivers\cmuda.sys
15:58:27.0015 1768 cmuda - ok
15:58:27.0062 1768 Cpqarray - ok
15:58:27.0093 1768 dac2w2k - ok
15:58:27.0140 1768 dac960nt - ok
15:58:27.0187 1768 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:58:27.0187 1768 Disk - ok
15:58:27.0265 1768 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
15:58:27.0265 1768 dmboot - ok
15:58:27.0328 1768 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
15:58:27.0328 1768 dmio - ok
15:58:27.0375 1768 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:58:27.0390 1768 dmload - ok
15:58:27.0468 1768 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:58:27.0468 1768 DMusic - ok
15:58:27.0515 1768 dpti2o - ok
15:58:27.0593 1768 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:58:27.0593 1768 drmkaud - ok
15:58:27.0640 1768 DT154_A02 - ok
15:58:27.0718 1768 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:58:27.0718 1768 Fastfat - ok
15:58:27.0765 1768 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:58:27.0765 1768 Fdc - ok
15:58:27.0796 1768 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
15:58:27.0796 1768 Fips - ok
15:58:27.0843 1768 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:58:27.0859 1768 Flpydisk - ok
15:58:27.0906 1768 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:58:27.0906 1768 FltMgr - ok
15:58:27.0937 1768 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:58:27.0937 1768 Fs_Rec - ok
15:58:27.0968 1768 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:58:27.0984 1768 Ftdisk - ok
15:58:28.0031 1768 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
15:58:28.0031 1768 gagp30kx - ok
15:58:28.0093 1768 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
15:58:28.0093 1768 gameenum - ok
15:58:28.0125 1768 GEARAspiWDM - ok
15:58:28.0187 1768 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:58:28.0187 1768 Gpc - ok
15:58:28.0265 1768 hidgame (923ee4eef2582909a056904ca8026015) C:\WINDOWS\system32\DRIVERS\hidgame.sys
15:58:28.0265 1768 hidgame - ok
15:58:28.0312 1768 hpn - ok
15:58:28.0375 1768 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:58:28.0375 1768 HPZid412 - ok
15:58:28.0406 1768 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:58:28.0406 1768 HPZipr12 - ok
15:58:28.0484 1768 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:58:28.0484 1768 HPZius12 - ok
15:58:28.0531 1768 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:58:28.0546 1768 HTTP - ok
15:58:28.0578 1768 i2omgmt - ok
15:58:28.0625 1768 i2omp - ok
15:58:28.0703 1768 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:58:28.0703 1768 i8042prt - ok
15:58:28.0765 1768 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:58:28.0765 1768 Imapi - ok
15:58:28.0796 1768 ini910u - ok
15:58:28.0843 1768 IntelIde - ok
15:58:28.0906 1768 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:58:28.0906 1768 Ip6Fw - ok
15:58:28.0937 1768 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:58:28.0937 1768 IpFilterDriver - ok
15:58:28.0968 1768 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:58:28.0984 1768 IpInIp - ok
15:58:29.0031 1768 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:58:29.0031 1768 IpNat - ok
15:58:29.0109 1768 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:58:29.0109 1768 IPSec - ok
15:58:29.0156 1768 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:58:29.0156 1768 IRENUM - ok
15:58:29.0203 1768 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:58:29.0203 1768 isapnp - ok
15:58:29.0265 1768 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:58:29.0265 1768 Kbdclass - ok
15:58:29.0312 1768 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:58:29.0312 1768 kmixer - ok
15:58:29.0375 1768 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:58:29.0375 1768 KSecDD - ok
15:58:29.0421 1768 lbrtfdc - ok
15:58:29.0531 1768 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:58:29.0531 1768 mnmdd - ok
15:58:29.0578 1768 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
15:58:29.0578 1768 Modem - ok
15:58:29.0609 1768 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:58:29.0609 1768 Mouclass - ok
15:58:29.0656 1768 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:58:29.0656 1768 MountMgr - ok
15:58:29.0718 1768 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
15:58:29.0718 1768 MpFilter - ok
15:58:29.0828 1768 MpKslb64fdd7d (5f53edfead46fa7adb78eee9ecce8fdf) c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{D28B6866-7D4B-4535-92ED-855B702674B6}\MpKslb64fdd7d.sys
15:58:29.0828 1768 MpKslb64fdd7d - ok
15:58:29.0875 1768 mraid35x - ok
15:58:29.0921 1768 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:58:29.0921 1768 MRxDAV - ok
15:58:29.0984 1768 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:58:30.0000 1768 MRxSmb - ok
15:58:30.0031 1768 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:58:30.0031 1768 Msfs - ok
15:58:30.0093 1768 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:58:30.0093 1768 MSKSSRV - ok
15:58:30.0140 1768 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:58:30.0140 1768 MSPCLOCK - ok
15:58:30.0171 1768 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:58:30.0171 1768 MSPQM - ok
15:58:30.0218 1768 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:58:30.0218 1768 mssmbios - ok
15:58:30.0281 1768 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:58:30.0281 1768 Mup - ok
15:58:30.0343 1768 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:58:30.0359 1768 NDIS - ok
15:58:30.0406 1768 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:58:30.0406 1768 NdisTapi - ok
15:58:30.0453 1768 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:58:30.0453 1768 Ndisuio - ok
15:58:30.0500 1768 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:58:30.0500 1768 NdisWan - ok
15:58:30.0546 1768 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:58:30.0546 1768 NDProxy - ok
15:58:30.0578 1768 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:58:30.0578 1768 NetBIOS - ok
15:58:30.0625 1768 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:58:30.0625 1768 NetBT - ok
15:58:30.0703 1768 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:58:30.0703 1768 Npfs - ok
15:58:30.0781 1768 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:58:30.0781 1768 Ntfs - ok
15:58:30.0828 1768 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:58:30.0828 1768 Null - ok
15:58:31.0156 1768 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:58:31.0265 1768 nv - ok
15:58:31.0328 1768 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:58:31.0328 1768 NwlnkFlt - ok
15:58:31.0375 1768 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:58:31.0375 1768 NwlnkFwd - ok
15:58:31.0437 1768 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
15:58:31.0437 1768 Parport - ok
15:58:31.0468 1768 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:58:31.0468 1768 PartMgr - ok
15:58:31.0515 1768 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
15:58:31.0515 1768 ParVdm - ok
15:58:31.0546 1768 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
15:58:31.0546 1768 PCI - ok
15:58:31.0578 1768 PCIDump - ok
15:58:31.0640 1768 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:58:31.0640 1768 PCIIde - ok
15:58:31.0687 1768 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:58:31.0687 1768 Pcmcia - ok
15:58:31.0734 1768 PDCOMP - ok
15:58:31.0765 1768 PDFRAME - ok
15:58:31.0796 1768 PDRELI - ok
15:58:31.0828 1768 PDRFRAME - ok
15:58:31.0875 1768 perc2 - ok
15:58:31.0890 1768 perc2hib - ok
15:58:32.0000 1768 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:58:32.0000 1768 PptpMiniport - ok
15:58:32.0046 1768 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:58:32.0046 1768 PSched - ok
15:58:32.0093 1768 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:58:32.0093 1768 Ptilink - ok
15:58:32.0156 1768 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:58:32.0156 1768 PxHelp20 - ok
15:58:32.0187 1768 ql1080 - ok
15:58:32.0218 1768 Ql10wnt - ok
15:58:32.0250 1768 ql12160 - ok
15:58:32.0281 1768 ql1240 - ok
15:58:32.0328 1768 ql1280 - ok
15:58:32.0375 1768 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:58:32.0375 1768 RasAcd - ok
15:58:32.0437 1768 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:58:32.0437 1768 Rasl2tp - ok
15:58:32.0468 1768 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:58:32.0468 1768 RasPppoe - ok
15:58:32.0500 1768 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:58:32.0500 1768 Raspti - ok
15:58:32.0562 1768 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:58:32.0562 1768 Rdbss - ok
15:58:32.0593 1768 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:58:32.0593 1768 RDPCDD - ok
15:58:32.0687 1768 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
15:58:32.0687 1768 RDPWD - ok
15:58:32.0750 1768 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:58:32.0750 1768 redbook - ok
15:58:32.0890 1768 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:58:32.0890 1768 Secdrv - ok
15:58:32.0968 1768 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:58:32.0968 1768 serenum - ok
15:58:33.0000 1768 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
15:58:33.0000 1768 Serial - ok
15:58:33.0109 1768 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:58:33.0109 1768 Sfloppy - ok
15:58:33.0156 1768 Simbad - ok
15:58:33.0218 1768 SISAGP (1630fbdbcb0cf3a60c02b6f140bab98b) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
15:58:33.0218 1768 SISAGP - ok
15:58:33.0250 1768 SISNIC (8204c49cde112f7b9c2f15707fe2cc5a) C:\WINDOWS\system32\DRIVERS\sisnic.sys
15:58:33.0265 1768 SISNIC - ok
15:58:33.0312 1768 SLEE_14_DRIVER (c6e1c173e703666e80e6bf138319b501) C:\WINDOWS\system32\drivers\Sleen14.sys
15:58:33.0312 1768 SLEE_14_DRIVER - ok
15:58:33.0343 1768 Sparrow - ok
15:58:33.0406 1768 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:58:33.0406 1768 splitter - ok
15:58:33.0453 1768 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
15:58:33.0468 1768 sr - ok
15:58:33.0515 1768 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:58:33.0515 1768 Srv - ok
15:58:33.0562 1768 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:58:33.0562 1768 swenum - ok
15:58:33.0609 1768 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:58:33.0609 1768 swmidi - ok
15:58:33.0671 1768 symc810 - ok
15:58:33.0703 1768 symc8xx - ok
15:58:33.0718 1768 sym_hi - ok
15:58:33.0750 1768 sym_u3 - ok
15:58:33.0796 1768 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:58:33.0796 1768 sysaudio - ok
15:58:33.0890 1768 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:58:33.0890 1768 Tcpip - ok
15:58:33.0937 1768 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:58:33.0937 1768 TDPIPE - ok
15:58:33.0984 1768 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:58:33.0984 1768 TDTCP - ok
15:58:34.0031 1768 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:58:34.0031 1768 TermDD - ok
15:58:34.0093 1768 TosIde - ok
15:58:34.0156 1768 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:58:34.0171 1768 Udfs - ok
15:58:34.0203 1768 ultra - ok
15:58:34.0281 1768 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:58:34.0281 1768 Update - ok
15:58:34.0375 1768 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:58:34.0375 1768 usbccgp - ok
15:58:34.0406 1768 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:58:34.0406 1768 usbehci - ok
15:58:34.0484 1768 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:58:34.0484 1768 usbhub - ok
15:58:34.0500 1768 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:58:34.0515 1768 usbohci - ok
15:58:34.0562 1768 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:58:34.0578 1768 usbprint - ok
15:58:34.0625 1768 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:58:34.0625 1768 usbscan - ok
15:58:34.0687 1768 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:58:34.0687 1768 USBSTOR - ok
15:58:34.0750 1768 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:58:34.0750 1768 VgaSave - ok
15:58:34.0781 1768 ViaIde - ok
15:58:34.0828 1768 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
15:58:34.0828 1768 VolSnap - ok
15:58:34.0890 1768 w32n5223 - ok
15:58:34.0968 1768 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:58:34.0968 1768 Wanarp - ok
15:58:35.0046 1768 wceusbsh (dc7f91b2ed24a738c807ea07f298928c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
15:58:35.0046 1768 wceusbsh - ok
15:58:35.0093 1768 WDICA - ok
15:58:35.0156 1768 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:58:35.0156 1768 wdmaud - ok
15:58:35.0375 1768 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:58:35.0375 1768 WudfPf - ok
15:58:35.0421 1768 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:58:35.0437 1768 WudfRd - ok
15:58:35.0484 1768 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
15:58:35.0578 1768 \Device\Harddisk0\DR0 - ok
15:58:35.0593 1768 Boot (0x1200) (f83ebcabe2236626d6e93a067488e559) \Device\Harddisk0\DR0\Partition0
15:58:35.0593 1768 \Device\Harddisk0\DR0\Partition0 - ok
15:58:35.0625 1768 Boot (0x1200) (82d7f2678b880d34a89283a34e59f989) \Device\Harddisk0\DR0\Partition1
15:58:35.0625 1768 \Device\Harddisk0\DR0\Partition1 - ok
15:58:35.0656 1768 Boot (0x1200) (db6435b8a74a3c88c3d211893509803a) \Device\Harddisk0\DR0\Partition2
15:58:35.0656 1768 \Device\Harddisk0\DR0\Partition2 - ok
15:58:35.0656 1768 ============================================================
15:58:35.0656 1768 Scan finished
15:58:35.0656 1768 ============================================================
15:58:35.0687 1524 Detected object count: 0
15:58:35.0687 1524 Actual detected object count: 0
16:00:41.0875 1800 ============================================================
16:00:41.0875 1800 Scan started
16:00:41.0875 1800 Mode: Manual;
16:00:41.0875 1800 ============================================================
16:00:42.0281 1800 Abiosdsk - ok
16:00:42.0343 1800 abp480n5 - ok
16:00:42.0406 1800 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:00:42.0406 1800 ACPI - ok
16:00:42.0453 1800 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:00:42.0453 1800 ACPIEC - ok
16:00:42.0500 1800 adpu160m - ok
16:00:42.0562 1800 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:00:42.0562 1800 aec - ok
16:00:42.0625 1800 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
16:00:42.0625 1800 AFD - ok
16:00:42.0656 1800 Aha154x - ok
16:00:42.0687 1800 aic78u2 - ok
16:00:42.0718 1800 aic78xx - ok
16:00:42.0781 1800 AliIde - ok
16:00:42.0828 1800 AmdK7 (3a0dafac778236559c14c7203fb550eb) C:\WINDOWS\system32\DRIVERS\amdk7.sys
16:00:42.0843 1800 AmdK7 - ok
16:00:42.0859 1800 amsint - ok
16:00:42.0906 1800 asc - ok
16:00:42.0953 1800 asc3350p - ok
16:00:42.0984 1800 asc3550 - ok
16:00:43.0078 1800 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:00:43.0078 1800 AsyncMac - ok
16:00:43.0156 1800 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:00:43.0156 1800 atapi - ok
16:00:43.0171 1800 Atdisk - ok
16:00:43.0234 1800 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:00:43.0250 1800 Atmarpc - ok
16:00:43.0312 1800 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:00:43.0312 1800 audstub - ok
16:00:43.0375 1800 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:00:43.0375 1800 Beep - ok
16:00:43.0437 1800 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:00:43.0437 1800 cbidf2k - ok
16:00:43.0468 1800 cd20xrnt - ok
16:00:43.0515 1800 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:00:43.0515 1800 Cdaudio - ok
16:00:43.0562 1800 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:00:43.0562 1800 Cdfs - ok
16:00:43.0593 1800 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:00:43.0593 1800 Cdrom - ok
16:00:43.0625 1800 Changer - ok
16:00:43.0687 1800 CmdIde - ok
16:00:43.0781 1800 cmuda (c9acb382326b55748b2fc38b8a6a0759) C:\WINDOWS\system32\drivers\cmuda.sys
16:00:43.0781 1800 cmuda - ok
16:00:43.0843 1800 Cpqarray - ok
16:00:43.0875 1800 dac2w2k - ok
16:00:43.0921 1800 dac960nt - ok
16:00:43.0968 1800 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:00:43.0968 1800 Disk - ok
16:00:44.0062 1800 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
16:00:44.0062 1800 dmboot - ok
16:00:44.0109 1800 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
16:00:44.0109 1800 dmio - ok
16:00:44.0140 1800 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:00:44.0140 1800 dmload - ok
16:00:44.0203 1800 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:00:44.0203 1800 DMusic - ok
16:00:44.0250 1800 dpti2o - ok
16:00:44.0312 1800 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:00:44.0312 1800 drmkaud - ok
16:00:44.0343 1800 DT154_A02 - ok
16:00:44.0453 1800 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:00:44.0468 1800 Fastfat - ok
16:00:44.0546 1800 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:00:44.0546 1800 Fdc - ok
16:00:44.0578 1800 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
16:00:44.0578 1800 Fips - ok
16:00:44.0609 1800 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
16:00:44.0609 1800 Flpydisk - ok
16:00:44.0687 1800 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:00:44.0687 1800 FltMgr - ok
16:00:44.0750 1800 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:00:44.0750 1800 Fs_Rec - ok
16:00:44.0781 1800 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:00:44.0781 1800 Ftdisk - ok
16:00:44.0812 1800 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
16:00:44.0812 1800 gagp30kx - ok
16:00:44.0859 1800 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
16:00:44.0859 1800 gameenum - ok
16:00:44.0890 1800 GEARAspiWDM - ok
16:00:44.0937 1800 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:00:44.0937 1800 Gpc - ok
16:00:45.0046 1800 hidgame (923ee4eef2582909a056904ca8026015) C:\WINDOWS\system32\DRIVERS\hidgame.sys
16:00:45.0046 1800 hidgame - ok
16:00:45.0093 1800 hpn - ok
16:00:45.0156 1800 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
16:00:45.0156 1800 HPZid412 - ok
16:00:45.0187 1800 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
16:00:45.0187 1800 HPZipr12 - ok
16:00:45.0250 1800 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
16:00:45.0250 1800 HPZius12 - ok
16:00:45.0343 1800 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:00:45.0343 1800 HTTP - ok
16:00:45.0375 1800 i2omgmt - ok
16:00:45.0406 1800 i2omp - ok
16:00:45.0515 1800 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:00:45.0515 1800 i8042prt - ok
16:00:45.0562 1800 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:00:45.0562 1800 Imapi - ok
16:00:45.0625 1800 ini910u - ok
16:00:45.0656 1800 IntelIde - ok
16:00:45.0734 1800 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:00:45.0734 1800 Ip6Fw - ok
16:00:45.0781 1800 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:00:45.0781 1800 IpFilterDriver - ok
16:00:45.0828 1800 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:00:45.0828 1800 IpInIp - ok
16:00:45.0875 1800 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:00:45.0875 1800 IpNat - ok
16:00:45.0921 1800 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:00:45.0921 1800 IPSec - ok
16:00:45.0968 1800 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:00:45.0968 1800 IRENUM - ok
16:00:46.0031 1800 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:00:46.0031 1800 isapnp - ok
16:00:46.0125 1800 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:00:46.0125 1800 Kbdclass - ok
16:00:46.0187 1800 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:00:46.0187 1800 kmixer - ok
16:00:46.0234 1800 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:00:46.0234 1800 KSecDD - ok
16:00:46.0312 1800 lbrtfdc - ok
16:00:46.0437 1800 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:00:46.0437 1800 mnmdd - ok
16:00:46.0484 1800 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
16:00:46.0484 1800 Modem - ok
16:00:46.0515 1800 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:00:46.0531 1800 Mouclass - ok
16:00:46.0578 1800 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:00:46.0578 1800 MountMgr - ok
16:00:46.0640 1800 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
16:00:46.0640 1800 MpFilter - ok
16:00:46.0750 1800 MpKslb64fdd7d (5f53edfead46fa7adb78eee9ecce8fdf) c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{D28B6866-7D4B-4535-92ED-855B702674B6}\MpKslb64fdd7d.sys
16:00:46.0750 1800 MpKslb64fdd7d - ok
16:00:46.0781 1800 mraid35x - ok
16:00:46.0828 1800 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:00:46.0828 1800 MRxDAV - ok
16:00:46.0906 1800 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:00:46.0906 1800 MRxSmb - ok
16:00:46.0953 1800 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:00:46.0953 1800 Msfs - ok
16:00:47.0000 1800 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:00:47.0000 1800 MSKSSRV - ok
16:00:47.0062 1800 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:00:47.0062 1800 MSPCLOCK - ok
16:00:47.0125 1800 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:00:47.0125 1800 MSPQM - ok
16:00:47.0171 1800 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:00:47.0171 1800 mssmbios - ok
16:00:47.0234 1800 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:00:47.0234 1800 Mup - ok
16:00:47.0296 1800 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:00:47.0296 1800 NDIS - ok
16:00:47.0359 1800 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:00:47.0359 1800 NdisTapi - ok
16:00:47.0390 1800 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:00:47.0390 1800 Ndisuio - ok
16:00:47.0437 1800 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:00:47.0437 1800 NdisWan - ok
16:00:47.0484 1800 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:00:47.0484 1800 NDProxy - ok
16:00:47.0515 1800 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:00:47.0515 1800 NetBIOS - ok
16:00:47.0562 1800 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:00:47.0562 1800 NetBT - ok
16:00:47.0609 1800 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:00:47.0609 1800 Npfs - ok
16:00:47.0656 1800 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:00:47.0656 1800 Ntfs - ok
16:00:47.0718 1800 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:00:47.0718 1800 Null - ok
16:00:48.0062 1800 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:00:48.0203 1800 nv - ok
16:00:48.0250 1800 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:00:48.0250 1800 NwlnkFlt - ok
16:00:48.0281 1800 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:00:48.0281 1800 NwlnkFwd - ok
16:00:48.0343 1800 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
16:00:48.0343 1800 Parport - ok
16:00:48.0406 1800 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:00:48.0406 1800 PartMgr - ok
16:00:48.0437 1800 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
16:00:48.0437 1800 ParVdm - ok
16:00:48.0500 1800 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
16:00:48.0500 1800 PCI - ok
16:00:48.0531 1800 PCIDump - ok
16:00:48.0593 1800 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:00:48.0593 1800 PCIIde - ok
16:00:48.0656 1800 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:00:48.0656 1800 Pcmcia - ok
16:00:48.0671 1800 PDCOMP - ok
16:00:48.0703 1800 PDFRAME - ok
16:00:48.0734 1800 PDRELI - ok
16:00:48.0765 1800 PDRFRAME - ok
16:00:48.0796 1800 perc2 - ok
16:00:48.0843 1800 perc2hib - ok
16:00:48.0953 1800 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:00:48.0953 1800 PptpMiniport - ok
16:00:48.0984 1800 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:00:48.0984 1800 PSched - ok
16:00:49.0015 1800 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:00:49.0015 1800 Ptilink - ok
16:00:49.0156 1800 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:00:49.0156 1800 PxHelp20 - ok
16:00:49.0218 1800 ql1080 - ok
16:00:49.0265 1800 Ql10wnt - ok
16:00:49.0281 1800 ql12160 - ok
16:00:49.0296 1800 ql1240 - ok
16:00:49.0328 1800 ql1280 - ok
16:00:49.0375 1800 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:00:49.0375 1800 RasAcd - ok
16:00:49.0437 1800 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:00:49.0437 1800 Rasl2tp - ok
16:00:49.0468 1800 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:00:49.0468 1800 RasPppoe - ok
16:00:49.0500 1800 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:00:49.0500 1800 Raspti - ok
16:00:49.0562 1800 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:00:49.0562 1800 Rdbss - ok
16:00:49.0625 1800 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:00:49.0625 1800 RDPCDD - ok
16:00:49.0703 1800 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:00:49.0718 1800 RDPWD - ok
16:00:49.0796 1800 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:00:49.0796 1800 redbook - ok
16:00:49.0906 1800 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:00:49.0906 1800 Secdrv - ok
16:00:49.0953 1800 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:00:49.0953 1800 serenum - ok
16:00:50.0000 1800 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
16:00:50.0000 1800 Serial - ok
16:00:50.0062 1800 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:00:50.0062 1800 Sfloppy - ok
16:00:50.0125 1800 Simbad - ok
16:00:50.0187 1800 SISAGP (1630fbdbcb0cf3a60c02b6f140bab98b) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
16:00:50.0187 1800 SISAGP - ok
16:00:50.0234 1800 SISNIC (8204c49cde112f7b9c2f15707fe2cc5a) C:\WINDOWS\system32\DRIVERS\sisnic.sys
16:00:50.0234 1800 SISNIC - ok
16:00:50.0296 1800 SLEE_14_DRIVER (c6e1c173e703666e80e6bf138319b501) C:\WINDOWS\system32\drivers\Sleen14.sys
16:00:50.0296 1800 SLEE_14_DRIVER - ok
16:00:50.0343 1800 Sparrow - ok
16:00:50.0390 1800 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:00:50.0390 1800 splitter - ok
16:00:50.0437 1800 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
16:00:50.0437 1800 sr - ok
16:00:50.0515 1800 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:00:50.0531 1800 Srv - ok
16:00:50.0578 1800 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:00:50.0578 1800 swenum - ok
16:00:50.0609 1800 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:00:50.0609 1800 swmidi - ok
16:00:50.0656 1800 symc810 - ok
16:00:50.0734 1800 symc8xx - ok
16:00:50.0781 1800 sym_hi - ok
16:00:50.0812 1800 sym_u3 - ok
16:00:50.0859 1800 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:00:50.0859 1800 sysaudio - ok
16:00:50.0953 1800 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:00:50.0968 1800 Tcpip - ok
16:00:51.0015 1800 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:00:51.0015 1800 TDPIPE - ok
16:00:51.0078 1800 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:00:51.0078 1800 TDTCP - ok
16:00:51.0125 1800 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:00:51.0125 1800 TermDD - ok
16:00:51.0171 1800 TosIde - ok
16:00:51.0250 1800 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:00:51.0250 1800 Udfs - ok
16:00:51.0296 1800 ultra - ok
16:00:51.0421 1800 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:00:51.0421 1800 Update - ok
16:00:51.0531 1800 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:00:51.0562 1800 usbccgp - ok
16:00:51.0656 1800 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:00:51.0656 1800 usbehci - ok
16:00:51.0734 1800 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:00:51.0734 1800 usbhub - ok
16:00:51.0843 1800 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:00:51.0843 1800 usbohci - ok
16:00:51.0906 1800 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:00:51.0906 1800 usbprint - ok
16:00:51.0968 1800 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:00:51.0968 1800 usbscan - ok
16:00:52.0046 1800 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:00:52.0046 1800 USBSTOR - ok
16:00:52.0093 1800 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:00:52.0093 1800 VgaSave - ok
16:00:52.0125 1800 ViaIde - ok
16:00:52.0203 1800 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
16:00:52.0203 1800 VolSnap - ok
16:00:52.0265 1800 w32n5223 - ok
16:00:52.0390 1800 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:00:52.0390 1800 Wanarp - ok
16:00:52.0484 1800 wceusbsh (dc7f91b2ed24a738c807ea07f298928c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
16:00:52.0484 1800 wceusbsh - ok
16:00:52.0546 1800 WDICA - ok
16:00:52.0609 1800 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:00:52.0625 1800 wdmaud - ok
16:00:52.0890 1800 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:00:52.0890 1800 WudfPf - ok
16:00:52.0921 1800 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:00:52.0921 1800 WudfRd - ok
16:00:53.0015 1800 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
16:00:53.0140 1800 \Device\Harddisk0\DR0 - ok
16:00:53.0171 1800 Boot (0x1200) (f83ebcabe2236626d6e93a067488e559) \Device\Harddisk0\DR0\Partition0
16:00:53.0171 1800 \Device\Harddisk0\DR0\Partition0 - ok
16:00:53.0203 1800 Boot (0x1200) (82d7f2678b880d34a89283a34e59f989) \Device\Harddisk0\DR0\Partition1
16:00:53.0203 1800 \Device\Harddisk0\DR0\Partition1 - ok
16:00:53.0234 1800 Boot (0x1200) (db6435b8a74a3c88c3d211893509803a) \Device\Harddisk0\DR0\Partition2
16:00:53.0234 1800 \Device\Harddisk0\DR0\Partition2 - ok
16:00:53.0234 1800 ============================================================
16:00:53.0234 1800 Scan finished
16:00:53.0234 1800 ============================================================
16:00:53.0265 3384 Detected object count: 0
16:00:53.0265 3384 Actual detected object count: 0
16:00:56.0000 1128 ============================================================
16:00:56.0000 1128 Scan started
16:00:56.0000 1128 Mode: Manual;
16:00:56.0000 1128 ============================================================
16:00:57.0140 1128 Abiosdsk - ok
16:00:57.0171 1128 abp480n5 - ok
16:00:57.0250 1128 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:00:57.0265 1128 ACPI - ok
16:00:57.0609 1128 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:00:57.0609 1128 ACPIEC - ok
16:00:57.0671 1128 adpu160m - ok
16:00:57.0734 1128 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:00:57.0734 1128 aec - ok
16:00:57.0812 1128 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
16:00:57.0812 1128 AFD - ok
16:00:57.0828 1128 Aha154x - ok
16:00:57.0859 1128 aic78u2 - ok
16:00:57.0890 1128 aic78xx - ok
16:00:57.0953 1128 AliIde - ok
16:00:58.0015 1128 AmdK7 (3a0dafac778236559c14c7203fb550eb) C:\WINDOWS\system32\DRIVERS\amdk7.sys
16:00:58.0015 1128 AmdK7 - ok
16:00:58.0046 1128 amsint - ok
16:00:58.0109 1128 asc - ok
16:00:58.0140 1128 asc3350p - ok
16:00:58.0171 1128 asc3550 - ok
16:00:58.0250 1128 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:00:58.0250 1128 AsyncMac - ok
16:00:58.0312 1128 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:00:58.0312 1128 atapi - ok
16:00:58.0343 1128 Atdisk - ok
16:00:58.0390 1128 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:00:58.0406 1128 Atmarpc - ok
16:00:58.0468 1128 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:00:58.0468 1128 audstub - ok
16:00:58.0500 1128 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:00:58.0500 1128 Beep - ok
16:00:58.0562 1128 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:00:58.0562 1128 cbidf2k - ok
16:00:58.0625 1128 cd20xrnt - ok
16:00:58.0656 1128 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:00:58.0656 1128 Cdaudio - ok
16:00:58.0687 1128 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:00:58.0687 1128 Cdfs - ok
16:00:58.0734 1128 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:00:58.0734 1128 Cdrom - ok
16:00:58.0781 1128 Changer - ok
16:00:58.0843 1128 CmdIde - ok
16:00:58.0921 1128 cmuda (c9acb382326b55748b2fc38b8a6a0759) C:\WINDOWS\system32\drivers\cmuda.sys
16:00:58.0921 1128 cmuda - ok
16:00:58.0984 1128 Cpqarray - ok
16:00:59.0031 1128 dac2w2k - ok
16:00:59.0062 1128 dac960nt - ok
16:00:59.0125 1128 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:00:59.0125 1128 Disk - ok
16:00:59.0218 1128 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
16:00:59.0234 1128 dmboot - ok
16:00:59.0265 1128 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
16:00:59.0265 1128 dmio - ok
16:00:59.0281 1128 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:00:59.0296 1128 dmload - ok
16:00:59.0343 1128 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:00:59.0343 1128 DMusic - ok
16:00:59.0390 1128 dpti2o - ok
16:00:59.0437 1128 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:00:59.0437 1128 drmkaud - ok
16:00:59.0468 1128 DT154_A02 - ok
16:00:59.0562 1128 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:00:59.0562 1128 Fastfat - ok
16:00:59.0625 1128 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:00:59.0625 1128 Fdc - ok
16:00:59.0656 1128 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
16:00:59.0656 1128 Fips - ok
16:00:59.0703 1128 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
16:00:59.0703 1128 Flpydisk - ok
16:00:59.0781 1128 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:00:59.0781 1128 FltMgr - ok
16:00:59.0812 1128 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:00:59.0812 1128 Fs_Rec - ok
16:00:59.0875 1128 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:00:59.0875 1128 Ftdisk - ok
16:00:59.0906 1128 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
16:00:59.0906 1128 gagp30kx - ok
16:00:59.0953 1128 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
16:00:59.0953 1128 gameenum - ok
16:00:59.0984 1128 GEARAspiWDM - ok
16:01:00.0062 1128 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:01:00.0062 1128 Gpc - ok
16:01:00.0156 1128 hidgame (923ee4eef2582909a056904ca8026015) C:\WINDOWS\system32\DRIVERS\hidgame.sys
16:01:00.0156 1128 hidgame - ok
16:01:00.0203 1128 hpn - ok
16:01:00.0265 1128 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
16:01:00.0265 1128 HPZid412 - ok
16:01:00.0312 1128 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
16:01:00.0312 1128 HPZipr12 - ok
16:01:00.0390 1128 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
16:01:00.0390 1128 HPZius12 - ok
16:01:00.0468 1128 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:01:00.0468 1128 HTTP - ok
16:01:00.0500 1128 i2omgmt - ok
16:01:00.0531 1128 i2omp - ok
16:01:00.0578 1128 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:01:00.0578 1128 i8042prt - ok
16:01:00.0625 1128 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:01:00.0625 1128 Imapi - ok
16:01:00.0671 1128 ini910u - ok
16:01:00.0718 1128 IntelIde - ok
16:01:00.0781 1128 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:01:00.0781 1128 Ip6Fw - ok
16:01:00.0828 1128 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:01:00.0828 1128 IpFilterDriver - ok
16:01:00.0859 1128 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:01:00.0859 1128 IpInIp - ok
16:01:00.0906 1128 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:01:00.0906 1128 IpNat - ok
16:01:01.0000 1128 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:01:01.0000 1128 IPSec - ok
16:01:01.0046 1128 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:01:01.0046 1128 IRENUM - ok
16:01:01.0093 1128 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:01:01.0093 1128 isapnp - ok
16:01:01.0171 1128 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:01:01.0171 1128 Kbdclass - ok
16:01:01.0234 1128 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:01:01.0234 1128 kmixer - ok
16:01:01.0281 1128 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:01:01.0281 1128 KSecDD - ok
16:01:01.0312 1128 lbrtfdc - ok
16:01:01.0437 1128 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:01:01.0437 1128 mnmdd - ok
16:01:01.0500 1128 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
16:01:01.0500 1128 Modem - ok
16:01:01.0531 1128 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:01:01.0531 1128 Mouclass - ok
16:01:01.0562 1128 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:01:01.0562 1128 MountMgr - ok
16:01:01.0640 1128 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
16:01:01.0640 1128 MpFilter - ok
16:01:01.0718 1128 MpKslb64fdd7d (5f53edfead46fa7adb78eee9ecce8fdf) c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{D28B6866-7D4B-4535-92ED-855B702674B6}\MpKslb64fdd7d.sys
16:01:01.0718 1128 MpKslb64fdd7d - ok
16:01:01.0750 1128 mraid35x - ok
16:01:01.0796 1128 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:01:01.0812 1128 MRxDAV - ok
16:01:01.0859 1128 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:01:01.0859 1128 MRxSmb - ok
16:01:01.0921 1128 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:01:01.0921 1128 Msfs - ok
16:01:01.0984 1128 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:01:01.0984 1128 MSKSSRV - ok
16:01:02.0015 1128 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:01:02.0015 1128 MSPCLOCK - ok
16:01:02.0046 1128 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:01:02.0046 1128 MSPQM - ok
16:01:02.0109 1128 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:01:02.0109 1128 mssmbios - ok
16:01:02.0171 1128 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:01:02.0187 1128 Mup - ok
16:01:02.0234 1128 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:01:02.0234 1128 NDIS - ok
16:01:02.0296 1128 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:01:02.0312 1128 NdisTapi - ok
16:01:02.0375 1128 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:01:02.0375 1128 Ndisuio - ok
16:01:02.0406 1128 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:01:02.0406 1128 NdisWan - ok
16:01:02.0453 1128 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:01:02.0453 1128 NDProxy - ok
16:01:02.0515 1128 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:01:02.0515 1128 NetBIOS - ok
16:01:02.0562 1128 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:01:02.0562 1128 NetBT - ok
16:01:02.0640 1128 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:01:02.0656 1128 Npfs - ok
16:01:02.0703 1128 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:01:02.0703 1128 Ntfs - ok
16:01:02.0750 1128 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:01:02.0750 1128 Null - ok
16:01:03.0078 1128 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:01:03.0187 1128 nv - ok
16:01:03.0265 1128 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:01:03.0265 1128 NwlnkFlt - ok
16:01:03.0296 1128 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:01:03.0296 1128 NwlnkFwd - ok
16:01:03.0343 1128 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
16:01:03.0359 1128 Parport - ok
16:01:03.0390 1128 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:01:03.0390 1128 PartMgr - ok
16:01:03.0437 1128 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
16:01:03.0437 1128 ParVdm - ok
16:01:03.0484 1128 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
16:01:03.0484 1128 PCI - ok
16:01:03.0531 1128 PCIDump - ok
16:01:03.0578 1128 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:01:03.0593 1128 PCIIde - ok
16:01:03.0640 1128 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:01:03.0640 1128 Pcmcia - ok
16:01:03.0671 1128 PDCOMP - ok
16:01:03.0718 1128 PDFRAME - ok
16:01:03.0765 1128 PDRELI - ok
16:01:03.0796 1128 PDRFRAME - ok
16:01:03.0843 1128 perc2 - ok
16:01:03.0890 1128 perc2hib - ok
16:01:04.0000 1128 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:01:04.0000 1128 PptpMiniport - ok
16:01:04.0046 1128 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:01:04.0046 1128 PSched - ok
16:01:04.0078 1128 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:01:04.0078 1128 Ptilink - ok
16:01:04.0140 1128 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:01:04.0140 1128 PxHelp20 - ok
16:01:04.0171 1128 ql1080 - ok
16:01:04.0203 1128 Ql10wnt - ok
16:01:04.0250 1128 ql12160 - ok
16:01:04.0281 1128 ql1240 - ok
16:01:04.0312 1128 ql1280 - ok
16:01:04.0343 1128 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:01:04.0343 1128 RasAcd - ok
16:01:04.0421 1128 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:01:04.0421 1128 Rasl2tp - ok
16:01:04.0453 1128 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:01:04.0453 1128 RasPppoe - ok
16:01:04.0484 1128 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:01:04.0484 1128 Raspti - ok
16:01:04.0546 1128 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:01:04.0546 1128 Rdbss - ok
16:01:04.0578 1128 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:01:04.0578 1128 RDPCDD - ok
16:01:04.0656 1128 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:01:04.0656 1128 RDPWD - ok
16:01:04.0718 1128 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:01:04.0718 1128 redbook - ok
16:01:04.0828 1128 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:01:04.0828 1128 Secdrv - ok
16:01:04.0890 1128 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:01:04.0890 1128 serenum - ok
16:01:04.0921 1128 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
16:01:04.0921 1128 Serial - ok
16:01:04.0984 1128 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:01:04.0984 1128 Sfloppy - ok
16:01:05.0015 1128 Simbad - ok
16:01:05.0078 1128 SISAGP (1630fbdbcb0cf3a60c02b6f140bab98b) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
16:01:05.0078 1128 SISAGP - ok
16:01:05.0125 1128 SISNIC (8204c49cde112f7b9c2f15707fe2cc5a) C:\WINDOWS\system32\DRIVERS\sisnic.sys
16:01:05.0125 1128 SISNIC - ok
16:01:05.0171 1128 SLEE_14_DRIVER (c6e1c173e703666e80e6bf138319b501) C:\WINDOWS\system32\drivers\Sleen14.sys
16:01:05.0171 1128 SLEE_14_DRIVER - ok
16:01:05.0218 1128 Sparrow - ok
16:01:05.0265 1128 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:01:05.0265 1128 splitter - ok
16:01:05.0312 1128 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
16:01:05.0312 1128 sr - ok
16:01:05.0359 1128 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:01:05.0375 1128 Srv - ok
16:01:05.0437 1128 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:01:05.0437 1128 swenum - ok
16:01:05.0468 1128 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:01:05.0468 1128 swmidi - ok
16:01:05.0515 1128 symc810 - ok
16:01:05.0562 1128 symc8xx - ok
16:01:05.0593 1128 sym_hi - ok
16:01:05.0640 1128 sym_u3 - ok
16:01:05.0687 1128 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:01:05.0687 1128 sysaudio - ok
16:01:05.0781 1128 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:01:05.0781 1128 Tcpip - ok
16:01:05.0828 1128 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:01:05.0828 1128 TDPIPE - ok
16:01:05.0859 1128 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:01:05.0859 1128 TDTCP - ok
16:01:05.0890 1128 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:01:05.0890 1128 TermDD - ok
16:01:05.0937 1128 TosIde - ok
16:01:06.0015 1128 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:01:06.0015 1128 Udfs - ok
16:01:06.0062 1128 ultra - ok
16:01:06.0125 1128 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:01:06.0125 1128 Update - ok
16:01:06.0218 1128 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:01:06.0218 1128 usbccgp - ok
16:01:06.0265 1128 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:01:06.0265 1128 usbehci - ok
16:01:06.0312 1128 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:01:06.0312 1128 usbhub - ok
16:01:06.0359 1128 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:01:06.0359 1128 usbohci - ok
16:01:06.0406 1128 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:01:06.0406 1128 usbprint - ok
16:01:06.0484 1128 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:01:06.0484 1128 usbscan - ok
16:01:06.0546 1128 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:01:06.0546 1128 USBSTOR - ok
16:01:06.0609 1128 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:01:06.0609 1128 VgaSave - ok
16:01:06.0640 1128 ViaIde - ok
16:01:06.0687 1128 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
16:01:06.0687 1128 VolSnap - ok
16:01:06.0765 1128 w32n5223 - ok
16:01:06.0843 1128 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:01:06.0843 1128 Wanarp - ok
16:01:06.0906 1128 wceusbsh (dc7f91b2ed24a738c807ea07f298928c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
16:01:06.0921 1128 wceusbsh - ok
16:01:06.0953 1128 WDICA - ok
16:01:07.0000 1128 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:01:07.0000 1128 wdmaud - ok
16:01:07.0187 1128 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:01:07.0187 1128 WudfPf - ok
16:01:07.0218 1128 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:01:07.0218 1128 WudfRd - ok
16:01:07.0296 1128 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
16:01:07.0390 1128 \Device\Harddisk0\DR0 - ok
16:01:07.0406 1128 Boot (0x1200) (f83ebcabe2236626d6e93a067488e559) \Device\Harddisk0\DR0\Partition0
16:01:07.0406 1128 \Device\Harddisk0\DR0\Partition0 - ok
16:01:07.0437 1128 Boot (0x1200) (82d7f2678b880d34a89283a34e59f989) \Device\Harddisk0\DR0\Partition1
16:01:07.0437 1128 \Device\Harddisk0\DR0\Partition1 - ok
16:01:07.0468 1128 Boot (0x1200) (db6435b8a74a3c88c3d211893509803a) \Device\Harddisk0\DR0\Partition2
16:01:07.0468 1128 \Device\Harddisk0\DR0\Partition2 - ok
16:01:07.0468 1128 ============================================================
16:01:07.0468 1128 Scan finished
16:01:07.0468 1128 ============================================================
16:01:07.0500 3532 Detected object count: 0
16:01:07.0500 3532 Actual detected object count: 0

cosinus · 27.09.2011, 15:13

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Elfaron · 27.09.2011, 17:55

Hier das Log von ComboFix:

Combofix Logfile:

Code:

ATTFilter

ComboFix 11-09-27.01 - Jan 27.09.2011  18:47:00.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1023.634 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Jan\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Ines\WINDOWS
c:\dokumente und einstellungen\Jan\Desktop\Internet Explorer.lnk
c:\windows\IsUn0407.exe
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-08-27 bis 2011-09-27  ))))))))))))))))))))))))))))))
.
.
2011-09-27 16:34 . 2011-09-27 16:34	28752	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{D28B6866-7D4B-4535-92ED-855B702674B6}\MpKsl9059308e.sys
2011-09-27 16:33 . 2011-09-27 16:33	56200	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{D28B6866-7D4B-4535-92ED-855B702674B6}\offreg.dll
2011-09-27 12:55 . 2011-09-12 23:14	7269712	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{D28B6866-7D4B-4535-92ED-855B702674B6}\mpengine.dll
2011-09-27 12:51 . 2011-09-27 12:51	--------	dc----w-	C:\_OTL
2011-09-26 14:48 . 2011-09-26 14:48	41272	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-22 17:08 . 2011-09-22 17:08	--------	d-----w-	c:\dokumente und einstellungen\Jürgen\Anwendungsdaten\Malwarebytes
2011-09-22 15:18 . 2011-09-22 15:18	--------	dc----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2011-09-22 15:18 . 2011-09-22 15:18	--------	dc----w-	C:\Malwarebytes' Anti-Malware
2011-09-22 15:18 . 2011-08-31 15:00	22216	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-09-19 12:57 . 2011-09-19 12:59	--------	dc-h--w-	c:\windows\ie8
2011-09-19 11:45 . 2011-09-12 23:14	7269712	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-19 11:36 . 2009-08-06 17:23	274288	----a-w-	c:\windows\system32\mucltui.dll
2011-09-19 11:36 . 2009-08-06 17:23	215920	----a-w-	c:\windows\system32\muweb.dll
2011-09-18 07:55 . 2011-09-18 07:56	--------	d-----w-	c:\programme\Microsoft Security Client
2011-09-17 17:34 . 2007-03-09 09:25	2321288	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-09-17 17:34 . 2011-08-16 06:48	7152464	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Windows Defender\Definition Updates\{A5CC787C-6952-4041-AD97-9D90CA5819DD}\mpengine.dll
2011-09-17 17:34 . 2010-10-19 20:51	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-09-17 17:33 . 2011-09-17 17:33	--------	d-----w-	c:\programme\Windows Defender
2011-09-17 16:56 . 2011-09-17 17:14	--------	dc----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton
2011-09-17 16:56 . 2011-09-17 16:56	--------	dc----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Symantec
2011-09-17 09:06 . 2011-06-24 14:10	139656	-c----w-	c:\windows\system32\dllcache\rdpwd.sys
2011-09-17 09:06 . 2011-07-08 14:02	10496	-c----w-	c:\windows\system32\dllcache\ndistapi.sys
2011-09-17 09:01 . 2011-09-17 09:01	--------	d-----w-	c:\windows\system32\wbem\Repository
2011-09-17 09:00 . 2011-09-27 16:42	--------	dc----w-	c:\dokumente und einstellungen\Jan
2011-09-09 09:11 . 2011-09-09 09:11	604160	-c----w-	c:\windows\system32\dllcache\crypt32.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-26 11:48 . 2011-05-22 08:18	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:11 . 2004-08-04 12:00	604160	----a-w-	c:\windows\system32\crypt32.dll
2011-09-09 09:11 . 2004-08-04 12:00	604160	----a-w-	c:\windows\system32\crypt32(2).dll
2011-09-03 10:17 . 2004-08-04 12:00	604160	----a-w-	c:\windows\system32\crypt32(3).dll
2011-07-15 13:29 . 2004-08-04 12:00	456320	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-04 12:00	10496	----a-w-	c:\windows\system32\drivers\ndistapi.sys
2011-07-05 16:37 . 2011-07-05 16:37	94208	----a-w-	c:\windows\system32\QuickTimeVR.qtx
2011-07-05 16:37 . 2011-07-05 16:37	69632	----a-w-	c:\windows\system32\QuickTime.qts
2011-09-03 06:18 . 2011-09-26 16:18	134104	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NeroNETTrayIcon"="c:\programme\Ahead\NeroNET\NNServiceCtrl.exe" [2003-02-18 212992]
"HTpatch"="c:\windows\htpatch.exe" [2002-10-30 28672]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"SAFEHOME HotKeys"="c:\programme\Steganos Safe Home\SteganosHotKeyService.exe" [2006-12-05 25088]
"SAFEHOME Agent"="c:\programme\Steganos Safe Home\SteganosAgent.exe" [2006-12-05 26112]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"MSC"="c:\programme\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Programme\\Microsoft ActiveSync\\wcescomm.exe"=
"c:\\Programme\\Microsoft ActiveSync\\WCESMgr.exe"=
"c:\\Programme\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
.
R1 MpKsl9059308e;MpKsl9059308e;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{D28B6866-7D4B-4535-92ED-855B702674B6}\MpKsl9059308e.sys [27.09.2011 18:34 28752]
R1 SLEE_14_DRIVER;Steganos Live Encryption Engine 14 [Driver];c:\windows\system32\drivers\sleen14.sys [08.11.2006 15:19 72480]
R2 NeroNET;NeroNET;c:\programme\Ahead\NeroNET\NeroNET.exe -w --> c:\programme\Ahead\NeroNET\NeroNET.exe -w [?]
S2 gupdate1c99b4363144021;Google Update Service (gupdate1c99b4363144021);c:\programme\Google\Update\GoogleUpdate.exe [02.03.2009 16:30 133104]
S2 WinDefend;Windows Defender;c:\programme\Windows Defender\MsMpEng.exe [03.11.2006 19:19 13592]
S3 DT154_A02;T-Sinus 154data Driver;c:\windows\system32\DRIVERS\TS154USB.sys --> c:\windows\system32\DRIVERS\TS154USB.sys [?]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [02.03.2009 16:30 133104]
S3 w32n5223;w32n5223 Protocol Driver;\??\c:\progra~1\T-COM\T-COMW~1\INSTAL~1\WINXP\w32n5223.SYS --> c:\progra~1\T-COM\T-COMW~1\INSTAL~1\WINXP\w32n5223.SYS [?]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MPKSL9059308E
*NewlyCreated* - SISPORT
*Deregistered* - SiSPort
.
Inhalt des "geplante Tasks" Ordners
.
2011-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 10:34]
.
2011-09-27 c:\windows\Tasks\Google Software Updater.job
- c:\programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-06 13:01]
.
2011-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-03-02 14:30]
.
2011-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-03-02 14:30]
.
2011-09-27 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programme\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
2011-09-27 c:\windows\Tasks\MpIdleTask.job
- c:\programme\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
2011-09-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-18.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-09-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1004.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-09-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1009.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-09-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1010.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-09-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1011.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-09-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-18.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-09-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-1965331169-725345543-1004.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-07-14 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-1965331169-725345543-1009.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-09-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-1965331169-725345543-1010.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-09-17 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-1965331169-725345543-1011.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-09-27 c:\windows\Tasks\User_Feed_Synchronization-{CADBD029-0112-47AA-8330-1609ED782BE0}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.youtube.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\dokumente und einstellungen\Jan\Anwendungsdaten\Mozilla\Firefox\Profiles\zopzpd82.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-swg - c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
HKLM-Run-Device Detection - c:\programme\fotokasten comfort\dd.exe
HKLM-Run-QuickTime Task - c:\programme\QuickTime\QTTask.exe
HKLM-Run-iTunesHelper - c:\programme\iTunes\iTunesHelper.exe
HKLM-Run-SunJavaUpdateSched - c:\programme\Java\jre6\bin\jusched.exe
AddRemove-Adobe Acrobat 4.0 - c:\windows\ISUN0407.EXE
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0407.EXE
AddRemove-BVS_Lern_CD - c:\windows\unin0407.exe
AddRemove-Combat Flight Simulator 1.00 - c:\dokumente und einstellungen\Jan\Eigene Dateien\UNINSTAL.EXE
AddRemove-Fünf Freunde auf Schatzsuche - c:\windows\IsUn0407.exe
AddRemove-Google Updater - c:\programme\Google\Google Updater\GoogleUpdater.exe
AddRemove-NVIDIA nView Desktop Manager - c:\programme\NVIDIA Corporation\nView\nViewSetup.exe
AddRemove-The Print Shop Premier Edition 5.0 - c:\windows\unin0407.exe
AddRemove-Windows CE Services - c:\windows\ISUN0407.EXE
AddRemove-Yaht - c:\windows\unin0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-09-27 18:51
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  HTpatch = c:\windows\htpatch.exe?ows\CurrentVersion\Run???\???/??[???????[???[???????????????????[???[?G?????[$??????[????????????S??[????????m??[$??w????(???-??w???w????>??w???w???[????????d???b6?[%??[???[????"??[A??[???[.??wZ??[?3?[?3?[????st.I???????[????d???0=?[?K?[ 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-09-27  18:53:25
ComboFix-quarantined-files.txt  2011-09-27 16:53
.
Vor Suchlauf: 11 Verzeichnis(se), 122.887.184.384 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 123.230.453.760 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 1AAA64779CA7263FA6B8A1C5E3DA53FC

--- --- ---

cosinus · 27.09.2011, 19:05

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Elfaron · 01.10.2011, 06:15

So, hier einmal GMER:

GMER Logfile:

Code:

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-09-30 20:38:32
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3320620A rev.3.AAE
Running: z3zlgy0o.exe; Driver: C:\DOKUME~1\Jan\LOKALE~1\Temp\ugtdapob.sys


---- Kernel code sections - GMER 1.0.15 ----

.text  C:\WINDOWS\system32\DRIVERS\nv4_mini.sys  section is writeable [0xF63333A0, 0x59FFE5, 0xE8000020]

---- EOF - GMER 1.0.15 ----

--- --- ---

Hier OSAM:

OSAM Logfile:

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 07:01:34 on 01.10.2011

OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Software Updater.job" - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"MpIdleTask.job" - "Microsoft Corporation" - c:\Programme\Microsoft Security Client\Antimalware\MpCmdRun.exe
"RealUpgradeLogonTaskS-1-5-18.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1004.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1009.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1010.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeLogonTaskS-1-5-21-1993962763-1965331169-725345543-1011.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeScheduledTaskS-1-5-18.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeScheduledTaskS-1-5-21-1993962763-1965331169-725345543-1004.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeScheduledTaskS-1-5-21-1993962763-1965331169-725345543-1009.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeScheduledTaskS-1-5-21-1993962763-1965331169-725345543-1010.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeScheduledTaskS-1-5-21-1993962763-1965331169-725345543-1011.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"MP Scheduled Scan.job" - "Microsoft Corporation" - c:\Programme\Microsoft Security Client\Antimalware\MpCmdRun.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"ImageDrive.cpl" - "Ahead Software AG" - C:\WINDOWS\system32\ImageDrive.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"mbllnk.cpl" - "AvantGo, Inc." - C:\WINDOWS\system32\mbllnk.cpl
"SERVICE.CPL" - "Davilex Software bv" - C:\WINDOWS\system32\SERVICE.CPL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"QuickTime" - ? - C:\Programme\QuickTime\QTSystem\QuickTime.cpl  (File not found)

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"catchme" (catchme) - ? - C:\DOKUME~1\Jan\LOKALE~1\Temp\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"GEAR ASPI Filter Driver" (GEARAspiWDM) - ? - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys  (File not found)
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"MpKslc71113eb" (MpKslc71113eb) - "Microsoft Corporation" - c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{93DCBC44-95FB-4DDF-A35A-FE4E63624D78}\MpKslc71113eb.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"SiS AGP Filter" (SISAGP) - "Silicon Integrated Systems Corporation" - C:\WINDOWS\System32\DRIVERS\SISAGPX.sys
"Steganos Live Encryption Engine 14 [Driver]" (SLEE_14_DRIVER) - "Softwareentwicklung Remus - ArchiCrypt " - C:\WINDOWS\system32\drivers\Sleen14.sys
"T-Sinus 154data Driver" (DT154_A02) - ? - C:\WINDOWS\System32\DRIVERS\TS154USB.sys  (File not found)
"w32n5223 Protocol Driver" (w32n5223) - ? - C:\PROGRA~1\T-COM\T-COMW~1\INSTAL~1\WINXP\w32n5223.SYS  (File not found)
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{d7b95390-b1c5-11d0-b111-0080c712fe82} "mctp: Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Programme\Microsoft ActiveSync\aatp.dll
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? -   (File not found | COM-object registry key not found)
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{09A47860-11B0-4DA5-AFA5-26D86198A780} "EPP" - "Microsoft Corporation" - c:\PROGRA~1\MI239C~1\shellext.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - ? - C:\Programme\iTunes\iTunesMiniPlayer.dll  (File not found)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} "Microsoft Browser Architecture" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\msohev.dll
{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{FAE0A3E0-3010-41BA-9DDC-A631394F047F} "SteganosShellExtension" - ? - C:\Programme\Steganos Safe Home\ShellExtension.dll  (File found, but it contains no detailed information)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "ClsidExtension" - "Microsoft Corporation" - C:\Programme\Microsoft ActiveSync\inetrepl.dll
{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "Mobilen Favoriten erstellen" - "Microsoft Corporation" - C:\Programme\Microsoft ActiveSync\inetrepl.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Development Company, L.P." - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe  (Shortcut exists | File exists)
"Microsoft Office.lnk" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OSA.EXE  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Jan\Startmenü\Programme\Autostart\desktop.ini
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"HP Software Update" - "Hewlett-Packard" - C:\Programme\HP\HP Software Update\HPWuSchd2.exe
"HTpatch" - ? - C:\WINDOWS\htpatch.exe  (File found, but it contains no detailed information)
"MSC" - "Microsoft Corporation" - "c:\Programme\Microsoft Security Client\msseces.exe" -hide -runkey
"NeroCheck" - "Ahead Software Gmbh" - C:\WINDOWS\system32\NeroCheck.exe
"NeroNETTrayIcon" - "Ahead Software AG" - C:\Programme\Ahead\NeroNET\NNServiceCtrl.exe
"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"SAFEHOME Agent" - ? - C:\Programme\Steganos Safe Home\SteganosAgent.exe
"SAFEHOME HotKeys" - ? - C:\Programme\Steganos Safe Home\SteganosHotKeyService.exe
"SiSUSBRG" - "Silicon Integrated Systems Corp." - C:\WINDOWS\SiSUSBrg.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"HP Standard TCP/IP Port" - "Hewlett Packard" - C:\WINDOWS\system32\HpTcpMon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll  (File not found)
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Bonjour-Dienst" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe
"getPlus(R) Helper" (getPlus(R) Helper) - "NOS Microsystems Ltd." - C:\Programme\NOS\bin\getPlus_HelperSvc.exe
"Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate1c99b4363144021)" (gupdate1c99b4363144021) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"iPod-Dienst" (iPod Service) - ? - C:\Programme\iPod\bin\iPodService.exe  (File not found)
"Java Quick Starter" (JavaQuickStarterService) - ? - "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf"  (File not found)
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
"Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe
"NeroNET" (NeroNET) - "Ahead Software AG" - C:\Programme\Ahead\NeroNET\NeroNET.exe
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe
"Pml Driver HPZ12" (Pml Driver HPZ12) - "HP" - C:\WINDOWS\system32\HPZipm12.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Und hier aswMBR:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-01 07:02:24
-----------------------------
07:02:24.375 OS Version: Windows 5.1.2600 Service Pack 3
07:02:24.375 Number of processors: 1 586 0xA00
07:02:24.375 ComputerName: PRIVAT1 UserName: Jan
07:02:25.109 Initialize success
07:04:49.890 AVAST engine defs: 11093001
07:07:03.156 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
07:07:03.156 Disk 0 Vendor: ST3320620A 3.AAE Size: 305245MB BusType: 3
07:07:05.218 Disk 0 MBR read successfully
07:07:05.218 Disk 0 MBR scan
07:07:05.250 Disk 0 Windows XP default MBR code
07:07:05.265 Disk 0 scanning sectors +625121280
07:07:05.328 Disk 0 scanning C:\WINDOWS\system32\drivers
07:07:13.218 Service scanning
07:07:13.484 Service MpKslc71113eb c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{93DCBC44-95FB-4DDF-A35A-FE4E63624D78}\MpKslc71113eb.sys **LOCKED** 32
07:07:14.093 Modules scanning
07:07:17.625 Disk 0 trace - called modules:
07:07:17.640 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
07:07:17.640 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86758ab8]
07:07:17.984 3 CLASSPNP.SYS[f786ffd7] -> nt!IofCallDriver -> \Device\00000050[0x867cbf18]
07:07:17.984 5 ACPI.sys[f77e5620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8675ad98]
07:07:18.562 AVAST engine scan C:\WINDOWS
07:07:37.453 AVAST engine scan C:\WINDOWS\system32
07:09:46.750 AVAST engine scan C:\WINDOWS\system32\drivers
07:10:03.734 AVAST engine scan C:\Dokumente und Einstellungen\Jan
07:12:12.390 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Jan\Desktop\MBR.dat"
07:12:12.390 The log file has been saved successfully to "C:\Dokumente und Einstellungen\Jan\Desktop\aswMBR.txt"

26.09.2011, 10:15	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Google-Webseite von Virus blockiert? Dann versuch es mit dem Firefox __________________ Logfiles bitte immer in CODE-Tags posten

Google-Webseite von Virus blockiert?

Plagegeister aller Art und deren Bekämpfung: Google-Webseite von Virus blockiert?