PC arbeitet nicht mehr ordnungsgemäß-Fehlermeldungen server.exe, metinmetinmetin.exe bei PC Start

cosinus · 21.04.2012, 16:58

Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten:

Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.

Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
Lege eine leere CD in Deinen Brenner.
ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
Du kannst nun die Fenster des Brennprogramms schließen.

Nun boote von der OTLPE CD. Hinweis: Wie boote ich von CD

Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
Mache einen Doppelklick auf das OTLPE Icon.
Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
OTLpe sollte nun starten.
Drücke Run Scan, um den Scan zu starten.
Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
Bitte poste den Inhalt von C:\OTL.Txt und Extras.Txt.

frusciante · 25.04.2012, 20:54

Ok danke. Ich kann das erst am Wochenende machen, da ich momentan keinen andern PC zur Verfügung habe.

frusciante · 29.04.2012, 12:21

Code:

ATTFilter

OTL Extras logfile created on: 4/29/2012 2:17:16 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
767.00 Mb Total Physical Memory | 524.00 Mb Available Physical Memory | 68.00% Memory free
707.00 Mb Paging File | 539.00 Mb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74.52 Gb Total Space | 53.51 Gb Free Space | 71.80% Space Free | Partition Type: NTFS
Drive D: | 57.26 Gb Total Space | 2.32 Gb Free Space | 4.05% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\ICQ7.6\ICQ.exe" = C:\Programme\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ7.6\ICQ.exe" = C:\Programme\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
"C:\Programme\Winamp\winamp.exe" = C:\Programme\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Programme\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe" = C:\Programme\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe:*:Enabled:Camfrog Video Chat -- (Camshare Inc.)
"C:\Programme\Logitech\Logitech Vid\Vid.exe" = C:\Programme\Logitech\Logitech Vid\Vid.exe:*:Enabled:Logitech Vid -- (Logitech Inc.)
"C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{B825B224-6F84-4E51-90C8-B335FED422B8}" = Facebook Password Extractor
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 1.2.6
"Camfrog 6.1" = Camfrog Video Chat 6.1
"CCleaner" = CCleaner
"energyXT2_is1" = energyXT2.07
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Foxit Reader_is1" = Foxit Reader 5.1
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Full)
"LastFM_is1" = Last.fm 1.5.4.27091
"lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"MiniLyrics" = Minilyrics
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Native Instruments AC Box Combo" = Native Instruments AC Box Combo
"Native Instruments Service Center" = Native Instruments Service Center
"PCI Audio Driver" = PCI Audio Driver
"Picasa 3" = Picasa 3
"PokerStars" = PokerStars
"StartSearch Toolbar" = StartSearch Toolbar 1.3
"Update Engine" = Sony Ericsson Update Engine
"USB_AUDIO_DEusb-audio.de" = usb-audio.de USB ASIO driver
"USB_AUDIO_DEusb-audio.deBehringer2902" = BEHRINGER USB AUDIO DRIVER
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
< End of report >

Code:

ATTFilter

OTL logfile created on: 4/29/2012 2:17:16 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
767.00 Mb Total Physical Memory | 524.00 Mb Available Physical Memory | 68.00% Memory free
707.00 Mb Paging File | 539.00 Mb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74.52 Gb Total Space | 53.51 Gb Free Space | 71.80% Space Free | Partition Type: NTFS
Drive D: | 57.26 Gb Total Space | 2.32 Gb Free Space | 4.05% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - [2012/01/18 08:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2009/11/18 12:09:00 | 000,057,768 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Programme\Kabel Deutschland\Sicherheitspaket\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2009/11/18 12:08:32 | 000,188,840 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Programme\Kabel Deutschland\Sicherheitspaket\Common\FSMA32.EXE -- (FSMA)
SRV - [2009/11/18 12:07:30 | 000,524,712 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Programme\Kabel Deutschland\Sicherheitspaket\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009/10/06 20:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2012/04/21 08:38:07 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/03/21 15:37:17 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012/03/21 15:37:17 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/08/13 13:06:14 | 000,403,008 | R--- | M] (usb-audio.de) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pgusbwdm.sys -- (pgusbwdm) usb-audio.de driver  (commercial 2.8.45)
DRV - [2010/08/13 13:06:14 | 000,039,488 | R--- | M] (usb-audio.de) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pgusbmm3.sys -- (pgusbmme)
DRV - [2009/11/18 12:07:30 | 000,081,864 | ---- | M] (F-Secure Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009/10/06 20:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/05/25 08:35:00 | 000,116,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1029unic.sys -- (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM)
DRV - [2009/05/25 08:34:56 | 000,122,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009/05/25 08:34:56 | 000,090,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1029bus.sys -- (s1029bus) Sony Ericsson Device 1029 driver (WDM)
DRV - [2009/05/25 08:34:56 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2009/05/25 08:34:54 | 000,115,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1029mgmt.sys -- (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM)
DRV - [2009/05/25 08:34:54 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009/05/25 08:34:54 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1029nd5.sys -- (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS)
DRV - [2009/04/30 19:01:34 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/04/30 18:55:56 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009/04/30 18:55:32 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2007/11/06 11:40:18 | 000,340,480 | R--- | M] (BEHRINGER) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BUSB2902.sys -- (BEHRINGER_2902)
DRV - [2004/08/04 08:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004/08/03 17:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2001/12/10 10:25:22 | 000,357,070 | ---- | M] (C-Media Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2001/08/17 09:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://startsear.ch/?aff=3
 
 
 
 
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Programme\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Programme\Kabel Deutschland\Sicherheitspaket\NRS\litmus-ff@f-secure.com [2012/04/19 12:23:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/04/19 12:44:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/03/13 08:56:42 | 000,000,000 | ---D | M]
 
[2012/04/19 12:44:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012/03/13 00:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011/12/12 17:53:11 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/26 14:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll
[2006/09/26 08:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012/03/13 01:23:34 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/03/13 01:06:36 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012/03/13 01:23:34 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012/03/13 01:23:34 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/03/13 01:23:34 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/03/13 01:23:34 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Programme\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Programme\Kabel Deutschland\Sicherheitspaket\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Programme\Kabel Deutschland\Sicherheitspaket\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [F-Secure Manager] C:\Programme\Kabel Deutschland\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [HKLM] C:\WINDOWS\system32\install\server.exe ()
O4 - HKLM..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\install\server.exe ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.184.225 83.169.184.161
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/10 19:49:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/04/19 15:31:37 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012/04/19 14:23:33 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/04/19 14:23:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012/04/19 14:23:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012/04/19 14:23:20 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/04/19 14:23:20 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012/04/19 13:03:03 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos
[2012/04/19 12:24:15 | 000,081,864 | ---- | C] (F-Secure Corporation) -- C:\WINDOWS\System32\drivers\fsdfw.sys
[2012/04/19 12:22:46 | 000,000,000 | ---D | C] -- C:\Programme\Kabel Deutschland
[2012/04/19 12:21:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fssg
[2012/04/18 13:40:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\f-secure
[2012/04/17 14:04:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\svchost
[2012/04/17 14:02:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
[2012/04/17 14:02:54 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2012/04/17 13:50:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Elcomsoft Password Recovery
[2012/03/31 13:25:48 | 000,712,704 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012/03/31 13:25:48 | 000,712,704 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\a3d.dll
[2012/03/31 13:25:47 | 000,140,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2012/03/31 13:25:47 | 000,140,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ks.sys
[2012/03/31 13:25:46 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2012/03/31 13:25:46 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2012/03/31 13:25:46 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.drv
[2012/03/31 13:25:44 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2012/03/31 13:25:44 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2012/03/31 13:25:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2012/03/31 13:25:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2012/03/31 13:25:42 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2012/03/31 13:25:42 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2012/03/31 13:25:41 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2012/03/31 13:25:41 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stream.sys
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/04/28 15:49:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/27 19:23:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/04/26 14:32:29 | 000,000,025 | ---- | M] () -- C:\WINDOWS\mixerdef.ini
[2012/04/26 02:49:05 | 000,000,199 | ---- | M] () -- C:\WINDOWS\CMISETUP.INI
[2012/04/26 02:49:03 | 000,000,026 | ---- | M] () -- C:\WINDOWS\CMCDPLAY.INI
[2012/04/22 11:01:59 | 000,297,472 | ---- | M] () -- C:\WINDOWS\System32\metinmetinmetin.exe
[2012/04/21 12:02:07 | 000,000,101 | ---- | M] () -- C:\WINDOWS\CMMIXER.INI
[2012/04/21 08:42:13 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012/04/21 08:38:07 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/04/19 14:28:22 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/04/19 14:28:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012/04/19 12:44:08 | 000,000,702 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012/04/19 12:44:08 | 000,000,696 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012/04/17 14:02:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
[2012/04/15 07:49:37 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/11 14:20:15 | 000,001,703 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Sony PC Companion 2.1.lnk
[2012/04/11 14:20:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Sony
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/04/21 12:02:01 | 000,000,101 | ---- | C] () -- C:\WINDOWS\CMMIXER.INI
[2012/04/19 14:23:23 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/04/19 12:44:08 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012/04/19 12:44:08 | 000,000,696 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012/04/18 22:45:00 | 000,297,472 | ---- | C] () -- C:\WINDOWS\System32\metinmetinmetin.exe
[2012/03/31 13:25:32 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.ini
[2012/02/08 12:54:03 | 000,080,896 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01.exe
[2011/11/12 11:02:54 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/11/07 13:57:46 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/11/05 03:49:26 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011/11/02 12:40:05 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2011/11/02 11:42:57 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/02 11:34:13 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2011/11/02 11:32:18 | 000,000,199 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2011/11/02 11:32:17 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2011/06/10 20:24:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/06/10 20:23:18 | 000,117,360 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/10 19:52:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/06/10 19:45:57 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/10/06 20:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/06 20:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2005/03/29 18:02:01 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/29 18:02:01 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,405,928 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004/08/04 08:00:00 | 000,393,044 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,071,056 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004/08/04 08:00:00 | 000,059,048 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/11/19 09:46:20 | 000,036,924 | ---- | C] () -- C:\WINDOWS\cmijack.dat
[2002/11/19 09:43:38 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.dat
[2002/07/11 06:13:26 | 000,122,880 | ---- | C] () -- C:\WINDOWS\cmuninst.dat
[2002/07/11 05:24:50 | 000,122,880 | ---- | C] () -- C:\WINDOWS\cmuninst.exe
 
========== LOP Check ==========
 
[2011/11/16 09:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2011/08/22 09:45:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2012/02/08 13:03:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012/01/19 14:29:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2012/04/17 13:50:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Elcomsoft Password Recovery
[2012/04/18 13:40:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\f-secure
[2012/04/19 12:21:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fssg
[2011/11/03 12:59:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2011/11/02 11:54:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Last.fm
[2012/03/21 15:32:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony
[2012/01/09 15:06:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012/01/21 13:23:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2012/01/09 14:45:25 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
 
========== Purity Check ==========
 
 
< End of report >

cosinus · 30.04.2012, 12:19

Mach einen OTL-Fix über OTLPE, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=3
O4 - HKLM..\Run: [HKLM] C:\WINDOWS\system32\install\server.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\install\server.exe ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/10 19:49:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
:Files
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
C:\WINDOWS\system32\install
C:\WINDOWS\system32\svchost
C:\Dokumente und Einstellungen\caro\Lokale Einstellungen\Anwendungsdaten\Babylon
:Commands
[purity]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Danach sollte Windows wieder normal starten - stell uns bitte den Quarantäneordner von OTL zur Verfügung. Dabei bitte so vorgehen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinträchtigen!
2.) Ordner movedfiles in C:\_OTL in eine Datei zippen
3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html
4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten

frusciante · 05.05.2012, 18:41

Code:

ATTFilter

 
========== OTL ==========
HKLM\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HKLM deleted successfully.
C:\WINDOWS\system32\install\server.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
C:\Programme\Winamp\winampa.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Policies deleted successfully.
File C:\WINDOWS\system32\install\server.exe not found.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
========== FILES ==========
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon folder moved successfully.
C:\WINDOWS\system32\install folder moved successfully.
C:\WINDOWS\system32\svchost folder moved successfully.
C:\Dokumente und Einstellungen\caro\Lokale Einstellungen\Anwendungsdaten\Babylon\Setup\Override folder moved successfully.
C:\Dokumente und Einstellungen\caro\Lokale Einstellungen\Anwendungsdaten\Babylon\Setup\HtmlScreens folder moved successfully.
C:\Dokumente und Einstellungen\caro\Lokale Einstellungen\Anwendungsdaten\Babylon\Setup folder moved successfully.
C:\Dokumente und Einstellungen\caro\Lokale Einstellungen\Anwendungsdaten\Babylon folder moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 05052012_203821

Ok habe die movedfiles datei hochgeladen. Der PC startet auch wieder normal und die Fehlermeldungen erscheinen nicht mehr.

cosinus · 06.05.2012, 18:30

Zitat:

Ok habe die movedfiles datei hochgeladen.

Ich seh da aber nichts von dir
Lad es nochmal hoch. Wenn die ZIP zu groß ist, lad es hier hoch => http://file-upload.net und verlink das hier

frusciante · 07.05.2012, 06:12

www.file-upload.net/download-4334458/MovedFiles.7z.html

cosinus · 07.05.2012, 10:02

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

frusciante · 07.05.2012, 14:40

Code:

ATTFilter

15:35:47.0078 2772	TDSS rootkit removing tool 2.7.34.0 May  2 2012 09:59:18
15:35:47.0171 2772	============================================================
15:35:47.0171 2772	Current date / time: 2012/05/07 15:35:47.0171
15:35:47.0171 2772	SystemInfo:
15:35:47.0171 2772	
15:35:47.0171 2772	OS Version: 5.1.2600 ServicePack: 2.0
15:35:47.0171 2772	Product type: Workstation
15:35:47.0171 2772	ComputerName: FREUDENHAUS
15:35:47.0171 2772	UserName: caro
15:35:47.0171 2772	Windows directory: C:\WINDOWS
15:35:47.0171 2772	System windows directory: C:\WINDOWS
15:35:47.0171 2772	Processor architecture: Intel x86
15:35:47.0171 2772	Number of processors: 1
15:35:47.0171 2772	Page size: 0x1000
15:35:47.0171 2772	Boot type: Normal boot
15:35:47.0171 2772	============================================================
15:35:50.0234 2772	Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:35:50.0250 2772	Drive \Device\Harddisk1\DR1 - Size: 0xE51424000 (57.27 Gb), SectorSize: 0x200, Cylinders: 0x1D34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:35:50.0250 2772	============================================================
15:35:50.0250 2772	\Device\Harddisk0\DR0:
15:35:50.0250 2772	MBR partitions:
15:35:50.0250 2772	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
15:35:50.0250 2772	\Device\Harddisk1\DR1:
15:35:50.0250 2772	MBR partitions:
15:35:50.0250 2772	\Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7285D34
15:35:50.0250 2772	============================================================
15:35:50.0281 2772	C: <-> \Device\Harddisk0\DR0\Partition0
15:35:50.0343 2772	D: <-> \Device\Harddisk1\DR1\Partition0
15:35:50.0375 2772	============================================================
15:35:50.0375 2772	Initialize success
15:35:50.0375 2772	============================================================
15:36:20.0187 2576	============================================================
15:36:20.0187 2576	Scan started
15:36:20.0187 2576	Mode: Manual; SigCheck; TDLFS; 
15:36:20.0187 2576	============================================================
15:36:20.0921 2576	Abiosdsk - ok
15:36:20.0968 2576	abp480n5 - ok
15:36:21.0125 2576	ACPI            (94b4741d2cf9ed38140b831293d1601a) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:36:21.0687 2576	ACPI - ok
15:36:21.0765 2576	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:36:22.0015 2576	ACPIEC - ok
15:36:22.0031 2576	adpu160m - ok
15:36:22.0171 2576	aec             (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
15:36:22.0453 2576	aec - ok
15:36:22.0546 2576	AFD             (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
15:36:22.0640 2576	AFD - ok
15:36:22.0734 2576	agp440          (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
15:36:22.0968 2576	agp440 - ok
15:36:22.0984 2576	Aha154x - ok
15:36:23.0015 2576	aic78u2 - ok
15:36:23.0062 2576	aic78xx - ok
15:36:23.0125 2576	Alerter         (1aab6c5f8376357cb9b16c38c42c4076) C:\WINDOWS\system32\alrsvc.dll
15:36:23.0375 2576	Alerter - ok
15:36:23.0421 2576	ALG             (6596dd260ffde1bdc994c1df236307bb) C:\WINDOWS\System32\alg.exe
15:36:23.0718 2576	ALG - ok
15:36:23.0734 2576	AliIde - ok
15:36:23.0734 2576	amsint - ok
15:36:23.0750 2576	AppMgmt - ok
15:36:23.0812 2576	Arp1394         (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:36:24.0062 2576	Arp1394 - ok
15:36:24.0062 2576	asc - ok
15:36:24.0078 2576	asc3350p - ok
15:36:24.0093 2576	asc3550 - ok
15:36:24.0125 2576	AsyncMac        (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:36:24.0343 2576	AsyncMac - ok
15:36:24.0421 2576	atapi           (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:36:24.0656 2576	atapi - ok
15:36:24.0656 2576	Atdisk - ok
15:36:24.0734 2576	Atmarpc         (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:36:24.0984 2576	Atmarpc - ok
15:36:25.0031 2576	AudioSrv        (e98b8250398f6637b335a76ba8dfb602) C:\WINDOWS\System32\audiosrv.dll
15:36:25.0296 2576	AudioSrv - ok
15:36:25.0343 2576	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:36:25.0562 2576	audstub - ok
15:36:25.0609 2576	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:36:25.0859 2576	Beep - ok
15:36:26.0031 2576	BEHRINGER_2902  (4ee79dc79d821500d5174047a9af708c) C:\WINDOWS\system32\Drivers\BUSB2902.sys
15:36:26.0218 2576	BEHRINGER_2902 ( UnsignedFile.Multi.Generic ) - warning
15:36:26.0218 2576	BEHRINGER_2902 - detected UnsignedFile.Multi.Generic (1)
15:36:26.0390 2576	BITS            (3a5e54a9ab96ef2d273b58136fb58efe) C:\WINDOWS\system32\qmgr.dll
15:36:26.0828 2576	BITS - ok
15:36:26.0906 2576	Browser         (d8653dcd80cf2ebb333fc4fcc43a7def) C:\WINDOWS\System32\browser.dll
15:36:27.0140 2576	Browser - ok
15:36:27.0187 2576	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:36:27.0437 2576	cbidf2k - ok
15:36:27.0484 2576	CCDECODE        (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:36:27.0718 2576	CCDECODE - ok
15:36:27.0734 2576	cd20xrnt - ok
15:36:27.0765 2576	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:36:28.0000 2576	Cdaudio - ok
15:36:28.0062 2576	Cdfs            (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
15:36:28.0328 2576	Cdfs - ok
15:36:28.0375 2576	Cdrom           (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:36:28.0984 2576	Cdrom - ok
15:36:29.0031 2576	cercsr6         (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
15:36:29.0062 2576	cercsr6 ( UnsignedFile.Multi.Generic ) - warning
15:36:29.0062 2576	cercsr6 - detected UnsignedFile.Multi.Generic (1)
15:36:29.0078 2576	Changer - ok
15:36:29.0109 2576	CiSvc           (234d52c63c67a8cf4af9becce43bfb4a) C:\WINDOWS\system32\cisvc.exe
15:36:29.0328 2576	CiSvc - ok
15:36:29.0359 2576	ClipSrv         (0461868578d29dc18fb1c79933c5158a) C:\WINDOWS\system32\clipsrv.exe
15:36:29.0578 2576	ClipSrv - ok
15:36:29.0593 2576	CmdIde - ok
15:36:29.0750 2576	cmpci           (5ae0fe76e8487d1966a852c135c07142) C:\WINDOWS\system32\drivers\cmaudio.sys
15:36:29.0937 2576	cmpci ( UnsignedFile.Multi.Generic ) - warning
15:36:29.0937 2576	cmpci - detected UnsignedFile.Multi.Generic (1)
15:36:29.0937 2576	COMSysApp - ok
15:36:29.0968 2576	Cpqarray - ok
15:36:30.0031 2576	CryptSvc        (1a5f9db98df7955b4c7cbdbf2c638238) C:\WINDOWS\System32\cryptsvc.dll
15:36:30.0281 2576	CryptSvc - ok
15:36:30.0296 2576	dac2w2k - ok
15:36:30.0312 2576	dac960nt - ok
15:36:30.0484 2576	DcomLaunch      (d45bbcddc74a1b0259a0c4b00c190d20) C:\WINDOWS\system32\rpcss.dll
15:36:30.0765 2576	DcomLaunch - ok
15:36:30.0843 2576	Dhcp            (69f986b2688ba95a0d9362b0e233d5ff) C:\WINDOWS\System32\dhcpcsvc.dll
15:36:31.0093 2576	Dhcp - ok
15:36:31.0156 2576	Disk            (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
15:36:31.0406 2576	Disk - ok
15:36:31.0421 2576	dmadmin - ok
15:36:31.0718 2576	dmboot          (5789b83ba87fc84c3568cf86cacef8ce) C:\WINDOWS\system32\drivers\dmboot.sys
15:36:32.0390 2576	dmboot - ok
15:36:32.0468 2576	dmio            (084eb0a50a4f7b4705c8a57f234e5291) C:\WINDOWS\system32\drivers\dmio.sys
15:36:32.0734 2576	dmio - ok
15:36:32.0781 2576	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:36:32.0984 2576	dmload - ok
15:36:33.0046 2576	dmserver        (fa2d9d1a9f6b5a88d01e1685ce2378ba) C:\WINDOWS\System32\dmserver.dll
15:36:33.0265 2576	dmserver - ok
15:36:33.0328 2576	DMusic          (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
15:36:33.0562 2576	DMusic - ok
15:36:33.0640 2576	Dnscache        (d1f5b71bbaeee07b78980dbd878c0bc7) C:\WINDOWS\System32\dnsrslvr.dll
15:36:33.0859 2576	Dnscache - ok
15:36:33.0859 2576	dpti2o - ok
15:36:33.0921 2576	drmkaud         (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
15:36:34.0140 2576	drmkaud - ok
15:36:34.0203 2576	ERSvc           (877a4512cc9074d6954776af47021766) C:\WINDOWS\System32\ersvc.dll
15:36:34.0421 2576	ERSvc - ok
15:36:34.0500 2576	Eventlog        (65f6b774819bd727358157cedea67b8e) C:\WINDOWS\system32\services.exe
15:36:34.0625 2576	Eventlog - ok
15:36:34.0734 2576	EventSystem     (d68ed3908c7a0db446111d34ac40dc18) C:\WINDOWS\system32\es.dll
15:36:34.0875 2576	EventSystem - ok
15:36:34.0953 2576	Fastfat         (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
15:36:35.0234 2576	Fastfat - ok
15:36:35.0343 2576	FastUserSwitchingCompatibility (bac5f7f0c2b8c1b9832594851e0f9914) C:\WINDOWS\System32\shsvcs.dll
15:36:35.0609 2576	FastUserSwitchingCompatibility - ok
15:36:35.0671 2576	Fdc             (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:36:35.0890 2576	Fdc - ok
15:36:35.0953 2576	Fips            (9e9af89f9b14aa6249065c309ce73bd8) C:\WINDOWS\system32\drivers\Fips.sys
15:36:36.0156 2576	Fips - ok
15:36:36.0218 2576	Flpydisk        (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:36:36.0437 2576	Flpydisk - ok
15:36:36.0812 2576	FltMgr          (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:36:37.0062 2576	FltMgr - ok
15:36:39.0546 2576	FSDFWD          (7cd27e80dfd22f02fbda47b706aba0f2) C:\Programme\Kabel Deutschland\Sicherheitspaket\FWES\Program\fsdfwd.exe
15:36:40.0171 2576	FSDFWD - ok
15:36:40.0578 2576	FSFW            (fe5918f5c839f7bbf74fb91743dd4262) C:\WINDOWS\system32\drivers\fsdfw.sys
15:36:40.0828 2576	FSFW - ok
15:36:41.0937 2576	FSMA            (8a556a81e9ff95bd9eb7207783e8fcf4) C:\Programme\Kabel Deutschland\Sicherheitspaket\Common\FSMA32.EXE
15:36:42.0078 2576	FSMA - ok
15:36:42.0593 2576	FSORSPClient    (4a2959c876621be4d7c973f63099bc6e) C:\Programme\Kabel Deutschland\Sicherheitspaket\ORSP Client\fsorsp.exe
15:36:42.0640 2576	FSORSPClient - ok
15:36:42.0796 2576	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:36:43.0031 2576	Fs_Rec - ok
15:36:43.0250 2576	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:36:43.0515 2576	Ftdisk - ok
15:36:43.0578 2576	gameenum        (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
15:36:43.0859 2576	gameenum - ok
15:36:43.0890 2576	ggflt           (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
15:36:43.0984 2576	ggflt - ok
15:36:44.0078 2576	ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
15:36:44.0093 2576	ggsemc - ok
15:36:44.0375 2576	Gpc             (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:36:44.0609 2576	Gpc - ok
15:36:44.0718 2576	gusvc           (c1b577b2169900f4cf7190c39f085794) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
15:36:44.0781 2576	gusvc - ok
15:36:44.0984 2576	helpsvc         (ba85bcf1a2bcf927c3600574173403e0) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:36:45.0203 2576	helpsvc - ok
15:36:45.0250 2576	HidServ         (b647ca198b9c73056abfb0a9d8f4916d) C:\WINDOWS\System32\hidserv.dll
15:36:45.0515 2576	HidServ - ok
15:36:45.0796 2576	hidusb          (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:36:46.0015 2576	hidusb - ok
15:36:46.0015 2576	hpn - ok
15:36:46.0171 2576	HTTP            (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
15:36:46.0390 2576	HTTP - ok
15:36:46.0437 2576	HTTPFilter      (9ec7e866bbdbf3ecc0e67f4e0a838eb2) C:\WINDOWS\System32\w3ssl.dll
15:36:46.0656 2576	HTTPFilter - ok
15:36:46.0656 2576	i2omgmt - ok
15:36:46.0671 2576	i2omp - ok
15:36:46.0718 2576	i8042prt        (7c575018d0413440d75432a78b88c899) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:36:46.0953 2576	i8042prt - ok
15:36:47.0015 2576	Imapi           (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:36:47.0250 2576	Imapi - ok
15:36:47.0359 2576	ImapiService    (57d7267a9ed91ecaf4336b08c9628fca) C:\WINDOWS\system32\imapi.exe
15:36:47.0609 2576	ImapiService - ok
15:36:47.0625 2576	ini910u - ok
15:36:47.0687 2576	IntelIde        (d63c33f65f6ebc732116403d88883b2d) C:\WINDOWS\system32\DRIVERS\intelide.sys
15:36:47.0890 2576	IntelIde - ok
15:36:47.0937 2576	Ip6Fw           (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:36:48.0296 2576	Ip6Fw - ok
15:36:48.0343 2576	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:36:48.0562 2576	IpFilterDriver - ok
15:36:48.0578 2576	IpInIp          (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:36:48.0781 2576	IpInIp - ok
15:36:48.0890 2576	IpNat           (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:36:49.0250 2576	IpNat - ok
15:36:49.0375 2576	IPSec           (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:36:49.0625 2576	IPSec - ok
15:36:49.0656 2576	IRENUM          (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:36:49.0765 2576	IRENUM - ok
15:36:49.0921 2576	isapnp          (ce9b7afdf0a3d7dd8d1487262316b959) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:36:50.0203 2576	isapnp - ok
15:36:50.0421 2576	JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Programme\Java\jre6\bin\jqs.exe
15:36:50.0484 2576	JavaQuickStarterService - ok
15:36:50.0718 2576	Kbdclass        (b128fc0a5cd83f669d5de4b58f77c7d6) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:36:50.0921 2576	Kbdclass - ok
15:36:51.0250 2576	kmixer          (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
15:36:51.0671 2576	kmixer - ok
15:36:51.0734 2576	KSecDD          (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
15:36:51.0828 2576	KSecDD - ok
15:36:51.0921 2576	lanmanserver    (f8170aa51cd202bc062b8a0983f361b7) C:\WINDOWS\System32\srvsvc.dll
15:36:52.0390 2576	lanmanserver - ok
15:36:52.0671 2576	lanmanworkstation (f716a6f5babb6da60c0532510ab52245) C:\WINDOWS\System32\wkssvc.dll
15:36:52.0750 2576	lanmanworkstation - ok
15:36:52.0765 2576	lbrtfdc - ok
15:36:52.0984 2576	LmHosts         (4c25fadd7fe1d5bd779b20d3d0eb8d7c) C:\WINDOWS\System32\lmhsvc.dll
15:36:53.0218 2576	LmHosts - ok
15:36:53.0281 2576	LVPr2Mon        (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
15:36:53.0296 2576	LVPr2Mon - ok
15:36:53.0515 2576	LVPrcSrv        (0ddfdcaa92c7f553328db06ba599bea9) C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
15:36:53.0578 2576	LVPrcSrv - ok
15:36:53.0843 2576	LVRS            (87ecce893d8aec5a9337b917742d339c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
15:36:53.0984 2576	LVRS - ok
15:36:54.0078 2576	MBAMSwissArmy   (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
15:36:54.0109 2576	MBAMSwissArmy - ok
15:36:54.0171 2576	Messenger       (e5215ab942c5ac5f7eb0e54871d7a27c) C:\WINDOWS\System32\msgsvc.dll
15:36:54.0437 2576	Messenger - ok
15:36:54.0468 2576	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:36:54.0734 2576	mnmdd - ok
15:36:54.0843 2576	mnmsrvc         (bb2470d20405b272ea47ca5e18f1c58e) C:\WINDOWS\system32\mnmsrvc.exe
15:36:55.0078 2576	mnmsrvc - ok
15:36:55.0156 2576	Modem           (91a3da4b12f6f1d760463a7f7857f748) C:\WINDOWS\system32\drivers\Modem.sys
15:36:55.0406 2576	Modem - ok
15:36:55.0484 2576	Mouclass        (71e15ca47fd947552054afb28536268f) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:36:55.0718 2576	Mouclass - ok
15:36:55.0765 2576	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:36:55.0984 2576	mouhid - ok
15:36:56.0046 2576	MountMgr        (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
15:36:56.0312 2576	MountMgr - ok
15:36:56.0390 2576	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
15:36:56.0468 2576	MozillaMaintenance - ok
15:36:56.0515 2576	mraid35x - ok
15:36:56.0656 2576	MRxDAV          (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:36:56.0921 2576	MRxDAV - ok
15:36:57.0156 2576	MRxSmb          (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:36:57.0609 2576	MRxSmb - ok
15:36:57.0656 2576	MSDTC           (d059f9c7752ef461476e83180daa5c62) C:\WINDOWS\system32\msdtc.exe
15:36:57.0890 2576	MSDTC - ok
15:36:57.0937 2576	Msfs            (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
15:36:58.0531 2576	Msfs - ok
15:36:58.0531 2576	MSIServer - ok
15:36:58.0578 2576	MSKSSRV         (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:36:59.0515 2576	MSKSSRV - ok
15:36:59.0546 2576	MSPCLOCK        (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:36:59.0781 2576	MSPCLOCK - ok
15:36:59.0843 2576	MSPQM           (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
15:37:00.0062 2576	MSPQM - ok
15:37:00.0109 2576	mssmbios        (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:37:00.0390 2576	mssmbios - ok
15:37:00.0437 2576	MSTEE           (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
15:37:00.0625 2576	MSTEE - ok
15:37:00.0656 2576	ms_mpu401       (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
15:37:00.0859 2576	ms_mpu401 - ok
15:37:00.0937 2576	Mup             (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
15:37:01.0140 2576	Mup - ok
15:37:01.0218 2576	NABTSFEC        (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:37:01.0578 2576	NABTSFEC - ok
15:37:01.0828 2576	NDIS            (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
15:37:02.0109 2576	NDIS - ok
15:37:02.0156 2576	NdisIP          (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:37:02.0390 2576	NdisIP - ok
15:37:02.0437 2576	NdisTapi        (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:37:02.0656 2576	NdisTapi - ok
15:37:02.0703 2576	Ndisuio         (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:37:02.0921 2576	Ndisuio - ok
15:37:03.0000 2576	NdisWan         (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:37:03.0234 2576	NdisWan - ok
15:37:03.0281 2576	NDProxy         (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
15:37:03.0484 2576	NDProxy - ok
15:37:03.0515 2576	NetBIOS         (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:37:03.0718 2576	NetBIOS - ok
15:37:03.0828 2576	NetBT           (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:37:04.0062 2576	NetBT - ok
15:37:04.0140 2576	NetDDE          (f4eff57254f565f39b6029150414a0d5) C:\WINDOWS\system32\netdde.exe
15:37:04.0484 2576	NetDDE - ok
15:37:04.0734 2576	NetDDEdsdm      (f4eff57254f565f39b6029150414a0d5) C:\WINDOWS\system32\netdde.exe
15:37:04.0937 2576	NetDDEdsdm - ok
15:37:05.0000 2576	Netlogon        (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
15:37:05.0187 2576	Netlogon - ok
15:37:05.0281 2576	Netman          (cdf4da6b518105343fe9e8afbbf8fbf4) C:\WINDOWS\System32\netman.dll
15:37:05.0531 2576	Netman - ok
15:37:05.0609 2576	NIC1394         (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:37:05.0828 2576	NIC1394 - ok
15:37:05.0953 2576	Nla             (774274c487493452df3b0126dbe7ff3b) C:\WINDOWS\System32\mswsock.dll
15:37:06.0125 2576	Nla - ok
15:37:06.0171 2576	nm              (60cf8c7192b3614f240838ddbaa4a245) C:\WINDOWS\system32\DRIVERS\NMnt.sys
15:37:06.0390 2576	nm - ok
15:37:06.0437 2576	Npfs            (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
15:37:06.0640 2576	Npfs - ok
15:37:06.0875 2576	Ntfs            (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
15:37:07.0296 2576	Ntfs - ok
15:37:07.0312 2576	NtLmSsp         (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
15:37:07.0515 2576	NtLmSsp - ok
15:37:07.0687 2576	NtmsSvc         (428aa946a8d9f32dbb4260c8e6e13377) C:\WINDOWS\system32\ntmssvc.dll
15:37:08.0093 2576	NtmsSvc - ok
15:37:08.0140 2576	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:37:08.0343 2576	Null - ok
15:37:08.0734 2576	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:37:08.0921 2576	NwlnkFlt - ok
15:37:08.0937 2576	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:37:09.0140 2576	NwlnkFwd - ok
15:37:09.0203 2576	ohci1394        (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:37:09.0515 2576	ohci1394 - ok
15:37:09.0859 2576	Parport         (b2f17a2edb5450e61973a037f63a595b) C:\WINDOWS\system32\DRIVERS\parport.sys
15:37:10.0078 2576	Parport - ok
15:37:10.0125 2576	PartMgr         (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
15:37:10.0359 2576	PartMgr - ok
15:37:10.0375 2576	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
15:37:10.0593 2576	ParVdm - ok
15:37:10.0656 2576	PCI             (6fb463e5b243fbd6f3d3c83f914d94fb) C:\WINDOWS\system32\DRIVERS\pci.sys
15:37:11.0125 2576	PCI - ok
15:37:11.0125 2576	PCIDump - ok
15:37:11.0140 2576	PCIIde - ok
15:37:11.0234 2576	Pcmcia          (e2363f4c1daff89abee5f593e13d8a05) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:37:11.0484 2576	Pcmcia - ok
15:37:11.0500 2576	PDCOMP - ok
15:37:11.0515 2576	PDFRAME - ok
15:37:11.0515 2576	PDRELI - ok
15:37:11.0609 2576	PDRFRAME - ok
15:37:11.0656 2576	pepifilter      (b20f958b207e6aaac5f70d04dd2c30d8) C:\WINDOWS\system32\DRIVERS\lv302af.sys
15:37:11.0671 2576	pepifilter - ok
15:37:11.0671 2576	perc2 - ok
15:37:11.0687 2576	perc2hib - ok
15:37:11.0765 2576	pgusbmme        (b2ac1295446d1acff2e499134f0572ce) C:\WINDOWS\system32\drivers\pgusbmm3.sys
15:37:11.0796 2576	pgusbmme - ok
15:37:11.0968 2576	pgusbwdm        (14de008c4c5548c52168d7498ce2858d) C:\WINDOWS\system32\Drivers\pgusbwdm.sys
15:37:12.0359 2576	pgusbwdm - ok
15:37:13.0750 2576	PID_PEPI        (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
15:37:20.0953 2576	PID_PEPI - ok
15:37:24.0406 2576	PlugPlay        (65f6b774819bd727358157cedea67b8e) C:\WINDOWS\system32\services.exe
15:37:24.0546 2576	PlugPlay - ok
15:37:24.0843 2576	PolicyAgent     (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
15:37:25.0031 2576	PolicyAgent - ok
15:37:25.0781 2576	PptpMiniport    (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:37:26.0078 2576	PptpMiniport - ok
15:37:26.0078 2576	ProtectedStorage (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
15:37:26.0265 2576	ProtectedStorage - ok
15:37:26.0406 2576	PSched          (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
15:37:26.0937 2576	PSched - ok
15:37:27.0125 2576	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:37:27.0437 2576	Ptilink - ok
15:37:27.0687 2576	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:37:27.0796 2576	PxHelp20 - ok
15:37:27.0796 2576	ql1080 - ok
15:37:27.0812 2576	Ql10wnt - ok
15:37:27.0828 2576	ql12160 - ok
15:37:27.0828 2576	ql1240 - ok
15:37:27.0843 2576	ql1280 - ok
15:37:28.0000 2576	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:37:28.0296 2576	RasAcd - ok
15:37:28.0640 2576	RasAuto         (e3c6e87c1f84584a773d7c3dd205dbff) C:\WINDOWS\System32\rasauto.dll
15:37:28.0859 2576	RasAuto - ok
15:37:28.0921 2576	Rasl2tp         (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:37:29.0125 2576	Rasl2tp - ok
15:37:29.0218 2576	RasMan          (a5d2d745a2aefa327dca6da317b5fd70) C:\WINDOWS\System32\rasmans.dll
15:37:29.0453 2576	RasMan - ok
15:37:29.0500 2576	RasPppoe        (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:37:29.0703 2576	RasPppoe - ok
15:37:29.0734 2576	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:37:29.0953 2576	Raspti - ok
15:37:30.0062 2576	Rdbss           (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:37:30.0296 2576	Rdbss - ok
15:37:30.0328 2576	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:37:30.0531 2576	RDPCDD - ok
15:37:30.0640 2576	RDPWD           (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
15:37:30.0859 2576	RDPWD - ok
15:37:30.0968 2576	RDSessMgr       (aec159942df64a9890072d7bb1797762) C:\WINDOWS\system32\sessmgr.exe
15:37:31.0203 2576	RDSessMgr - ok
15:37:31.0265 2576	redbook         (aa56702e230860565cb8d43680f57f33) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:37:31.0515 2576	redbook - ok
15:37:31.0593 2576	RemoteAccess    (eba80cdf25e02084857957e820004934) C:\WINDOWS\System32\mprdim.dll
15:37:31.0796 2576	RemoteAccess - ok
15:37:31.0859 2576	RpcLocator      (da23f9f3f1b1871120f980a6879581ac) C:\WINDOWS\system32\locator.exe
15:37:32.0078 2576	RpcLocator - ok
15:37:32.0250 2576	RpcSs           (d45bbcddc74a1b0259a0c4b00c190d20) C:\WINDOWS\system32\rpcss.dll
15:37:32.0500 2576	RpcSs - ok
15:37:32.0578 2576	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
15:37:32.0828 2576	RSVP - ok
15:37:32.0859 2576	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
15:37:33.0062 2576	rtl8139 - ok
15:37:33.0140 2576	s1029bus        (69013a123a00b3042c260b0056df0152) C:\WINDOWS\system32\DRIVERS\s1029bus.sys
15:37:33.0171 2576	s1029bus - ok
15:37:33.0203 2576	s1029mdfl       (1565fc31f872963fe8af471123d8424c) C:\WINDOWS\system32\DRIVERS\s1029mdfl.sys
15:37:33.0218 2576	s1029mdfl - ok
15:37:33.0296 2576	s1029mdm        (d67a8042ecf6c983ac0e308b36603677) C:\WINDOWS\system32\DRIVERS\s1029mdm.sys
15:37:33.0343 2576	s1029mdm - ok
15:37:33.0406 2576	s1029mgmt       (9ac56f06c1e13a963c82ebd067fdf274) C:\WINDOWS\system32\DRIVERS\s1029mgmt.sys
15:37:33.0453 2576	s1029mgmt - ok
15:37:33.0484 2576	s1029nd5        (00c66c6baafb2747f15f94f15888c94a) C:\WINDOWS\system32\DRIVERS\s1029nd5.sys
15:37:33.0500 2576	s1029nd5 - ok
15:37:33.0562 2576	s1029obex       (6fc093aba554e45755dc2f3896b6c8d7) C:\WINDOWS\system32\DRIVERS\s1029obex.sys
15:37:33.0609 2576	s1029obex - ok
15:37:33.0656 2576	s1029unic       (9979b0e68815394665b2109b03d15fa1) C:\WINDOWS\system32\DRIVERS\s1029unic.sys
15:37:33.0703 2576	s1029unic - ok
15:37:33.0750 2576	SamSs           (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
15:37:33.0937 2576	SamSs - ok
15:37:34.0015 2576	SCardSvr        (b4cf7b42de6cfa6fde7d6af4daa55f57) C:\WINDOWS\System32\SCardSvr.exe
15:37:34.0234 2576	SCardSvr - ok
15:37:34.0359 2576	Schedule        (d5e73842f38e24457c63fef8ceffbe19) C:\WINDOWS\system32\schedsvc.dll
15:37:34.0625 2576	Schedule - ok
15:37:34.0656 2576	Secdrv          (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:37:34.0781 2576	Secdrv - ok
15:37:34.0843 2576	seclogon        (fed544b43903fb801b106f062110358a) C:\WINDOWS\System32\seclogon.dll
15:37:35.0031 2576	seclogon - ok
15:37:35.0062 2576	SENS            (ab74d986c1dd0d0c95b6ad37ec1e9f4f) C:\WINDOWS\system32\sens.dll
15:37:35.0250 2576	SENS - ok
15:37:35.0296 2576	serenum         (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:37:35.0546 2576	serenum - ok
15:37:35.0578 2576	Serial          (cd5b9995afcdb466c9efc048d167e3be) C:\WINDOWS\system32\DRIVERS\serial.sys
15:37:35.0781 2576	Serial - ok
15:37:35.0812 2576	Sfloppy         (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:37:36.0015 2576	Sfloppy - ok
15:37:36.0156 2576	SharedAccess    (9245420422e409a25c1410acb4244060) C:\WINDOWS\System32\ipnathlp.dll
15:37:36.0734 2576	SharedAccess - ok
15:37:36.0828 2576	ShellHWDetection (bac5f7f0c2b8c1b9832594851e0f9914) C:\WINDOWS\System32\shsvcs.dll
15:37:37.0031 2576	ShellHWDetection - ok
15:37:37.0031 2576	Simbad - ok
15:37:37.0093 2576	SLIP            (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:37:37.0281 2576	SLIP - ok
15:37:37.0546 2576	Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Programme\Sony\Sony PC Companion\PCCService.exe
15:37:37.0593 2576	Sony PC Companion - ok
15:37:37.0609 2576	Sparrow - ok
15:37:37.0656 2576	splitter        (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
15:37:37.0859 2576	splitter - ok
15:37:37.0937 2576	Spooler         (54e7113a4bd696e430919bcaf5c65e06) C:\WINDOWS\system32\spoolsv.exe
15:37:38.0125 2576	Spooler - ok
15:37:38.0187 2576	sr              (e4200cb2f418d8fc4acdd7e38c419d6a) C:\WINDOWS\system32\DRIVERS\sr.sys
15:37:38.0328 2576	sr - ok
15:37:38.0406 2576	srservice       (015f302c4cf961f20c3f98f3a7ca7917) C:\WINDOWS\system32\srsvc.dll
15:37:38.0578 2576	srservice - ok
15:37:38.0734 2576	Srv             (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
15:37:39.0031 2576	Srv - ok
15:37:39.0109 2576	SSDPSRV         (6fa03b462b2fffe2627171b7fe73ee29) C:\WINDOWS\System32\ssdpsrv.dll
15:37:39.0234 2576	SSDPSRV - ok
15:37:39.0390 2576	stisvc          (7e751068ada60fc77638622e86a7cd9e) C:\WINDOWS\system32\wiaservc.dll
15:37:39.0984 2576	stisvc - ok
15:37:40.0031 2576	streamip        (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:37:40.0218 2576	streamip - ok
15:37:40.0265 2576	swenum          (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:37:40.0484 2576	swenum - ok
15:37:40.0515 2576	swmidi          (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
15:37:40.0718 2576	swmidi - ok
15:37:40.0734 2576	SwPrv - ok
15:37:40.0734 2576	symc810 - ok
15:37:40.0750 2576	symc8xx - ok
15:37:40.0765 2576	sym_hi - ok
15:37:40.0765 2576	sym_u3 - ok
15:37:40.0828 2576	sysaudio        (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
15:37:41.0046 2576	sysaudio - ok
15:37:41.0125 2576	SysmonLog       (6d0c43df9d3a7c5a9b4f94772cbd5ddc) C:\WINDOWS\system32\smlogsvc.exe
15:37:41.0343 2576	SysmonLog - ok
15:37:41.0468 2576	TapiSrv         (4584e2a5fe662ab3e7c32936e1449043) C:\WINDOWS\System32\tapisrv.dll
15:37:41.0765 2576	TapiSrv - ok
15:37:41.0921 2576	Tcpip           (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:37:42.0171 2576	Tcpip - ok
15:37:42.0218 2576	TDPIPE          (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:37:42.0421 2576	TDPIPE - ok
15:37:42.0453 2576	TDTCP           (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
15:37:42.0656 2576	TDTCP - ok
15:37:42.0703 2576	TermDD          (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:37:42.0921 2576	TermDD - ok
15:37:43.0250 2576	TermService     (1850bc10de5dcccede063fc2d0f2ceda) C:\WINDOWS\System32\termsrv.dll
15:37:43.0578 2576	TermService - ok
15:37:43.0671 2576	Themes          (bac5f7f0c2b8c1b9832594851e0f9914) C:\WINDOWS\System32\shsvcs.dll
15:37:43.0859 2576	Themes - ok
15:37:43.0859 2576	TosIde - ok
15:37:43.0906 2576	TrkWks          (a34e894201d66e380e1fa96fe11b587e) C:\WINDOWS\system32\trkwks.dll
15:37:44.0140 2576	TrkWks - ok
15:37:44.0203 2576	Udfs            (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
15:37:44.0437 2576	Udfs - ok
15:37:44.0453 2576	ultra - ok
15:37:44.0546 2576	Update          (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
15:37:45.0078 2576	Update - ok
15:37:45.0171 2576	upnphost        (09d4a2d7c5a8abec227d118765faaddf) C:\WINDOWS\System32\upnphost.dll
15:37:45.0328 2576	upnphost - ok
15:37:45.0343 2576	UPS             (a99f867e76cfdaa28ee305b93f70e84f) C:\WINDOWS\System32\ups.exe
15:37:45.0625 2576	UPS - ok
15:37:45.0687 2576	usbaudio        (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
15:37:45.0890 2576	usbaudio - ok
15:37:45.0953 2576	usbccgp         (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:37:46.0171 2576	usbccgp - ok
15:37:46.0421 2576	usbehci         (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:37:46.0625 2576	usbehci - ok
15:37:46.0687 2576	usbhub          (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:37:47.0218 2576	usbhub - ok
15:37:47.0265 2576	usbohci         (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:37:47.0468 2576	usbohci - ok
15:37:47.0531 2576	USBSTOR         (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:37:47.0750 2576	USBSTOR - ok
15:37:47.0781 2576	usbuhci         (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:37:48.0000 2576	usbuhci - ok
15:37:48.0046 2576	VgaSave         (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
15:37:48.0390 2576	VgaSave - ok
15:37:48.0484 2576	ViaIde - ok
15:37:48.0656 2576	VolSnap         (d6888520ff56d72a50437e371ca25fc9) C:\WINDOWS\system32\drivers\VolSnap.sys
15:37:48.0875 2576	VolSnap - ok
15:37:49.0000 2576	VSS             (6635ecbf0d8090dc3a452d0d072b5d5b) C:\WINDOWS\System32\vssvc.exe
15:37:49.0218 2576	VSS - ok
15:37:49.0343 2576	W32Time         (c6d874cd2a5b83cd11cdebd28a638584) C:\WINDOWS\system32\w32time.dll
15:37:49.0921 2576	W32Time - ok
15:37:49.0984 2576	Wanarp          (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:37:50.0203 2576	Wanarp - ok
15:37:50.0437 2576	Wdf01000        (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
15:37:50.0687 2576	Wdf01000 - ok
15:37:50.0687 2576	WDICA - ok
15:37:50.0750 2576	wdmaud          (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
15:37:51.0203 2576	wdmaud - ok
15:37:51.0265 2576	WebClient       (1eb51feea9d3208eae60604f4346c02e) C:\WINDOWS\System32\webclnt.dll
15:37:51.0593 2576	WebClient - ok
15:37:51.0843 2576	winmgmt         (da2dadb42916e59c6e4bba593bccda73) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:37:52.0093 2576	winmgmt - ok
15:37:52.0140 2576	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:37:52.0203 2576	WmdmPmSN - ok
15:37:52.0296 2576	WmiApSrv        (042a78fcd1adfb0fba9865d55c6f5cc1) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:37:52.0562 2576	WmiApSrv - ok
15:37:52.0609 2576	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
15:37:52.0640 2576	WpdUsb - ok
15:37:52.0734 2576	wscsvc          (bd3561aae748150cf51c2ca876449ea7) C:\WINDOWS\system32\wscsvc.dll
15:37:52.0953 2576	wscsvc - ok
15:37:53.0015 2576	WSTCODEC        (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:37:53.0218 2576	WSTCODEC - ok
15:37:53.0265 2576	wuauserv        (1eddd5c0ecf3fa6edfd8a25b2b4e7df6) C:\WINDOWS\system32\wuauserv.dll
15:37:53.0468 2576	wuauserv - ok
15:37:53.0546 2576	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:37:53.0812 2576	WudfPf - ok
15:37:53.0968 2576	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:37:54.0031 2576	WudfRd - ok
15:37:54.0078 2576	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:37:54.0125 2576	WudfSvc - ok
15:37:54.0562 2576	WZCSVC          (ae83ada96575dacf533c2bcb1fc163dc) C:\WINDOWS\System32\wzcsvc.dll
15:37:54.0953 2576	WZCSVC - ok
15:37:55.0015 2576	xmlprov         (8302de1c64618d72346dd0034dbc5d9b) C:\WINDOWS\System32\xmlprov.dll
15:37:55.0250 2576	xmlprov - ok
15:37:55.0296 2576	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
15:37:55.0578 2576	\Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:37:55.0578 2576	\Device\Harddisk0\DR0 - detected TDSS File System (1)
15:37:55.0578 2576	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
15:37:55.0671 2576	\Device\Harddisk1\DR1 - ok
15:37:55.0718 2576	Boot (0x1200)   (a9195009246e6410ff96c613a32119e7) \Device\Harddisk0\DR0\Partition0
15:37:55.0718 2576	\Device\Harddisk0\DR0\Partition0 - ok
15:37:55.0718 2576	Boot (0x1200)   (1d33da686c50fbeddca4b5b05e85c498) \Device\Harddisk1\DR1\Partition0
15:37:55.0718 2576	\Device\Harddisk1\DR1\Partition0 - ok
15:37:55.0718 2576	============================================================
15:37:55.0718 2576	Scan finished
15:37:55.0718 2576	============================================================
15:37:55.0859 2968	Detected object count: 4
15:37:55.0859 2968	Actual detected object count: 4
15:38:32.0375 2968	BEHRINGER_2902 ( UnsignedFile.Multi.Generic ) - skipped by user
15:38:32.0375 2968	BEHRINGER_2902 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:38:32.0406 2968	cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user
15:38:32.0406 2968	cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:38:32.0406 2968	cmpci ( UnsignedFile.Multi.Generic ) - skipped by user
15:38:32.0406 2968	cmpci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:38:32.0406 2968	\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:38:32.0406 2968	\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

cosinus · 07.05.2012, 15:33

Zitat:

15:38:32.0406 2968 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:38:32.0406 2968 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Das TDSS File System bitte mit dem TDSS-Killer löschen lassen, starte Windows danach neu und mach ein neues Log mit diesem Tool. Poste es wieder mit CODE-Tags umschlossen.

frusciante · 07.05.2012, 15:51

Sorry aber ich weiß gerade nicht so recht was und wie ich das machen soll.

soll ich jetzt nur die 2 Sachen löschen?
15:38:32.0406 2968 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:38:32.0406 2968 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

wenn ja wie mach ich das mit dem TDSS-Killer? oder soll ich alle im Programm gefundenen Objekte löschen?

cosinus · 07.05.2012, 18:39

Du musst den TDSS-Killer nochmal scannen lassen, wenn die Ergebnisse angezeigt werden alles skippen, nur das TDSS Files System löschen

frusciante · 08.05.2012, 18:14

Code:

ATTFilter

19:11:40.0859 4060	TDSS rootkit removing tool 2.7.34.0 May  2 2012 09:59:18
19:11:41.0296 4060	============================================================
19:11:41.0296 4060	Current date / time: 2012/05/08 19:11:41.0296
19:11:41.0296 4060	SystemInfo:
19:11:41.0296 4060	
19:11:41.0296 4060	OS Version: 5.1.2600 ServicePack: 2.0
19:11:41.0296 4060	Product type: Workstation
19:11:41.0296 4060	ComputerName: FREUDENHAUS
19:11:41.0296 4060	UserName: caro
19:11:41.0296 4060	Windows directory: C:\WINDOWS
19:11:41.0296 4060	System windows directory: C:\WINDOWS
19:11:41.0296 4060	Processor architecture: Intel x86
19:11:41.0296 4060	Number of processors: 1
19:11:41.0296 4060	Page size: 0x1000
19:11:41.0296 4060	Boot type: Normal boot
19:11:41.0296 4060	============================================================
19:11:43.0906 4060	Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:11:43.0921 4060	Drive \Device\Harddisk1\DR1 - Size: 0xE51424000 (57.27 Gb), SectorSize: 0x200, Cylinders: 0x1D34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:11:43.0921 4060	============================================================
19:11:43.0921 4060	\Device\Harddisk0\DR0:
19:11:43.0921 4060	MBR partitions:
19:11:43.0921 4060	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
19:11:43.0921 4060	\Device\Harddisk1\DR1:
19:11:43.0921 4060	MBR partitions:
19:11:43.0921 4060	\Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7285D34
19:11:43.0921 4060	============================================================
19:11:44.0343 4060	C: <-> \Device\Harddisk0\DR0\Partition0
19:11:44.0406 4060	D: <-> \Device\Harddisk1\DR1\Partition0
19:11:44.0437 4060	============================================================
19:11:44.0437 4060	Initialize success
19:11:44.0437 4060	============================================================
19:11:48.0890 0236	============================================================
19:11:48.0890 0236	Scan started
19:11:48.0890 0236	Mode: Manual; SigCheck; TDLFS; 
19:11:48.0890 0236	============================================================
19:11:49.0734 0236	Abiosdsk - ok
19:11:49.0781 0236	abp480n5 - ok
19:11:49.0921 0236	ACPI            (94b4741d2cf9ed38140b831293d1601a) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:11:55.0578 0236	ACPI - ok
19:11:55.0640 0236	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:11:55.0953 0236	ACPIEC - ok
19:11:55.0953 0236	adpu160m - ok
19:11:56.0062 0236	aec             (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
19:11:56.0359 0236	aec - ok
19:11:56.0453 0236	AFD             (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
19:11:56.0531 0236	AFD - ok
19:11:56.0609 0236	agp440          (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:11:56.0875 0236	agp440 - ok
19:11:56.0875 0236	Aha154x - ok
19:11:56.0890 0236	aic78u2 - ok
19:11:56.0906 0236	aic78xx - ok
19:11:56.0953 0236	Alerter         (1aab6c5f8376357cb9b16c38c42c4076) C:\WINDOWS\system32\alrsvc.dll
19:11:57.0343 0236	Alerter - ok
19:11:57.0390 0236	ALG             (6596dd260ffde1bdc994c1df236307bb) C:\WINDOWS\System32\alg.exe
19:11:57.0546 0236	ALG - ok
19:11:57.0546 0236	AliIde - ok
19:11:57.0562 0236	amsint - ok
19:11:57.0578 0236	AppMgmt - ok
19:11:57.0671 0236	Arp1394         (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:11:57.0953 0236	Arp1394 - ok
19:11:57.0968 0236	asc - ok
19:11:57.0984 0236	asc3350p - ok
19:11:58.0000 0236	asc3550 - ok
19:11:58.0031 0236	AsyncMac        (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:11:58.0281 0236	AsyncMac - ok
19:11:58.0359 0236	atapi           (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:11:58.0625 0236	atapi - ok
19:11:58.0640 0236	Atdisk - ok
19:11:58.0750 0236	Atmarpc         (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:11:59.0015 0236	Atmarpc - ok
19:11:59.0296 0236	AudioSrv        (e98b8250398f6637b335a76ba8dfb602) C:\WINDOWS\System32\audiosrv.dll
19:11:59.0703 0236	AudioSrv - ok
19:11:59.0890 0236	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:12:00.0593 0236	audstub - ok
19:12:00.0671 0236	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:12:01.0062 0236	Beep - ok
19:12:01.0265 0236	BEHRINGER_2902  (4ee79dc79d821500d5174047a9af708c) C:\WINDOWS\system32\Drivers\BUSB2902.sys
19:12:01.0593 0236	BEHRINGER_2902 ( UnsignedFile.Multi.Generic ) - warning
19:12:01.0593 0236	BEHRINGER_2902 - detected UnsignedFile.Multi.Generic (1)
19:12:02.0031 0236	BITS            (3a5e54a9ab96ef2d273b58136fb58efe) C:\WINDOWS\system32\qmgr.dll
19:12:04.0234 0236	BITS - ok
19:12:04.0609 0236	Browser         (d8653dcd80cf2ebb333fc4fcc43a7def) C:\WINDOWS\System32\browser.dll
19:12:04.0921 0236	Browser - ok
19:12:04.0968 0236	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:12:05.0296 0236	cbidf2k - ok
19:12:05.0359 0236	CCDECODE        (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:12:05.0625 0236	CCDECODE - ok
19:12:05.0640 0236	cd20xrnt - ok
19:12:05.0671 0236	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:12:05.0937 0236	Cdaudio - ok
19:12:06.0015 0236	Cdfs            (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
19:12:06.0421 0236	Cdfs - ok
19:12:07.0000 0236	Cdrom           (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:12:09.0203 0236	Cdrom - ok
19:12:09.0265 0236	cercsr6         (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
19:12:09.0296 0236	cercsr6 ( UnsignedFile.Multi.Generic ) - warning
19:12:09.0296 0236	cercsr6 - detected UnsignedFile.Multi.Generic (1)
19:12:09.0312 0236	Changer - ok
19:12:09.0359 0236	CiSvc           (234d52c63c67a8cf4af9becce43bfb4a) C:\WINDOWS\system32\cisvc.exe
19:12:09.0796 0236	CiSvc - ok
19:12:09.0828 0236	ClipSrv         (0461868578d29dc18fb1c79933c5158a) C:\WINDOWS\system32\clipsrv.exe
19:12:10.0125 0236	ClipSrv - ok
19:12:10.0125 0236	CmdIde - ok
19:12:10.0296 0236	cmpci           (5ae0fe76e8487d1966a852c135c07142) C:\WINDOWS\system32\drivers\cmaudio.sys
19:12:10.0546 0236	cmpci ( UnsignedFile.Multi.Generic ) - warning
19:12:10.0546 0236	cmpci - detected UnsignedFile.Multi.Generic (1)
19:12:10.0546 0236	COMSysApp - ok
19:12:10.0562 0236	Cpqarray - ok
19:12:10.0640 0236	CryptSvc        (1a5f9db98df7955b4c7cbdbf2c638238) C:\WINDOWS\System32\cryptsvc.dll
19:12:11.0187 0236	CryptSvc - ok
19:12:11.0187 0236	dac2w2k - ok
19:12:11.0203 0236	dac960nt - ok
19:12:11.0406 0236	DcomLaunch      (d45bbcddc74a1b0259a0c4b00c190d20) C:\WINDOWS\system32\rpcss.dll
19:12:11.0843 0236	DcomLaunch - ok
19:12:11.0937 0236	Dhcp            (69f986b2688ba95a0d9362b0e233d5ff) C:\WINDOWS\System32\dhcpcsvc.dll
19:12:12.0500 0236	Dhcp - ok
19:12:12.0578 0236	Disk            (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
19:12:12.0843 0236	Disk - ok
19:12:12.0859 0236	dmadmin - ok
19:12:13.0203 0236	dmboot          (5789b83ba87fc84c3568cf86cacef8ce) C:\WINDOWS\system32\drivers\dmboot.sys
19:12:14.0515 0236	dmboot - ok
19:12:14.0625 0236	dmio            (084eb0a50a4f7b4705c8a57f234e5291) C:\WINDOWS\system32\drivers\dmio.sys
19:12:14.0921 0236	dmio - ok
19:12:15.0203 0236	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:12:15.0484 0236	dmload - ok
19:12:15.0546 0236	dmserver        (fa2d9d1a9f6b5a88d01e1685ce2378ba) C:\WINDOWS\System32\dmserver.dll
19:12:15.0843 0236	dmserver - ok
19:12:15.0921 0236	DMusic          (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
19:12:16.0281 0236	DMusic - ok
19:12:16.0359 0236	Dnscache        (d1f5b71bbaeee07b78980dbd878c0bc7) C:\WINDOWS\System32\dnsrslvr.dll
19:12:16.0875 0236	Dnscache - ok
19:12:16.0875 0236	dpti2o - ok
19:12:16.0921 0236	drmkaud         (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
19:12:17.0218 0236	drmkaud - ok
19:12:17.0343 0236	ERSvc           (877a4512cc9074d6954776af47021766) C:\WINDOWS\System32\ersvc.dll
19:12:17.0656 0236	ERSvc - ok
19:12:20.0015 0236	Eventlog        (65f6b774819bd727358157cedea67b8e) C:\WINDOWS\system32\services.exe
19:12:20.0484 0236	Eventlog - ok
19:12:20.0625 0236	EventSystem     (d68ed3908c7a0db446111d34ac40dc18) C:\WINDOWS\system32\es.dll
19:12:20.0765 0236	EventSystem - ok
19:12:21.0046 0236	Fastfat         (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
19:12:21.0312 0236	Fastfat - ok
19:12:21.0390 0236	FastUserSwitchingCompatibility (bac5f7f0c2b8c1b9832594851e0f9914) C:\WINDOWS\System32\shsvcs.dll
19:12:21.0953 0236	FastUserSwitchingCompatibility - ok
19:12:22.0000 0236	Fdc             (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:12:22.0265 0236	Fdc - ok
19:12:22.0390 0236	Fips            (9e9af89f9b14aa6249065c309ce73bd8) C:\WINDOWS\system32\drivers\Fips.sys
19:12:22.0640 0236	Fips - ok
19:12:22.0718 0236	Flpydisk        (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:12:23.0046 0236	Flpydisk - ok
19:12:23.0406 0236	FltMgr          (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:12:23.0687 0236	FltMgr - ok
19:12:24.0171 0236	FSDFWD          (7cd27e80dfd22f02fbda47b706aba0f2) C:\Programme\Kabel Deutschland\Sicherheitspaket\FWES\Program\fsdfwd.exe
19:12:24.0500 0236	FSDFWD - ok
19:12:24.0562 0236	FSFW            (fe5918f5c839f7bbf74fb91743dd4262) C:\WINDOWS\system32\drivers\fsdfw.sys
19:12:24.0609 0236	FSFW - ok
19:12:25.0203 0236	FSMA            (8a556a81e9ff95bd9eb7207783e8fcf4) C:\Programme\Kabel Deutschland\Sicherheitspaket\Common\FSMA32.EXE
19:12:25.0296 0236	FSMA - ok
19:12:25.0390 0236	FSORSPClient    (4a2959c876621be4d7c973f63099bc6e) C:\Programme\Kabel Deutschland\Sicherheitspaket\ORSP Client\fsorsp.exe
19:12:25.0421 0236	FSORSPClient - ok
19:12:25.0468 0236	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:12:25.0734 0236	Fs_Rec - ok
19:12:25.0828 0236	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:12:26.0156 0236	Ftdisk - ok
19:12:26.0203 0236	gameenum        (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:12:26.0437 0236	gameenum - ok
19:12:26.0515 0236	ggflt           (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
19:12:26.0546 0236	ggflt - ok
19:12:26.0609 0236	ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
19:12:26.0625 0236	ggsemc - ok
19:12:26.0687 0236	Gpc             (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:12:27.0031 0236	Gpc - ok
19:12:27.0281 0236	gusvc           (c1b577b2169900f4cf7190c39f085794) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
19:12:27.0625 0236	gusvc - ok
19:12:28.0328 0236	helpsvc         (ba85bcf1a2bcf927c3600574173403e0) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:12:29.0359 0236	helpsvc - ok
19:12:29.0390 0236	HidServ         (b647ca198b9c73056abfb0a9d8f4916d) C:\WINDOWS\System32\hidserv.dll
19:12:29.0859 0236	HidServ - ok
19:12:30.0187 0236	hidusb          (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:12:30.0750 0236	hidusb - ok
19:12:30.0750 0236	hpn - ok
19:12:31.0218 0236	HTTP            (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
19:12:31.0625 0236	HTTP - ok
19:12:31.0671 0236	HTTPFilter      (9ec7e866bbdbf3ecc0e67f4e0a838eb2) C:\WINDOWS\System32\w3ssl.dll
19:12:32.0078 0236	HTTPFilter - ok
19:12:32.0078 0236	i2omgmt - ok
19:12:32.0093 0236	i2omp - ok
19:12:32.0515 0236	i8042prt        (7c575018d0413440d75432a78b88c899) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:12:33.0125 0236	i8042prt - ok
19:12:33.0203 0236	Imapi           (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:12:33.0453 0236	Imapi - ok
19:12:33.0796 0236	ImapiService    (57d7267a9ed91ecaf4336b08c9628fca) C:\WINDOWS\system32\imapi.exe
19:12:34.0156 0236	ImapiService - ok
19:12:34.0171 0236	ini910u - ok
19:12:34.0437 0236	IntelIde        (d63c33f65f6ebc732116403d88883b2d) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:12:34.0734 0236	IntelIde - ok
19:12:34.0859 0236	Ip6Fw           (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:12:35.0125 0236	Ip6Fw - ok
19:12:35.0250 0236	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:12:35.0578 0236	IpFilterDriver - ok
19:12:35.0718 0236	IpInIp          (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:12:36.0015 0236	IpInIp - ok
19:12:36.0390 0236	IpNat           (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:12:36.0687 0236	IpNat - ok
19:12:36.0906 0236	IPSec           (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:12:37.0296 0236	IPSec - ok
19:12:37.0421 0236	IRENUM          (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:12:37.0578 0236	IRENUM - ok
19:12:37.0734 0236	isapnp          (ce9b7afdf0a3d7dd8d1487262316b959) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:12:38.0000 0236	isapnp - ok
19:12:39.0453 0236	JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Programme\Java\jre6\bin\jqs.exe
19:12:39.0515 0236	JavaQuickStarterService - ok
19:12:39.0828 0236	Kbdclass        (b128fc0a5cd83f669d5de4b58f77c7d6) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:12:40.0140 0236	Kbdclass - ok
19:12:40.0937 0236	kmixer          (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
19:12:41.0265 0236	kmixer - ok
19:12:41.0734 0236	KSecDD          (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
19:12:41.0968 0236	KSecDD - ok
19:12:42.0296 0236	lanmanserver    (f8170aa51cd202bc062b8a0983f361b7) C:\WINDOWS\System32\srvsvc.dll
19:12:42.0546 0236	lanmanserver - ok
19:12:42.0640 0236	lanmanworkstation (f716a6f5babb6da60c0532510ab52245) C:\WINDOWS\System32\wkssvc.dll
19:12:42.0750 0236	lanmanworkstation - ok
19:12:42.0750 0236	lbrtfdc - ok
19:12:42.0921 0236	LmHosts         (4c25fadd7fe1d5bd779b20d3d0eb8d7c) C:\WINDOWS\System32\lmhsvc.dll
19:12:43.0187 0236	LmHosts - ok
19:12:43.0250 0236	LVPr2Mon        (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
19:12:43.0281 0236	LVPr2Mon - ok
19:12:43.0484 0236	LVPrcSrv        (0ddfdcaa92c7f553328db06ba599bea9) C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
19:12:43.0562 0236	LVPrcSrv - ok
19:12:43.0703 0236	LVRS            (87ecce893d8aec5a9337b917742d339c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
19:12:43.0828 0236	LVRS - ok
19:12:43.0875 0236	MBAMSwissArmy   (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
19:12:43.0921 0236	MBAMSwissArmy - ok
19:12:43.0984 0236	Messenger       (e5215ab942c5ac5f7eb0e54871d7a27c) C:\WINDOWS\System32\msgsvc.dll
19:12:44.0312 0236	Messenger - ok
19:12:44.0375 0236	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:12:44.0593 0236	mnmdd - ok
19:12:44.0640 0236	mnmsrvc         (bb2470d20405b272ea47ca5e18f1c58e) C:\WINDOWS\system32\mnmsrvc.exe
19:12:44.0875 0236	mnmsrvc - ok
19:12:45.0406 0236	Modem           (91a3da4b12f6f1d760463a7f7857f748) C:\WINDOWS\system32\drivers\Modem.sys
19:12:45.0656 0236	Modem - ok
19:12:45.0687 0236	Mouclass        (71e15ca47fd947552054afb28536268f) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:12:45.0937 0236	Mouclass - ok
19:12:45.0984 0236	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:12:46.0203 0236	mouhid - ok
19:12:46.0250 0236	MountMgr        (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
19:12:46.0484 0236	MountMgr - ok
19:12:46.0578 0236	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
19:12:46.0640 0236	MozillaMaintenance - ok
19:12:46.0640 0236	mraid35x - ok
19:12:46.0765 0236	MRxDAV          (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:12:47.0031 0236	MRxDAV - ok
19:12:47.0250 0236	MRxSmb          (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:12:47.0531 0236	MRxSmb - ok
19:12:47.0562 0236	MSDTC           (d059f9c7752ef461476e83180daa5c62) C:\WINDOWS\system32\msdtc.exe
19:12:47.0812 0236	MSDTC - ok
19:12:47.0875 0236	Msfs            (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
19:12:48.0125 0236	Msfs - ok
19:12:48.0140 0236	MSIServer - ok
19:12:48.0187 0236	MSKSSRV         (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:12:48.0406 0236	MSKSSRV - ok
19:12:48.0421 0236	MSPCLOCK        (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:12:48.0656 0236	MSPCLOCK - ok
19:12:48.0671 0236	MSPQM           (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
19:12:48.0921 0236	MSPQM - ok
19:12:48.0984 0236	mssmbios        (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:12:49.0265 0236	mssmbios - ok
19:12:49.0312 0236	MSTEE           (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
19:12:49.0515 0236	MSTEE - ok
19:12:49.0562 0236	ms_mpu401       (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
19:12:49.0781 0236	ms_mpu401 - ok
19:12:49.0843 0236	Mup             (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
19:12:50.0078 0236	Mup - ok
19:12:50.0156 0236	NABTSFEC        (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:12:50.0406 0236	NABTSFEC - ok
19:12:50.0515 0236	NDIS            (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
19:12:50.0828 0236	NDIS - ok
19:12:50.0875 0236	NdisIP          (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:12:51.0078 0236	NdisIP - ok
19:12:51.0140 0236	NdisTapi        (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:12:51.0375 0236	NdisTapi - ok
19:12:51.0437 0236	Ndisuio         (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:12:51.0687 0236	Ndisuio - ok
19:12:51.0796 0236	NdisWan         (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:12:52.0265 0236	NdisWan - ok
19:12:52.0343 0236	NDProxy         (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
19:12:52.0593 0236	NDProxy - ok
19:12:52.0656 0236	NetBIOS         (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:12:52.0906 0236	NetBIOS - ok
19:12:53.0015 0236	NetBT           (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:12:53.0328 0236	NetBT - ok
19:12:53.0437 0236	NetDDE          (f4eff57254f565f39b6029150414a0d5) C:\WINDOWS\system32\netdde.exe
19:12:53.0734 0236	NetDDE - ok
19:12:53.0765 0236	NetDDEdsdm      (f4eff57254f565f39b6029150414a0d5) C:\WINDOWS\system32\netdde.exe
19:12:54.0031 0236	NetDDEdsdm - ok
19:12:54.0078 0236	Netlogon        (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
19:12:54.0312 0236	Netlogon - ok
19:12:54.0468 0236	Netman          (cdf4da6b518105343fe9e8afbbf8fbf4) C:\WINDOWS\System32\netman.dll
19:12:54.0781 0236	Netman - ok
19:12:54.0859 0236	NIC1394         (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:12:55.0140 0236	NIC1394 - ok
19:12:55.0281 0236	Nla             (774274c487493452df3b0126dbe7ff3b) C:\WINDOWS\System32\mswsock.dll
19:12:55.0484 0236	Nla - ok
19:12:55.0546 0236	nm              (60cf8c7192b3614f240838ddbaa4a245) C:\WINDOWS\system32\DRIVERS\NMnt.sys
19:12:55.0781 0236	nm - ok
19:12:55.0843 0236	Npfs            (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
19:12:56.0078 0236	Npfs - ok
19:12:56.0421 0236	Ntfs            (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
19:12:56.0953 0236	Ntfs - ok
19:12:56.0968 0236	NtLmSsp         (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
19:12:57.0234 0236	NtLmSsp - ok
19:12:57.0468 0236	NtmsSvc         (428aa946a8d9f32dbb4260c8e6e13377) C:\WINDOWS\system32\ntmssvc.dll
19:12:58.0015 0236	NtmsSvc - ok
19:12:58.0078 0236	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:12:58.0328 0236	Null - ok
19:12:58.0718 0236	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:12:58.0953 0236	NwlnkFlt - ok
19:12:59.0046 0236	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:12:59.0390 0236	NwlnkFwd - ok
19:12:59.0484 0236	ohci1394        (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:12:59.0750 0236	ohci1394 - ok
19:12:59.0828 0236	Parport         (b2f17a2edb5450e61973a037f63a595b) C:\WINDOWS\system32\DRIVERS\parport.sys
19:13:00.0171 0236	Parport - ok
19:13:00.0437 0236	PartMgr         (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
19:13:00.0671 0236	PartMgr - ok
19:13:00.0703 0236	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
19:13:01.0000 0236	ParVdm - ok
19:13:01.0078 0236	PCI             (6fb463e5b243fbd6f3d3c83f914d94fb) C:\WINDOWS\system32\DRIVERS\pci.sys
19:13:01.0343 0236	PCI - ok
19:13:01.0375 0236	PCIDump - ok
19:13:01.0406 0236	PCIIde - ok
19:13:01.0515 0236	Pcmcia          (e2363f4c1daff89abee5f593e13d8a05) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:13:01.0781 0236	Pcmcia - ok
19:13:01.0812 0236	PDCOMP - ok
19:13:01.0859 0236	PDFRAME - ok
19:13:01.0906 0236	PDRELI - ok
19:13:01.0937 0236	PDRFRAME - ok
19:13:02.0031 0236	pepifilter      (b20f958b207e6aaac5f70d04dd2c30d8) C:\WINDOWS\system32\DRIVERS\lv302af.sys
19:13:02.0046 0236	pepifilter - ok
19:13:02.0078 0236	perc2 - ok
19:13:02.0234 0236	perc2hib - ok
19:13:02.0328 0236	pgusbmme        (b2ac1295446d1acff2e499134f0572ce) C:\WINDOWS\system32\drivers\pgusbmm3.sys
19:13:02.0359 0236	pgusbmme - ok
19:13:02.0546 0236	pgusbwdm        (14de008c4c5548c52168d7498ce2858d) C:\WINDOWS\system32\Drivers\pgusbwdm.sys
19:13:02.0859 0236	pgusbwdm - ok
19:13:04.0390 0236	PID_PEPI        (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
19:13:06.0687 0236	PID_PEPI - ok
19:13:07.0890 0236	PlugPlay        (65f6b774819bd727358157cedea67b8e) C:\WINDOWS\system32\services.exe
19:13:08.0046 0236	PlugPlay - ok
19:13:08.0093 0236	PolicyAgent     (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
19:13:08.0359 0236	PolicyAgent - ok
19:13:08.0718 0236	PptpMiniport    (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:13:09.0906 0236	PptpMiniport - ok
19:13:10.0046 0236	ProtectedStorage (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
19:13:10.0328 0236	ProtectedStorage - ok
19:13:10.0390 0236	PSched          (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
19:13:10.0656 0236	PSched - ok
19:13:10.0703 0236	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:13:10.0937 0236	Ptilink - ok
19:13:11.0015 0236	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:13:11.0031 0236	PxHelp20 - ok
19:13:11.0046 0236	ql1080 - ok
19:13:11.0062 0236	Ql10wnt - ok
19:13:11.0062 0236	ql12160 - ok
19:13:11.0078 0236	ql1240 - ok
19:13:11.0093 0236	ql1280 - ok
19:13:11.0218 0236	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:13:11.0515 0236	RasAcd - ok
19:13:11.0609 0236	RasAuto         (e3c6e87c1f84584a773d7c3dd205dbff) C:\WINDOWS\System32\rasauto.dll
19:13:12.0218 0236	RasAuto - ok
19:13:12.0718 0236	Rasl2tp         (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:13:13.0828 0236	Rasl2tp - ok
19:13:14.0609 0236	RasMan          (a5d2d745a2aefa327dca6da317b5fd70) C:\WINDOWS\System32\rasmans.dll
19:13:14.0890 0236	RasMan - ok
19:13:15.0046 0236	RasPppoe        (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:13:15.0421 0236	RasPppoe - ok
19:13:15.0468 0236	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:13:15.0828 0236	Raspti - ok
19:13:16.0500 0236	Rdbss           (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:13:16.0890 0236	Rdbss - ok
19:13:17.0000 0236	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:13:17.0312 0236	RDPCDD - ok
19:13:18.0156 0236	RDPWD           (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
19:13:18.0828 0236	RDPWD - ok
19:13:19.0828 0236	RDSessMgr       (aec159942df64a9890072d7bb1797762) C:\WINDOWS\system32\sessmgr.exe
19:13:20.0234 0236	RDSessMgr - ok
19:13:20.0593 0236	redbook         (aa56702e230860565cb8d43680f57f33) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:13:20.0984 0236	redbook - ok
19:13:21.0453 0236	RemoteAccess    (eba80cdf25e02084857957e820004934) C:\WINDOWS\System32\mprdim.dll
19:13:21.0859 0236	RemoteAccess - ok
19:13:22.0125 0236	RpcLocator      (da23f9f3f1b1871120f980a6879581ac) C:\WINDOWS\system32\locator.exe
19:13:22.0625 0236	RpcLocator - ok
19:13:25.0265 0236	RpcSs           (d45bbcddc74a1b0259a0c4b00c190d20) C:\WINDOWS\system32\rpcss.dll
19:13:25.0671 0236	RpcSs - ok
19:13:25.0765 0236	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
19:13:26.0109 0236	RSVP - ok
19:13:26.0171 0236	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:13:26.0453 0236	rtl8139 - ok
19:13:26.0531 0236	s1029bus        (69013a123a00b3042c260b0056df0152) C:\WINDOWS\system32\DRIVERS\s1029bus.sys
19:13:26.0578 0236	s1029bus - ok
19:13:26.0640 0236	s1029mdfl       (1565fc31f872963fe8af471123d8424c) C:\WINDOWS\system32\DRIVERS\s1029mdfl.sys
19:13:26.0656 0236	s1029mdfl - ok
19:13:26.0765 0236	s1029mdm        (d67a8042ecf6c983ac0e308b36603677) C:\WINDOWS\system32\DRIVERS\s1029mdm.sys
19:13:26.0843 0236	s1029mdm - ok
19:13:26.0937 0236	s1029mgmt       (9ac56f06c1e13a963c82ebd067fdf274) C:\WINDOWS\system32\DRIVERS\s1029mgmt.sys
19:13:27.0000 0236	s1029mgmt - ok
19:13:27.0046 0236	s1029nd5        (00c66c6baafb2747f15f94f15888c94a) C:\WINDOWS\system32\DRIVERS\s1029nd5.sys
19:13:27.0062 0236	s1029nd5 - ok
19:13:27.0187 0236	s1029obex       (6fc093aba554e45755dc2f3896b6c8d7) C:\WINDOWS\system32\DRIVERS\s1029obex.sys
19:13:27.0234 0236	s1029obex - ok
19:13:27.0296 0236	s1029unic       (9979b0e68815394665b2109b03d15fa1) C:\WINDOWS\system32\DRIVERS\s1029unic.sys
19:13:27.0406 0236	s1029unic - ok
19:13:27.0468 0236	SamSs           (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
19:13:27.0687 0236	SamSs - ok
19:13:27.0796 0236	SCardSvr        (b4cf7b42de6cfa6fde7d6af4daa55f57) C:\WINDOWS\System32\SCardSvr.exe
19:13:28.0656 0236	SCardSvr - ok
19:13:30.0000 0236	Schedule        (d5e73842f38e24457c63fef8ceffbe19) C:\WINDOWS\system32\schedsvc.dll
19:13:30.0437 0236	Schedule - ok
19:13:30.0500 0236	Secdrv          (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:13:30.0640 0236	Secdrv - ok
19:13:30.0687 0236	seclogon        (fed544b43903fb801b106f062110358a) C:\WINDOWS\System32\seclogon.dll
19:13:30.0937 0236	seclogon - ok
19:13:30.0968 0236	SENS            (ab74d986c1dd0d0c95b6ad37ec1e9f4f) C:\WINDOWS\system32\sens.dll
19:13:31.0203 0236	SENS - ok
19:13:31.0265 0236	serenum         (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:13:31.0515 0236	serenum - ok
19:13:31.0546 0236	Serial          (cd5b9995afcdb466c9efc048d167e3be) C:\WINDOWS\system32\DRIVERS\serial.sys
19:13:31.0765 0236	Serial - ok
19:13:31.0796 0236	Sfloppy         (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:13:32.0078 0236	Sfloppy - ok
19:13:32.0265 0236	SharedAccess    (9245420422e409a25c1410acb4244060) C:\WINDOWS\System32\ipnathlp.dll
19:13:32.0687 0236	SharedAccess - ok
19:13:32.0796 0236	ShellHWDetection (bac5f7f0c2b8c1b9832594851e0f9914) C:\WINDOWS\System32\shsvcs.dll
19:13:33.0218 0236	ShellHWDetection - ok
19:13:33.0218 0236	Simbad - ok
19:13:33.0265 0236	SLIP            (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:13:33.0484 0236	SLIP - ok
19:13:33.0781 0236	Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Programme\Sony\Sony PC Companion\PCCService.exe
19:13:33.0843 0236	Sony PC Companion - ok
19:13:33.0859 0236	Sparrow - ok
19:13:33.0906 0236	splitter        (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
19:13:34.0125 0236	splitter - ok
19:13:34.0234 0236	Spooler         (54e7113a4bd696e430919bcaf5c65e06) C:\WINDOWS\system32\spoolsv.exe
19:13:34.0468 0236	Spooler - ok
19:13:34.0640 0236	sr              (e4200cb2f418d8fc4acdd7e38c419d6a) C:\WINDOWS\system32\DRIVERS\sr.sys
19:13:34.0937 0236	sr - ok
19:13:35.0062 0236	srservice       (015f302c4cf961f20c3f98f3a7ca7917) C:\WINDOWS\system32\srsvc.dll
19:13:35.0296 0236	srservice - ok
19:13:35.0468 0236	Srv             (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
19:13:35.0703 0236	Srv - ok
19:13:35.0796 0236	SSDPSRV         (6fa03b462b2fffe2627171b7fe73ee29) C:\WINDOWS\System32\ssdpsrv.dll
19:13:35.0953 0236	SSDPSRV - ok
19:13:36.0093 0236	stisvc          (7e751068ada60fc77638622e86a7cd9e) C:\WINDOWS\system32\wiaservc.dll
19:13:36.0546 0236	stisvc - ok
19:13:36.0593 0236	streamip        (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:13:36.0812 0236	streamip - ok
19:13:36.0859 0236	swenum          (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:13:37.0140 0236	swenum - ok
19:13:37.0281 0236	swmidi          (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
19:13:37.0515 0236	swmidi - ok
19:13:37.0531 0236	SwPrv - ok
19:13:37.0531 0236	symc810 - ok
19:13:37.0546 0236	symc8xx - ok
19:13:37.0562 0236	sym_hi - ok
19:13:37.0578 0236	sym_u3 - ok
19:13:37.0640 0236	sysaudio        (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
19:13:38.0031 0236	sysaudio - ok
19:13:38.0125 0236	SysmonLog       (6d0c43df9d3a7c5a9b4f94772cbd5ddc) C:\WINDOWS\system32\smlogsvc.exe
19:13:38.0375 0236	SysmonLog - ok
19:13:38.0500 0236	TapiSrv         (4584e2a5fe662ab3e7c32936e1449043) C:\WINDOWS\System32\tapisrv.dll
19:13:38.0796 0236	TapiSrv - ok
19:13:38.0984 0236	Tcpip           (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:13:39.0328 0236	Tcpip - ok
19:13:39.0375 0236	TDPIPE          (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:13:39.0609 0236	TDPIPE - ok
19:13:39.0656 0236	TDTCP           (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
19:13:39.0875 0236	TDTCP - ok
19:13:39.0937 0236	TermDD          (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:13:40.0218 0236	TermDD - ok
19:13:40.0375 0236	TermService     (1850bc10de5dcccede063fc2d0f2ceda) C:\WINDOWS\System32\termsrv.dll
19:13:40.0718 0236	TermService - ok
19:13:40.0812 0236	Themes          (bac5f7f0c2b8c1b9832594851e0f9914) C:\WINDOWS\System32\shsvcs.dll
19:13:41.0015 0236	Themes - ok
19:13:41.0031 0236	TosIde - ok
19:13:41.0109 0236	TrkWks          (a34e894201d66e380e1fa96fe11b587e) C:\WINDOWS\system32\trkwks.dll
19:13:41.0390 0236	TrkWks - ok
19:13:41.0453 0236	Udfs            (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
19:13:41.0687 0236	Udfs - ok
19:13:41.0703 0236	ultra - ok
19:13:41.0843 0236	Update          (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
19:13:42.0125 0236	Update - ok
19:13:42.0281 0236	upnphost        (09d4a2d7c5a8abec227d118765faaddf) C:\WINDOWS\System32\upnphost.dll
19:13:42.0546 0236	upnphost - ok
19:13:42.0578 0236	UPS             (a99f867e76cfdaa28ee305b93f70e84f) C:\WINDOWS\System32\ups.exe
19:13:42.0812 0236	UPS - ok
19:13:42.0875 0236	usbaudio        (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
19:13:43.0109 0236	usbaudio - ok
19:13:43.0187 0236	usbccgp         (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:13:43.0421 0236	usbccgp - ok
19:13:43.0484 0236	usbehci         (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:13:43.0718 0236	usbehci - ok
19:13:43.0765 0236	usbhub          (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:13:44.0015 0236	usbhub - ok
19:13:44.0062 0236	usbohci         (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:13:44.0312 0236	usbohci - ok
19:13:44.0375 0236	USBSTOR         (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:13:44.0609 0236	USBSTOR - ok
19:13:44.0640 0236	usbuhci         (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:13:44.0875 0236	usbuhci - ok
19:13:44.0937 0236	VgaSave         (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
19:13:45.0203 0236	VgaSave - ok
19:13:45.0203 0236	ViaIde - ok
19:13:45.0312 0236	VolSnap         (d6888520ff56d72a50437e371ca25fc9) C:\WINDOWS\system32\drivers\VolSnap.sys
19:13:45.0546 0236	VolSnap - ok
19:13:45.0703 0236	VSS             (6635ecbf0d8090dc3a452d0d072b5d5b) C:\WINDOWS\System32\vssvc.exe
19:13:45.0937 0236	VSS - ok
19:13:46.0062 0236	W32Time         (c6d874cd2a5b83cd11cdebd28a638584) C:\WINDOWS\system32\w32time.dll
19:13:46.0406 0236	W32Time - ok
19:13:46.0468 0236	Wanarp          (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:13:46.0703 0236	Wanarp - ok
19:13:46.0937 0236	Wdf01000        (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
19:13:47.0328 0236	Wdf01000 - ok
19:13:47.0328 0236	WDICA - ok
19:13:47.0406 0236	wdmaud          (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
19:13:47.0640 0236	wdmaud - ok
19:13:47.0734 0236	WebClient       (1eb51feea9d3208eae60604f4346c02e) C:\WINDOWS\System32\webclnt.dll
19:13:47.0953 0236	WebClient - ok
19:13:48.0109 0236	winmgmt         (da2dadb42916e59c6e4bba593bccda73) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:13:48.0453 0236	winmgmt - ok
19:13:48.0515 0236	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:13:48.0578 0236	WmdmPmSN - ok
19:13:48.0671 0236	WmiApSrv        (042a78fcd1adfb0fba9865d55c6f5cc1) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:13:48.0921 0236	WmiApSrv - ok
19:13:48.0968 0236	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
19:13:49.0015 0236	WpdUsb - ok
19:13:49.0093 0236	wscsvc          (bd3561aae748150cf51c2ca876449ea7) C:\WINDOWS\system32\wscsvc.dll
19:13:49.0375 0236	wscsvc - ok
19:13:49.0437 0236	WSTCODEC        (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:13:49.0656 0236	WSTCODEC - ok
19:13:49.0718 0236	wuauserv        (1eddd5c0ecf3fa6edfd8a25b2b4e7df6) C:\WINDOWS\system32\wuauserv.dll
19:13:49.0937 0236	wuauserv - ok
19:13:50.0000 0236	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:13:50.0093 0236	WudfPf - ok
19:13:50.0140 0236	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:13:50.0281 0236	WudfRd - ok
19:13:50.0343 0236	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
19:13:50.0390 0236	WudfSvc - ok
19:13:50.0593 0236	WZCSVC          (ae83ada96575dacf533c2bcb1fc163dc) C:\WINDOWS\System32\wzcsvc.dll
19:13:51.0093 0236	WZCSVC - ok
19:13:51.0156 0236	xmlprov         (8302de1c64618d72346dd0034dbc5d9b) C:\WINDOWS\System32\xmlprov.dll
19:13:51.0937 0236	xmlprov - ok
19:13:52.0015 0236	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
19:13:52.0468 0236	\Device\Harddisk0\DR0 - ok
19:13:52.0468 0236	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
19:13:52.0562 0236	\Device\Harddisk1\DR1 - ok
19:13:52.0562 0236	Boot (0x1200)   (a9195009246e6410ff96c613a32119e7) \Device\Harddisk0\DR0\Partition0
19:13:52.0562 0236	\Device\Harddisk0\DR0\Partition0 - ok
19:13:52.0578 0236	Boot (0x1200)   (1d33da686c50fbeddca4b5b05e85c498) \Device\Harddisk1\DR1\Partition0
19:13:52.0578 0236	\Device\Harddisk1\DR1\Partition0 - ok
19:13:52.0578 0236	============================================================
19:13:52.0578 0236	Scan finished
19:13:52.0578 0236	============================================================
19:13:52.0734 0472	Detected object count: 3
19:13:52.0734 0472	Actual detected object count: 3

cosinus · 08.05.2012, 18:22

Ist unvollständig, die untere Zusammenfassung fehlt

frusciante · 08.05.2012, 19:11

19:15:00.0703 0472 BEHRINGER_2902 ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:00.0703 0472 BEHRINGER_2902 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:00.0703 0472 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:00.0703 0472 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:00.0718 0472 cmpci ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:00.0718 0472 cmpci ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:03.0000 0420 Deinitialize success

07.05.2012, 18:39	#27
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	PC arbeitet nicht mehr ordnungsgemäß-Fehlermeldungen server.exe, metinmetinmetin.exe bei PC Start Du musst den TDSS-Killer nochmal scannen lassen, wenn die Ergebnisse angezeigt werden alles skippen, nur das TDSS Files System löschen __________________ Logfiles bitte immer in CODE-Tags posten

08.05.2012, 18:22	#29
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	PC arbeitet nicht mehr ordnungsgemäß-Fehlermeldungen server.exe, metinmetinmetin.exe bei PC Start Ist unvollständig, die untere Zusammenfassung fehlt __________________ Logfiles bitte immer in CODE-Tags posten

PC arbeitet nicht mehr ordnungsgemäß-Fehlermeldungen server.exe, metinmetinmetin.exe bei PC Start

Plagegeister aller Art und deren Bekämpfung: PC arbeitet nicht mehr ordnungsgemäß-Fehlermeldungen server.exe, metinmetinmetin.exe bei PC Start