| |
| |||||||
Log-Analyse und Auswertung: Trojaner an Board? "http://www.searchnu.com/410" , wie werde ich wieder los?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.05.2012, 21:59
| #1 |
| |  Trojaner an Board? "http://www.searchnu.com/410" , wie werde ich wieder los? Hallo kann mir jemand weiterhelfen mit dem bekannten Problem searchnu.com/410 Besten Dank schon mal vorab Meine LOG-Files siehe unten:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 16.05.2012 22:38:04 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Dokumente und Einstellungen\user\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,49 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 63,83% Memory free
2,83 Gb Paging File | 2,48 Gb Available in Paging File | 87,62% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37,26 Gb Total Space | 2,92 Gb Free Space | 7,85% Space Free | Partition Type: NTFS
Drive D: | 6,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: USER-6AB9C91FD8 | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Programme\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [dm-Fotowelt] -- "C:\Programme\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\uTorrent\uTorrent.exe" = C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Programme\SopCast\SopCast.exe" = C:\Programme\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Programme\SopCast\adv\SopAdver.exe" = C:\Programme\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\7321891519.exe" = C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\7321891519.exe:*:Enabled:7321891519 -- ()
"C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\134106172159.exe" = C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\134106172159.exe:*:Enabled:134106172159 -- ()
"C:\Programme\Logitech\Vid HD\Vid.exe" = C:\Programme\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0E0479F8-180F-4054-B4F7-17EE657F90BF}" = TIPCI
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3676ED45-56F0-46F8-A069-99B64F689E3B}" = Dealio Toolbar v5.6
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43D2A1DD-69C9-4E86-8F51-4890A6263863}" = Kidizoom® PC Anwendungen
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E369B27-13E2-41A5-9879-358EE1C8B5AD}" = Broadcom Gigabit Integrated Controller
"{7EC19307-7C22-47A8-922B-3FA965291260}" = OpenOffice.org 3.0
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8C4F56A2-03D5-441B-B911-EC2604622D58}" = FormsForWeb® Filler
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B3B2E45F-A0FC-47C6-B399-72D9D8482C8A}" = Visual Basic for Applications (R) Core - German
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}" = CorelDRAW Graphics Suite X5 - DE
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{EA1CB7AC-E221-4822-A789-0ADB051DC498}" = Multi-Card Reader & Flash Disk
"{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1" = VshareComplete
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.92 Modem
"dm-Fotowelt" = dm-Fotowelt
"ElsterFormular 13.0.0.8086p" = ElsterFormular
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.12.1228
"ie8" = Windows Internet Explorer 8
"InstallShield_{0E0479F8-180F-4054-B4F7-17EE657F90BF}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Logitech Vid" = Logitech Vid HD
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Mein eigener Bauernhof_is1" = Mein eigener Bauernhof
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microtek ScanWizard V2.41" = Microtek ScanWizard V2.40
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SopCast" = SopCast 3.4.0
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 0.9.8a
"vShare.tv plugin" = vShare.tv plugin 1.3
"wbtooltb" = Webblog
"Windows Searchqu Toolbar" = Windows Searchqu Toolbar
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 6.14
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"xp-AntiSpy" = xp-AntiSpy 3.97-9
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 15.05.2012 09:42:00 | Computer Name = USER-6AB9C91FD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 15.05.2012 09:42:00 | Computer Name = USER-6AB9C91FD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5228468
Error - 15.05.2012 09:42:00 | Computer Name = USER-6AB9C91FD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5228468
Error - 16.05.2012 13:32:24 | Computer Name = USER-6AB9C91FD8 | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 16.05.2012 15:21:09 | Computer Name = USER-6AB9C91FD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 16.05.2012 15:21:09 | Computer Name = USER-6AB9C91FD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2078
Error - 16.05.2012 15:21:09 | Computer Name = USER-6AB9C91FD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2078
Error - 16.05.2012 15:21:11 | Computer Name = USER-6AB9C91FD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 16.05.2012 15:21:11 | Computer Name = USER-6AB9C91FD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4328
Error - 16.05.2012 15:21:11 | Computer Name = USER-6AB9C91FD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4328
[ System Events ]
Error - 13.05.2012 04:03:56 | Computer Name = USER-6AB9C91FD8 | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst Netman.
Error - 13.05.2012 12:22:20 | Computer Name = USER-6AB9C91FD8 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SMPLSCSI
Error - 14.05.2012 08:15:45 | Computer Name = USER-6AB9C91FD8 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SMPLSCSI
Error - 14.05.2012 12:41:29 | Computer Name = USER-6AB9C91FD8 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SMPLSCSI
Error - 14.05.2012 13:02:05 | Computer Name = USER-6AB9C91FD8 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SMPLSCSI
Error - 15.05.2012 08:11:38 | Computer Name = USER-6AB9C91FD8 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SMPLSCSI
Error - 16.05.2012 07:51:13 | Computer Name = USER-6AB9C91FD8 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SMPLSCSI
Error - 16.05.2012 13:33:19 | Computer Name = USER-6AB9C91FD8 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SMPLSCSI
Error - 16.05.2012 16:14:07 | Computer Name = USER-6AB9C91FD8 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SMPLSCSI
Error - 16.05.2012 16:30:52 | Computer Name = USER-6AB9C91FD8 | Source = Service Control Manager | ID = 7034
Description = Dienst "WMI-Leistungsadapter" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
< End of report >
und der zweite:OTL Logfile: Code:
ATTFilter OTL logfile created on: 16.05.2012 22:38:04 - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Dokumente und Einstellungen\user\Eigene Dateien\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,49 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 63,83% Memory free 2,83 Gb Paging File | 2,48 Gb Available in Paging File | 87,62% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 37,26 Gb Total Space | 2,92 Gb Free Space | 7,85% Space Free | Partition Type: NTFS Drive D: | 6,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: USER-6AB9C91FD8 | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\user\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) PRC - C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Programme\uTorrent\uTorrent.exe (BitTorrent, Inc.) PRC - c:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe () PRC - C:\Programme\xp-AntiSpy\xp-AntiSpy.exe (Tiger-IT.de) PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe () PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) PRC - C:\WINDOWS\Dit.exe () ========== Modules (No Company Name) ========== MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Programme\CDBurnerXP\NMSAccessU.exe () MOD - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe () MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU () MOD - C:\WINDOWS\Dit.exe () ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Application Updater) -- C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) SRV - (PSI_SVC_2) -- c:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (NMSAccess) -- C:\Programme\CDBurnerXP\NMSAccessU.exe () SRV - (LVPrcSrv) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (UIUSys) -- system32\drivers\UIUSys.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys () DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.) DRV - (LVUVC) Logitech Webcam 120(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys () DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation) DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation) DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation) DRV - (GTIPCI21) -- C:\WINDOWS\system32\drivers\gtipci21.sys (Texas Instruments) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS (Conexant Systems, Inc.) DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (STAC97) -- C:\WINDOWS\system32\drivers\STAC97.sys (SigmaTel, Inc.) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (EPUSBSTOR) -- C:\WINDOWS\system32\drivers\epusbsto.sys (SEIKO EPSON CORPORATION) DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC) DRV - (fpcmbase) -- C:\WINDOWS\system32\drivers\fpcmbase.sys (AVM GmbH) DRV - (AVMWAN) -- C:\WINDOWS\system32\drivers\avmwan.sys (AVM GmbH) DRV - (SMPLSCSI) -- C:\WINDOWS\system32\drivers\SMPLSCSI.SYS (OnSpec Electronic, Inc.) DRV - (ONSIO) -- C:\WINDOWS\system32\drivers\ONSIO.SYS () DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://startsear.ch/?aff=1&cf=32fdfa0e-12db-11e1-9295-0014a482d7dc IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=32fdfa0e-12db-11e1-9295-0014a482d7dc&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://startsear.ch/?aff=1&cf=32fdfa0e-12db-11e1-9295-0014a482d7dc IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\InprocServer32 File not found IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{135134C2-5D8F-41FD-A31E-72360294B503}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=UTR&o=15467&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=HA&apn_dtid=YYYYYYU7DE&apn_uid=245A704E-D90D-45D9-8F2D-DD1A4F23828A&apn_sauid=3CB6608B-F96A-4C36-9346-C684D733C8F6 IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=32fdfa0e-12db-11e1-9295-0014a482d7dc&q={searchTerms} IE - HKCU\..\SearchScopes\{23404163-8682-4A81-9EE7-302B96FF391B}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=867034&p={searchTerms} IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://www.mystart.com/search_w.php?type=wbbtool1_0msch&fr=chr-vmn&q={searchTerms}&ei=UTF-8 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/410" FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q=" FF - prefs.js..network.proxy.http: "46.19.136.221" FF - prefs.js..network.proxy.http_port: 8080 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Programme\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Programme\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.04.26 21:25:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.04.12 21:30:00 | 000,000,000 | ---D | M] [2010.08.28 11:14:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Extensions [2012.05.16 22:32:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\eoebqokh.default\extensions [2011.11.19 20:21:14 | 000,000,000 | ---D | M] (VshareComplete - Speed up your search with your personal search suggestions tool) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\eoebqokh.default\extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403} [2012.05.13 19:28:12 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\eoebqokh.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2011.01.08 21:56:51 | 000,000,000 | ---D | M] (Webblog) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\eoebqokh.default\extensions\{C3947F4E-8894-4C04-98E0-DF182C706DDF} [2010.12.25 22:17:12 | 000,000,000 | ---D | M] (Cooliris) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\eoebqokh.default\extensions\piclens@cooliris(2).com [2012.03.27 13:31:25 | 000,000,000 | ---D | M] (vShare) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\eoebqokh.default\extensions\vshare@toolbar [2012.05.13 19:28:01 | 000,002,515 | ---- | M] () -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\eoebqokh.default\searchplugins\Search_Results.xml [2011.07.11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\eoebqokh.default\searchplugins\startsear.xml [2011.03.15 22:06:56 | 000,001,583 | ---- | M] () -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\eoebqokh.default\searchplugins\web-search.xml [2012.04.26 21:25:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.05.12 22:27:11 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAMME\GEMEINSAME DATEIEN\SPIGOT\WTXPCOM [2012.04.26 21:25:09 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.04.10 22:50:58 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2011.10.03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Programme\mozilla firefox\plugins\npvsharetvplg.dll [2012.02.13 22:13:07 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.13 22:13:07 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.02.13 22:13:07 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.02.13 22:13:07 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.05.13 19:28:01 | 000,002,515 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml [2010.06.09 21:52:18 | 000,002,224 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\webblog.xml [2012.02.13 22:13:07 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.13 22:13:07 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\IE\5.6\dealioToolbarIE.dll File not found O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Webblog) - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Programme\wbtooltb\wbtoolDx.dll () O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\IE\5.6\dealioToolbarIE.dll File not found O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (Webblog) - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Programme\wbtooltb\wbtoolDx.dll () O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc) O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [Network Error Advisor] C:\Programme\wbtooltb\ExeRunner.exe (Visicom Media Inc.) O4 - HKLM..\Run: [SearchSettings] C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [uTorrent] C:\Programme\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\user\Startmenü\Programme\Autostart\xp-AntiSpy.lnk = C:\Programme\xp-AntiSpy\xp-AntiSpy.exe (Tiger-IT.de) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: adobe.com ([get] http in Vertrauenswürdige Sites) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1302775788796 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B43811D8-EEA5-4095-818A-795925C0A2A7}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\WINDOW~4\Datamngr\datamngr.dll) - C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~1\WINDOW~4\Datamngr\IEBHO.dll) - C:\Programme\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.02.15 20:36:41 | 000,000,000 | ---D | M] - C:\Auto -- [ NTFS ] O32 - AutoRun File - [2009.01.19 15:17:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008.08.25 14:03:52 | 000,000,025 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.05.14 14:14:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess [2012.05.13 19:41:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Eigene Dateien\DVDVideoSoft [2012.05.13 19:40:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DVDVideoSoft [2012.05.13 19:40:03 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DVDVideoSoft [2012.05.13 19:40:03 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft [2012.05.13 19:40:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\DVDVideoSoft [2012.05.13 19:28:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\searchqutoolbar [2012.05.13 19:28:01 | 000,000,000 | ---D | C] -- C:\Programme\Windows Searchqu Toolbar [2012.05.13 19:27:53 | 000,000,000 | ---D | C] -- C:\Programme\Free mp3 Wma Converter [2012.05.12 22:27:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Search Settings [2012.05.12 22:27:05 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Spigot [2012.05.12 22:27:05 | 000,000,000 | ---D | C] -- C:\Programme\Dealio Toolbar [2012.05.12 22:27:05 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater [2012.05.05 21:36:33 | 004,140,192 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2012.04.26 21:25:13 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service [2012.04.26 21:25:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla [2012.04.25 17:28:12 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.05.16 22:41:00 | 000,000,224 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012.05.16 22:35:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.05.16 22:13:07 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.05.16 22:12:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.05.16 21:51:43 | 000,023,552 | ---- | M] () -- C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db [2012.05.13 19:40:11 | 000,000,906 | ---- | M] () -- C:\Dokumente und Einstellungen\user\Desktop\DVDVideoSoft Free Studio.lnk [2012.05.13 19:40:10 | 000,001,030 | ---- | M] () -- C:\Dokumente und Einstellungen\user\Desktop\Free Audio CD to MP3 Converter.lnk [2012.05.13 19:28:01 | 000,001,112 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Get The Best Facebook Chat Messenger.lnk [2012.05.13 18:27:27 | 000,027,136 | ---- | M] () -- C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.05.07 20:46:03 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\user\Desktop\Microsoft Office Word 2003.lnk [2012.05.05 21:36:39 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.05.05 21:36:38 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.05.05 21:36:33 | 004,140,192 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.05.13 19:40:11 | 000,000,906 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Desktop\DVDVideoSoft Free Studio.lnk [2012.05.13 19:40:10 | 000,001,030 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Desktop\Free Audio CD to MP3 Converter.lnk [2012.05.13 19:28:01 | 000,001,112 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Get The Best Facebook Chat Messenger.lnk [2012.04.25 17:28:14 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.02.20 20:51:33 | 000,023,552 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db [2011.11.10 22:16:28 | 000,322,496 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2011.10.21 14:57:55 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\{D30EE2F1-04FD-404E-A556-61D6C7F2463A} [2011.06.08 22:42:43 | 000,167,936 | ---- | C] () -- C:\WINDOWS\Dit.DLL [2011.06.08 22:42:43 | 000,065,536 | ---- | C] () -- C:\WINDOWS\DitExp.exe [2011.06.08 22:42:43 | 000,061,440 | ---- | C] () -- C:\WINDOWS\Dit.exe [2011.06.08 22:42:43 | 000,000,212 | ---- | C] () -- C:\WINDOWS\Dit.INI [2011.05.16 21:40:41 | 000,027,136 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.03.17 21:57:11 | 000,053,268 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2010.10.12 20:14:25 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2010.09.03 20:16:50 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.08.28 11:14:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat < End of report > So hab nun noch TDSSKiller.exe laufen lassen und nix auffälliges gefunden. Hier der Report: 23:08:12.0562 1136 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57 23:08:12.0921 1136 ============================================================ 23:08:12.0921 1136 Current date / time: 2012/05/16 23:08:12.0921 23:08:12.0921 1136 SystemInfo: 23:08:12.0921 1136 23:08:12.0921 1136 OS Version: 5.1.2600 ServicePack: 3.0 23:08:12.0921 1136 Product type: Workstation 23:08:12.0921 1136 ComputerName: USER-6AB9C91FD8 23:08:12.0921 1136 UserName: user 23:08:12.0921 1136 Windows directory: C:\WINDOWS 23:08:12.0921 1136 System windows directory: C:\WINDOWS 23:08:12.0921 1136 Processor architecture: Intel x86 23:08:12.0921 1136 Number of processors: 1 23:08:12.0921 1136 Page size: 0x1000 23:08:12.0921 1136 Boot type: Normal boot 23:08:12.0921 1136 ============================================================ 23:08:16.0421 1136 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 23:08:16.0421 1136 ============================================================ 23:08:16.0421 1136 \Device\Harddisk0\DR0: 23:08:16.0421 1136 MBR partitions: 23:08:16.0421 1136 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1 23:08:16.0421 1136 ============================================================ 23:08:16.0953 1136 C: <-> \Device\Harddisk0\DR0\Partition0 23:08:16.0953 1136 ============================================================ 23:08:16.0953 1136 Initialize success 23:08:16.0953 1136 ============================================================ 23:08:28.0359 2980 ============================================================ 23:08:28.0359 2980 Scan started 23:08:28.0359 2980 Mode: Manual; 23:08:28.0359 2980 ============================================================ 23:08:29.0812 2980 Abiosdsk - ok 23:08:29.0812 2980 abp480n5 - ok 23:08:29.0875 2980 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 23:08:29.0875 2980 ACPI - ok 23:08:29.0906 2980 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys 23:08:29.0906 2980 ACPIEC - ok 23:08:30.0015 2980 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 23:08:30.0015 2980 AdobeFlashPlayerUpdateSvc - ok 23:08:30.0031 2980 adpu160m - ok 23:08:30.0093 2980 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 23:08:30.0093 2980 aec - ok 23:08:30.0156 2980 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys 23:08:30.0156 2980 AFD - ok 23:08:30.0171 2980 Aha154x - ok 23:08:30.0187 2980 aic78u2 - ok 23:08:30.0203 2980 aic78xx - ok 23:08:30.0234 2980 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll 23:08:30.0234 2980 Alerter - ok 23:08:30.0281 2980 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe 23:08:30.0281 2980 ALG - ok 23:08:30.0296 2980 AliIde - ok 23:08:30.0312 2980 amsint - ok 23:08:30.0468 2980 Application Updater (f4c5530d92fa7f9a41c19edfc4c51bd4) C:\Programme\Application Updater\ApplicationUpdater.exe 23:08:30.0484 2980 Application Updater - ok 23:08:30.0562 2980 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll 23:08:30.0578 2980 AppMgmt - ok 23:08:30.0578 2980 asc - ok 23:08:30.0593 2980 asc3350p - ok 23:08:30.0609 2980 asc3550 - ok 23:08:30.0687 2980 ASPI32 (31ed89badd47130ad57cce8c8dfb5b27) C:\WINDOWS\system32\drivers\ASPI32.sys 23:08:30.0687 2980 ASPI32 - ok 23:08:30.0812 2980 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 23:08:30.0843 2980 aspnet_state - ok 23:08:30.0875 2980 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 23:08:30.0875 2980 AsyncMac - ok 23:08:30.0921 2980 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 23:08:30.0921 2980 atapi - ok 23:08:30.0937 2980 Atdisk - ok 23:08:31.0031 2980 Ati HotKey Poller (17ea1c7671dde20e32e7c9ffe842f46e) C:\WINDOWS\system32\Ati2evxx.exe 23:08:31.0046 2980 Ati HotKey Poller - ok 23:08:31.0140 2980 ati2mtag (8eb17cf829df300cc885651cfeaf931c) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 23:08:31.0187 2980 ati2mtag - ok 23:08:31.0234 2980 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 23:08:31.0234 2980 Atmarpc - ok 23:08:31.0281 2980 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll 23:08:31.0281 2980 AudioSrv - ok 23:08:31.0343 2980 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 23:08:31.0343 2980 audstub - ok 23:08:31.0406 2980 AVMWAN (c997af59c54d69232fb7bbea4dad86e2) C:\WINDOWS\system32\DRIVERS\avmwan.sys 23:08:31.0406 2980 AVMWAN - ok 23:08:31.0484 2980 b57w2k (3a3a82ffd268bcfb7ae6a48cecf00ad9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys 23:08:31.0484 2980 b57w2k - ok 23:08:31.0609 2980 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 23:08:31.0609 2980 BCM43XX - ok 23:08:31.0671 2980 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 23:08:31.0671 2980 Beep - ok 23:08:31.0765 2980 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll 23:08:31.0765 2980 BITS - ok 23:08:31.0937 2980 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Programme\Bonjour\mDNSResponder.exe 23:08:31.0953 2980 Bonjour Service - ok 23:08:31.0968 2980 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll 23:08:31.0968 2980 Browser - ok 23:08:32.0015 2980 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys 23:08:32.0015 2980 BthEnum - ok 23:08:32.0046 2980 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys 23:08:32.0046 2980 BthPan - ok 23:08:32.0125 2980 BTHPORT (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys 23:08:32.0140 2980 BTHPORT - ok 23:08:32.0171 2980 BthServ (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll 23:08:32.0171 2980 BthServ - ok 23:08:32.0218 2980 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys 23:08:32.0218 2980 BTHUSB - ok 23:08:32.0250 2980 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 23:08:32.0265 2980 cbidf2k - ok 23:08:32.0296 2980 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 23:08:32.0312 2980 CCDECODE - ok 23:08:32.0312 2980 cd20xrnt - ok 23:08:32.0343 2980 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 23:08:32.0343 2980 Cdaudio - ok 23:08:32.0421 2980 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 23:08:32.0421 2980 Cdfs - ok 23:08:32.0453 2980 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 23:08:32.0453 2980 Cdrom - ok 23:08:32.0468 2980 Changer - ok 23:08:32.0515 2980 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe 23:08:32.0515 2980 CiSvc - ok 23:08:32.0531 2980 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe 23:08:32.0531 2980 ClipSrv - ok 23:08:32.0703 2980 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:08:32.0703 2980 clr_optimization_v2.0.50727_32 - ok 23:08:32.0828 2980 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:08:32.0890 2980 clr_optimization_v4.0.30319_32 - ok 23:08:32.0953 2980 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 23:08:32.0953 2980 CmBatt - ok 23:08:32.0953 2980 CmdIde - ok 23:08:32.0968 2980 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 23:08:32.0968 2980 Compbatt - ok 23:08:32.0984 2980 COMSysApp - ok 23:08:33.0015 2980 Cpqarray - ok 23:08:33.0046 2980 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll 23:08:33.0046 2980 CryptSvc - ok 23:08:33.0062 2980 dac2w2k - ok 23:08:33.0078 2980 dac960nt - ok 23:08:33.0171 2980 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll 23:08:33.0187 2980 DcomLaunch - ok 23:08:33.0218 2980 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll 23:08:33.0234 2980 Dhcp - ok 23:08:33.0250 2980 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 23:08:33.0250 2980 Disk - ok 23:08:33.0265 2980 dmadmin - ok 23:08:33.0328 2980 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys 23:08:33.0359 2980 dmboot - ok 23:08:33.0390 2980 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys 23:08:33.0390 2980 dmio - ok 23:08:33.0437 2980 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 23:08:33.0437 2980 dmload - ok 23:08:33.0453 2980 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll 23:08:33.0453 2980 dmserver - ok 23:08:33.0531 2980 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 23:08:33.0531 2980 DMusic - ok 23:08:33.0593 2980 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll 23:08:33.0593 2980 Dnscache - ok 23:08:33.0640 2980 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll 23:08:33.0640 2980 Dot3svc - ok 23:08:33.0656 2980 dpti2o - ok 23:08:33.0703 2980 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 23:08:33.0703 2980 drmkaud - ok 23:08:33.0750 2980 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll 23:08:33.0750 2980 EapHost - ok 23:08:33.0796 2980 EPUSBSTOR (9ff9df112f551f34ce7894c7ce41bfee) C:\WINDOWS\system32\DRIVERS\epusbsto.sys 23:08:33.0796 2980 EPUSBSTOR - ok 23:08:33.0812 2980 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll 23:08:33.0812 2980 ERSvc - ok 23:08:33.0859 2980 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe 23:08:33.0875 2980 Eventlog - ok 23:08:33.0906 2980 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll 23:08:33.0921 2980 EventSystem - ok 23:08:33.0968 2980 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 23:08:33.0968 2980 Fastfat - ok 23:08:34.0015 2980 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll 23:08:34.0015 2980 FastUserSwitchingCompatibility - ok 23:08:34.0093 2980 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 23:08:34.0093 2980 Fdc - ok 23:08:34.0140 2980 FilterService (a75ddc492d2d1d6558ad8003a4adb73a) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys 23:08:34.0140 2980 FilterService - ok 23:08:34.0171 2980 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys 23:08:34.0171 2980 Fips - ok 23:08:34.0187 2980 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 23:08:34.0187 2980 Flpydisk - ok 23:08:34.0250 2980 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 23:08:34.0265 2980 FltMgr - ok 23:08:34.0406 2980 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 23:08:34.0406 2980 FontCache3.0.0.0 - ok 23:08:34.0500 2980 fpcmbase (a28343d9ead5556f0456b3f527b3b272) C:\WINDOWS\system32\DRIVERS\fpcmbase.sys 23:08:34.0531 2980 fpcmbase - ok 23:08:34.0578 2980 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 23:08:34.0578 2980 Fs_Rec - ok 23:08:34.0609 2980 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 23:08:34.0609 2980 Ftdisk - ok 23:08:34.0671 2980 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 23:08:34.0671 2980 Gpc - ok 23:08:34.0750 2980 GTIPCI21 (ca835331825599b938e37525796d3549) C:\WINDOWS\system32\DRIVERS\gtipci21.sys 23:08:34.0750 2980 GTIPCI21 - ok 23:08:34.0812 2980 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 23:08:34.0812 2980 helpsvc - ok 23:08:34.0828 2980 HidServ - ok 23:08:34.0859 2980 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 23:08:34.0859 2980 HidUsb - ok 23:08:34.0890 2980 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll 23:08:34.0906 2980 hkmsvc - ok 23:08:34.0921 2980 hpn - ok 23:08:34.0984 2980 HSFHWICH (a84bbbdd125d370593004f6429f8445c) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys 23:08:34.0984 2980 HSFHWICH - ok 23:08:35.0078 2980 HSF_DPV (b678fa91cf4a1c19b462d8db04cd02ab) C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS 23:08:35.0109 2980 HSF_DPV - ok 23:08:35.0187 2980 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 23:08:35.0187 2980 HTTP - ok 23:08:35.0250 2980 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll 23:08:35.0250 2980 HTTPFilter - ok 23:08:35.0265 2980 i2omgmt - ok 23:08:35.0281 2980 i2omp - ok 23:08:35.0343 2980 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 23:08:35.0343 2980 i8042prt - ok 23:08:35.0531 2980 ialm (643162fbc619e35d3f1a90a095a5bb42) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 23:08:35.0609 2980 ialm - ok 23:08:35.0750 2980 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe 23:08:35.0750 2980 IDriverT - ok 23:08:35.0953 2980 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 23:08:35.0984 2980 idsvc - ok 23:08:36.0109 2980 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 23:08:36.0109 2980 Imapi - ok 23:08:36.0156 2980 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe 23:08:36.0156 2980 ImapiService - ok 23:08:36.0171 2980 ini910u - ok 23:08:36.0250 2980 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys 23:08:36.0250 2980 IntelIde - ok 23:08:36.0265 2980 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys 23:08:36.0265 2980 intelppm - ok 23:08:36.0312 2980 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 23:08:36.0312 2980 Ip6Fw - ok 23:08:36.0343 2980 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 23:08:36.0343 2980 IpFilterDriver - ok 23:08:36.0359 2980 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 23:08:36.0359 2980 IpInIp - ok 23:08:36.0421 2980 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 23:08:36.0421 2980 IpNat - ok 23:08:36.0453 2980 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 23:08:36.0453 2980 IPSec - ok 23:08:36.0531 2980 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys 23:08:36.0531 2980 irda - ok 23:08:36.0562 2980 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 23:08:36.0562 2980 IRENUM - ok 23:08:36.0609 2980 Irmon (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll 23:08:36.0609 2980 Irmon - ok 23:08:36.0671 2980 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys 23:08:36.0687 2980 isapnp - ok 23:08:36.0890 2980 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe 23:08:36.0890 2980 JavaQuickStarterService - ok 23:08:36.0937 2980 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 23:08:36.0937 2980 Kbdclass - ok 23:08:37.0015 2980 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 23:08:37.0015 2980 kmixer - ok 23:08:37.0093 2980 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 23:08:37.0093 2980 KSecDD - ok 23:08:37.0171 2980 LanmanServer (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll 23:08:37.0187 2980 LanmanServer - ok 23:08:37.0250 2980 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll 23:08:37.0265 2980 lanmanworkstation - ok 23:08:37.0281 2980 lbrtfdc - ok 23:08:37.0359 2980 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll 23:08:37.0359 2980 LmHosts - ok 23:08:37.0421 2980 LVPr2Mon (c57c48fb9ae3efb9848af594e3123a63) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys 23:08:37.0421 2980 LVPr2Mon - ok 23:08:37.0546 2980 LVPrcSrv (5c7b88695ce461d8bda4fe0c0e57e71d) C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe 23:08:37.0546 2980 LVPrcSrv - ok 23:08:38.0187 2980 LVUVC (291f69b3dda0f033d2490c5ba5179f7c) C:\WINDOWS\system32\DRIVERS\lvuvc.sys 23:08:38.0531 2980 LVUVC - ok 23:08:38.0671 2980 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE 23:08:38.0687 2980 MDM - ok 23:08:38.0890 2980 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 23:08:38.0890 2980 mdmxsdk - ok 23:08:38.0953 2980 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll 23:08:38.0953 2980 Messenger - ok 23:08:39.0000 2980 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 23:08:39.0000 2980 mnmdd - ok 23:08:39.0062 2980 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe 23:08:39.0062 2980 mnmsrvc - ok 23:08:39.0093 2980 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys 23:08:39.0093 2980 Modem - ok 23:08:39.0156 2980 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys 23:08:39.0156 2980 Mouclass - ok 23:08:39.0203 2980 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys 23:08:39.0203 2980 mouhid - ok 23:08:39.0250 2980 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 23:08:39.0250 2980 MountMgr - ok 23:08:39.0296 2980 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe 23:08:39.0312 2980 MozillaMaintenance - ok 23:08:39.0312 2980 mraid35x - ok 23:08:39.0375 2980 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 23:08:39.0375 2980 MRxDAV - ok 23:08:39.0468 2980 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 23:08:39.0484 2980 MRxSmb - ok 23:08:39.0546 2980 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe 23:08:39.0546 2980 MSDTC - ok 23:08:39.0593 2980 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 23:08:39.0593 2980 Msfs - ok 23:08:39.0609 2980 MSIServer - ok 23:08:39.0671 2980 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 23:08:39.0671 2980 MSKSSRV - ok 23:08:39.0687 2980 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 23:08:39.0687 2980 MSPCLOCK - ok 23:08:39.0703 2980 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 23:08:39.0703 2980 MSPQM - ok 23:08:39.0718 2980 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 23:08:39.0718 2980 mssmbios - ok 23:08:39.0765 2980 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 23:08:39.0765 2980 MSTEE - ok 23:08:39.0812 2980 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 23:08:39.0812 2980 Mup - ok 23:08:39.0828 2980 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 23:08:39.0843 2980 NABTSFEC - ok 23:08:39.0921 2980 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll 23:08:39.0937 2980 napagent - ok 23:08:39.0984 2980 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 23:08:40.0000 2980 NDIS - ok 23:08:40.0031 2980 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 23:08:40.0031 2980 NdisIP - ok 23:08:40.0062 2980 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 23:08:40.0062 2980 NdisTapi - ok 23:08:40.0093 2980 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 23:08:40.0093 2980 Ndisuio - ok 23:08:40.0125 2980 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 23:08:40.0125 2980 NdisWan - ok 23:08:40.0187 2980 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 23:08:40.0187 2980 NDProxy - ok 23:08:40.0234 2980 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 23:08:40.0234 2980 NetBIOS - ok 23:08:40.0281 2980 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 23:08:40.0296 2980 NetBT - ok 23:08:40.0328 2980 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe 23:08:40.0343 2980 NetDDE - ok 23:08:40.0359 2980 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe 23:08:40.0359 2980 NetDDEdsdm - ok 23:08:40.0421 2980 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe 23:08:40.0437 2980 Netlogon - ok 23:08:40.0468 2980 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll 23:08:40.0484 2980 Netman - ok 23:08:40.0625 2980 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:08:40.0625 2980 NetTcpPortSharing - ok 23:08:40.0687 2980 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll 23:08:40.0703 2980 Nla - ok 23:08:40.0843 2980 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Programme\CDBurnerXP\NMSAccessU.exe 23:08:40.0843 2980 NMSAccess - ok 23:08:40.0875 2980 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 23:08:40.0875 2980 Npfs - ok 23:08:40.0937 2980 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 23:08:40.0953 2980 Ntfs - ok 23:08:40.0968 2980 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe 23:08:40.0968 2980 NtLmSsp - ok 23:08:41.0031 2980 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll 23:08:41.0046 2980 NtmsSvc - ok 23:08:41.0109 2980 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 23:08:41.0109 2980 Null - ok 23:08:41.0156 2980 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 23:08:41.0156 2980 NwlnkFlt - ok 23:08:41.0171 2980 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 23:08:41.0171 2980 NwlnkFwd - ok 23:08:41.0234 2980 ONSIO (5728b613f132df531f7c3510358e6212) C:\WINDOWS\SYSTEM32\DRIVERS\ONSIO.SYS 23:08:41.0234 2980 ONSIO - ok 23:08:41.0328 2980 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 23:08:41.0343 2980 ose - ok 23:08:41.0406 2980 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys 23:08:41.0406 2980 Parport - ok 23:08:41.0421 2980 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 23:08:41.0421 2980 PartMgr - ok 23:08:41.0453 2980 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys 23:08:41.0453 2980 ParVdm - ok 23:08:41.0531 2980 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys 23:08:41.0546 2980 PCI - ok 23:08:41.0546 2980 PCIDump - ok 23:08:41.0578 2980 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys 23:08:41.0578 2980 PCIIde - ok 23:08:41.0609 2980 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 23:08:41.0609 2980 Pcmcia - ok 23:08:41.0625 2980 PDCOMP - ok 23:08:41.0625 2980 PDFRAME - ok 23:08:41.0640 2980 PDRELI - ok 23:08:41.0656 2980 PDRFRAME - ok 23:08:41.0671 2980 perc2 - ok 23:08:41.0671 2980 perc2hib - ok 23:08:41.0765 2980 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe 23:08:41.0781 2980 PlugPlay - ok 23:08:41.0796 2980 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe 23:08:41.0796 2980 PolicyAgent - ok 23:08:41.0812 2980 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 23:08:41.0812 2980 PptpMiniport - ok 23:08:41.0828 2980 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe 23:08:41.0828 2980 ProtectedStorage - ok 23:08:41.0843 2980 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 23:08:41.0843 2980 PSched - ok 23:08:41.0921 2980 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe 23:08:41.0937 2980 PSI_SVC_2 - ok 23:08:41.0953 2980 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 23:08:41.0953 2980 Ptilink - ok 23:08:41.0953 2980 ql1080 - ok 23:08:41.0968 2980 Ql10wnt - ok 23:08:41.0984 2980 ql12160 - ok 23:08:41.0984 2980 ql1240 - ok 23:08:42.0000 2980 ql1280 - ok 23:08:42.0031 2980 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 23:08:42.0031 2980 RasAcd - ok 23:08:42.0078 2980 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll 23:08:42.0078 2980 RasAuto - ok 23:08:42.0109 2980 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys 23:08:42.0109 2980 Rasirda - ok 23:08:42.0140 2980 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 23:08:42.0140 2980 Rasl2tp - ok 23:08:42.0187 2980 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll 23:08:42.0187 2980 RasMan - ok 23:08:42.0218 2980 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 23:08:42.0218 2980 RasPppoe - ok 23:08:42.0234 2980 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 23:08:42.0234 2980 Raspti - ok 23:08:42.0265 2980 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 23:08:42.0281 2980 Rdbss - ok 23:08:42.0312 2980 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 23:08:42.0328 2980 RDPCDD - ok 23:08:42.0390 2980 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 23:08:42.0390 2980 rdpdr - ok 23:08:42.0484 2980 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 23:08:42.0500 2980 RDPWD - ok 23:08:42.0546 2980 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe 23:08:42.0546 2980 RDSessMgr - ok 23:08:42.0562 2980 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys 23:08:42.0562 2980 redbook - ok 23:08:42.0625 2980 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll 23:08:42.0625 2980 RemoteAccess - ok 23:08:42.0671 2980 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll 23:08:42.0687 2980 RemoteRegistry - ok 23:08:42.0750 2980 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys 23:08:42.0750 2980 RFCOMM - ok 23:08:42.0765 2980 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe 23:08:42.0765 2980 RpcLocator - ok 23:08:42.0828 2980 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll 23:08:42.0843 2980 RpcSs - ok 23:08:42.0875 2980 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe 23:08:42.0890 2980 RSVP - ok 23:08:42.0921 2980 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe 23:08:42.0921 2980 SamSs - ok 23:08:42.0953 2980 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe 23:08:42.0953 2980 SCardSvr - ok 23:08:43.0031 2980 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll 23:08:43.0046 2980 Schedule - ok 23:08:43.0078 2980 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 23:08:43.0078 2980 Secdrv - ok 23:08:43.0125 2980 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll 23:08:43.0125 2980 seclogon - ok 23:08:43.0156 2980 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll 23:08:43.0156 2980 SENS - ok 23:08:43.0171 2980 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 23:08:43.0171 2980 serenum - ok 23:08:43.0203 2980 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys 23:08:43.0203 2980 Serial - ok 23:08:43.0250 2980 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 23:08:43.0265 2980 Sfloppy - ok 23:08:43.0343 2980 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll 23:08:43.0343 2980 SharedAccess - ok 23:08:43.0406 2980 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll 23:08:43.0421 2980 ShellHWDetection - ok 23:08:43.0421 2980 Simbad - ok 23:08:43.0484 2980 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 23:08:43.0484 2980 SLIP - ok 23:08:43.0562 2980 SMCIRDA (d03a4cdb1b089e3f6c23501339506e5e) C:\WINDOWS\system32\DRIVERS\smcirda.sys 23:08:43.0562 2980 SMCIRDA - ok 23:08:43.0609 2980 SMPLSCSI (2a3786ef1054da748a9f682a5674bf4f) C:\WINDOWS\system32\drivers\SMPLSCSI.SYS 23:08:43.0609 2980 SMPLSCSI - ok 23:08:43.0625 2980 Sparrow - ok 23:08:43.0671 2980 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 23:08:43.0671 2980 splitter - ok 23:08:43.0734 2980 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 23:08:43.0734 2980 Spooler - ok 23:08:43.0765 2980 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys 23:08:43.0765 2980 sr - ok 23:08:43.0796 2980 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll 23:08:43.0812 2980 srservice - ok 23:08:43.0890 2980 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 23:08:43.0906 2980 Srv - ok 23:08:43.0968 2980 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll 23:08:43.0984 2980 SSDPSRV - ok 23:08:44.0031 2980 STAC97 (305cc42945a713347f978d78566113f3) C:\WINDOWS\system32\drivers\STAC97.sys 23:08:44.0031 2980 STAC97 - ok 23:08:44.0078 2980 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys 23:08:44.0078 2980 StarOpen - ok 23:08:44.0140 2980 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll 23:08:44.0156 2980 stisvc - ok 23:08:44.0171 2980 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 23:08:44.0171 2980 streamip - ok 23:08:44.0203 2980 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 23:08:44.0203 2980 swenum - ok 23:08:44.0234 2980 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 23:08:44.0234 2980 swmidi - ok 23:08:44.0250 2980 SwPrv - ok 23:08:44.0265 2980 symc810 - ok 23:08:44.0281 2980 symc8xx - ok 23:08:44.0296 2980 sym_hi - ok 23:08:44.0296 2980 sym_u3 - ok 23:08:44.0328 2980 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 23:08:44.0328 2980 sysaudio - ok 23:08:44.0390 2980 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe 23:08:44.0406 2980 SysmonLog - ok 23:08:44.0453 2980 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll 23:08:44.0468 2980 TapiSrv - ok 23:08:44.0562 2980 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 23:08:44.0562 2980 Tcpip - ok 23:08:44.0609 2980 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 23:08:44.0609 2980 TDPIPE - ok 23:08:44.0640 2980 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 23:08:44.0640 2980 TDTCP - ok 23:08:44.0687 2980 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 23:08:44.0687 2980 TermDD - ok 23:08:44.0734 2980 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll 23:08:44.0750 2980 TermService - ok 23:08:44.0812 2980 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll 23:08:44.0828 2980 Themes - ok 23:08:44.0843 2980 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe 23:08:44.0843 2980 TlntSvr - ok 23:08:44.0859 2980 TosIde - ok 23:08:44.0890 2980 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll 23:08:44.0890 2980 TrkWks - ok 23:08:44.0921 2980 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 23:08:44.0921 2980 Udfs - ok 23:08:44.0937 2980 UIUSys - ok 23:08:44.0953 2980 ultra - ok 23:08:45.0046 2980 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 23:08:45.0046 2980 Update - ok 23:08:45.0109 2980 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll 23:08:45.0125 2980 upnphost - ok 23:08:45.0140 2980 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe 23:08:45.0140 2980 UPS - ok 23:08:45.0187 2980 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 23:08:45.0187 2980 usbccgp - ok 23:08:45.0250 2980 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 23:08:45.0250 2980 usbehci - ok 23:08:45.0265 2980 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 23:08:45.0281 2980 usbhub - ok 23:08:45.0312 2980 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 23:08:45.0312 2980 usbprint - ok 23:08:45.0359 2980 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 23:08:45.0359 2980 usbscan - ok 23:08:45.0406 2980 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 23:08:45.0406 2980 USBSTOR - ok 23:08:45.0453 2980 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 23:08:45.0453 2980 usbuhci - ok 23:08:45.0515 2980 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 23:08:45.0531 2980 usbvideo - ok 23:08:45.0578 2980 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 23:08:45.0578 2980 VgaSave - ok 23:08:45.0593 2980 ViaIde - ok 23:08:45.0609 2980 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys 23:08:45.0609 2980 VolSnap - ok 23:08:45.0671 2980 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe 23:08:45.0687 2980 VSS - ok 23:08:45.0921 2980 w29n51 (effab2168b92025bf9a028461e029687) C:\WINDOWS\system32\DRIVERS\w29n51.sys 23:08:45.0984 2980 w29n51 - ok 23:08:46.0046 2980 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll 23:08:46.0046 2980 W32Time - ok 23:08:46.0078 2980 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 23:08:46.0078 2980 Wanarp - ok 23:08:46.0093 2980 WDICA - ok 23:08:46.0125 2980 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 23:08:46.0125 2980 wdmaud - ok 23:08:46.0171 2980 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll 23:08:46.0171 2980 WebClient - ok 23:08:46.0281 2980 winachsf (0c5b9cf1bdf998750d9c5eeb5f8c55ac) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 23:08:46.0312 2980 winachsf - ok 23:08:46.0437 2980 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll 23:08:46.0453 2980 winmgmt - ok 23:08:46.0515 2980 WmdmPmSN (6e18978b749f0696a774de3f2cb142dd) C:\WINDOWS\system32\mspmsnsv.dll 23:08:46.0531 2980 WmdmPmSN - ok 23:08:46.0625 2980 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll 23:08:46.0640 2980 Wmi - ok 23:08:46.0687 2980 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe 23:08:46.0687 2980 WmiApSrv - ok 23:08:47.0062 2980 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 23:08:47.0093 2980 WPFFontCache_v0400 - ok 23:08:47.0156 2980 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll 23:08:47.0156 2980 wscsvc - ok 23:08:47.0203 2980 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 23:08:47.0203 2980 WSTCODEC - ok 23:08:47.0265 2980 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll 23:08:47.0265 2980 wuauserv - ok 23:08:47.0328 2980 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll 23:08:47.0343 2980 WZCSVC - ok 23:08:47.0390 2980 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll 23:08:47.0406 2980 xmlprov - ok 23:08:47.0453 2980 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0 23:08:48.0093 2980 \Device\Harddisk0\DR0 - ok 23:08:48.0093 2980 Boot (0x1200) (3d4bbaee410bed6fccfa7ac194c157ff) \Device\Harddisk0\DR0\Partition0 23:08:48.0109 2980 \Device\Harddisk0\DR0\Partition0 - ok 23:08:48.0109 2980 ============================================================ 23:08:48.0109 2980 Scan finished 23:08:48.0109 2980 ============================================================ 23:08:48.0125 3480 Detected object count: 0 23:08:48.0125 3480 Actual detected object count: 0 Geändert von kaeferbine (16.05.2012 um 22:12 Uhr) |
|
17.05.2012, 19:07
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner an Board? "http://www.searchnu.com/410" , wie werde ich wieder los? Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
__________________Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden. Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
| Themen zu Trojaner an Board? "http://www.searchnu.com/410" , wie werde ich wieder los? |
| .dll, adobe, bandoo, bho, canon, converter, desktop, dll, einstellungen, error, explorer, flash player, fontcache, format, google, helper, logfile, lws.exe, microsoft office word, mozilla, mp3, plug-in, problem, registry, registry cleaner, rundll, scan, searchnu.com/410, searchqu toolbar, searchscopes, security, software, staropen, temp, trojaner, visual studio, windows internet, wma |
Linear-Darstellung
