Virus Blockiert Virenscanner und Firewall, ewwy7owwge.exe

Wutzkopp · 07.06.2012, 14:49

Hallo
Es fing damit an dass ich heute(7.6.2012) einen unbekannten Prozess im Taskmanager gefunden habe den ich nicht beenden konnte(ewwy7owwge.exe), durch die Suchfunktion fand ich raus dass die Datei unter C

okumente und Einstellungen/Administrator gespeichert war(seit 4.7.2012). Natürlich liess sich die Datei nicht so einfach in den Papierkorb verschieben, auch über die Eingabeaufforderung bin ich sie nicht los geworden.
Dann habe ich mein Spybot S&D drüberlaufen lassen, leider erfolglos.
Dann habe ich ein Programm namens Unlocker runtergeladen mit dem man angeblich dateien einfach löschen kann, doch das startete nach dem installieren nichtmal. Als nächstes habe ich AVG Free runtergeladen und Installiert, Updates runtergeladen und Neugestartet. Als ich dann Scannen wollte brach der Scan ab bevor er wirklich angefangen hatte. egal ob gesamt oder eine bestimmte datei etc. Nach dem ersten neustart hatte die Datei dann auch nicht mehr das normale Anwendungsicon, sondern es war eine Banane

, ausserdem war als Firma dann "Jetware" angegeben.
In meiner verzweiflung habe ich dann windows mit dem diagnose systemstart neu hochgefahren und konnte dann im taskmanager den prozess beenden und die datei über die Eingabeaufforderung Löschen.
Leider war es damit nicht getan

denn das problem mit dem virenscanner hatte ich trotzdem noch, also probierte ich es (erfolglos) mit Avast und danach mit den "10 Besten" Online Virenscannern bis ich dann letztendlich auf dieses Forum gestoßen bin.

Ansonsten ist mir noch aufgefallen dass ich nicht in die einstellungen von der firewall komme"Aufgrund eines unbekannten Problems können die einstellungen des windows firewalls nicht angezeigt werden"

und hier der log vom Anti Malware:

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.07.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: STATION015 [Administrator]

Schutz: Deaktiviert

07.06.2012 14:58:37
mbam-log-2012-06-07 (14-58-37).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 251579
Laufzeit: 19 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 8
HKCR\CLSID\{F99BD4F5-D402-4c21-A8BC-510830B6BE37} (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\linkrdr.AIEbho.1 (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\linkrdr.AIEbho (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F99BD4F5-D402-4C21-A8BC-510830B6BE37} (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\XML (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\prh (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\tst (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Regedit32 (Trojan.Agent) -> Daten: C:\WINDOWS\system32\regedit.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 3
HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32| (Trojan.Zaccess) -> Bösartig: (\\.\globalroot\systemroot\Installer\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\n.) Gut: (%systemroot%\system32\wbem\wbemess.dll) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 1
C:\WINDOWS\system32\xmldm (Stolen.Data) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 8
C:\WINDOWS\system32\AcroIEHelpe.dll (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\n (Rootkit.0Access) -> Löschen bei Neustart.
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ZS9TL770\8[1].exe (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\WINDOWS\Installer\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\n (Rootkit.0Access) -> Löschen bei Neustart.
C:\WINDOWS\Installer\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\U\00000001.@ (Trojan.Small) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\WINDOWS\Installer\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\U\80000000.@ (Trojan.Sirefef) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\WINDOWS\Installer\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\U\800000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\WINDOWS\system32\AcroIEHelpe.txt (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

cosinus · 10.06.2012, 01:54

Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Wutzkopp · 10.06.2012, 09:35

Hallo
Nein das war das erste mal dass ich mit Malware bytes gescannt habe...
Aber ich habe es inzwischen nochmals durchlaufen lassen..
Hier der Log dazu:

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.07.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: STATION015 [Administrator]

Schutz: Deaktiviert

09.06.2012 15:25:58
mbam-log-2012-06-09 (15-25-58).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 253317
Laufzeit: 18 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\WINDOWS\system32\xmldm (Stolen.Data) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

und hier nochmal ganz aktuell....

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.07.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: STATION015 [Administrator]

Schutz: Deaktiviert

10.06.2012 10:36:52
mbam-log-2012-06-10 (10-36-52).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 253041
Laufzeit: 22 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\WINDOWS\system32\xmldm (Stolen.Data) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus · 10.06.2012, 15:59

Führ bitte auch ESET aus, danach sehen wir weiter:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Wutzkopp · 10.06.2012, 20:47

Hallo
Nun habe ich Eset Online Scanner auch nach Anleitung Durchlaufen lassen

Hier der Log Dazu:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=d331b7c75a953a4486c83b0808f0f9ff
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-10 07:25:23
# local_time=2012-06-10 09:25:23 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=crash
# scanned=70847
# found=8
# cleaned=0
# scan_time=2918
C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\27\7061701b-3d1a59e6 probably a variant of Java/Agent.AF trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\43\29d7c5ab-5ae8e1d3 a variant of Java/Exploit.Agent.NCG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\2ALE863R\7[1].exe Win32/Wigon.OW trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\WinMuollo1.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\E1YKE1FG\advlive_org[1].txt HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\E1YKE1FG\legitonlinejobs_com[1].htm HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\VEFLCWJF\advlive_biz[1].txt HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\RECYCLER\S-1-5-21-1645522239-1417001333-682003330-500\Dc27.exe Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I

lG
und vielen Dank

cosinus · 10.06.2012, 20:52

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Wutzkopp · 10.06.2012, 22:33

Okay
Hier der OTL Scan-Log:

Code:

ATTFilter

OTL logfile created on: 10.06.2012 23:24:59 - Run 1
OTL by OldTimer - Version 3.2.48.0     Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,97 Gb Total Physical Memory | 2,42 Gb Available Physical Memory | 81,37% Memory free
4,81 Gb Paging File | 4,42 Gb Available in Paging File | 91,86% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 37,55 Gb Free Space | 50,39% Space Free | Partition Type: NTFS
 
Computer Name: STATION015 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [8209.12.26 20:38:58 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2012.06.10 22:32:37 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2009.11.19 16:11:45 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre6\bin\jucheck.exe
PRC - [2009.08.19 11:32:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2009.08.19 11:32:20 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2009.08.13 19:02:34 | 000,357,384 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\LGDevAgt.exe
PRC - [2009.08.13 18:37:56 | 001,573,384 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
PRC - [2009.08.13 18:37:44 | 000,522,760 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2009.08.13 18:37:24 | 000,676,360 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDClock.exe
PRC - [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.11.21 18:54:24 | 001,507,328 | ---- | M] () -- C:\Programme\NETGEAR\WG311v3\WG311v3.exe
PRC - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2010.07.04 23:32:36 | 000,004,608 | ---- | M] () -- C:\Programme\Unlocker\UnlockerHook.dll
MOD - [2009.08.18 16:54:22 | 000,970,752 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2009.08.16 18:06:02 | 000,141,312 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.02.27 18:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2007.11.21 18:54:24 | 001,507,328 | ---- | M] () -- C:\Programme\NETGEAR\WG311v3\WG311v3.exe
MOD - [2006.12.04 12:38:32 | 000,049,152 | ---- | M] () -- C:\Programme\NETGEAR\WG311v3\WlanDll.dll
MOD - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006.03.15 15:19:34 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\MrvGINA.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\alg.exe -- (ALG)
SRV - [8209.12.26 20:38:58 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [8209.12.26 20:38:56 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.08.13 09:39:50 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.16 13:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\toywdm.sys -- (JL2005)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\amdtools.sys -- (amdtools)
DRV - File not found [Kernel | Auto | Stopped] --  -- (adfs)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.01.09 18:20:20 | 000,139,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2011.08.17 15:49:54 | 000,138,496 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\afd.sys -- (AFD)
DRV - [2011.07.15 15:29:31 | 000,456,320 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011.07.08 16:02:00 | 000,010,496 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011.04.21 15:37:43 | 000,105,472 | ---- | M] () [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011.02.17 15:18:03 | 000,357,888 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2011.01.22 09:37:08 | 000,431,672 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.11.02 17:17:02 | 000,040,960 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2009.10.20 18:20:16 | 000,265,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009.07.14 16:35:30 | 000,019,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009.06.24 13:18:41 | 000,092,928 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009.05.09 02:14:20 | 000,014,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2008.06.20 13:51:12 | 000,361,600 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008.04.14 07:53:28 | 000,040,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008.04.14 07:53:28 | 000,021,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008.04.14 07:53:28 | 000,012,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008.04.14 07:32:34 | 000,073,472 | ---- | M] () [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008.04.14 07:32:18 | 000,120,576 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008.04.14 07:32:14 | 000,068,224 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008.04.14 07:32:12 | 000,080,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008.04.14 07:28:38 | 000,025,216 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008.04.14 07:28:38 | 000,014,720 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008.04.14 07:28:20 | 000,154,112 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008.04.14 07:28:14 | 000,800,384 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008.04.14 07:28:04 | 000,037,632 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008.04.14 07:25:36 | 000,052,992 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008.04.14 07:25:00 | 000,065,536 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008.04.14 07:22:52 | 000,057,728 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008.04.14 07:22:52 | 000,044,672 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008.04.14 07:22:04 | 000,053,760 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008.04.14 07:21:22 | 000,039,936 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008.04.14 07:19:38 | 000,023,552 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008.04.14 07:19:34 | 000,030,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008.04.14 07:19:04 | 000,188,800 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008.04.14 01:16:26 | 000,085,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2008.04.14 01:16:26 | 000,019,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2008.04.14 01:16:24 | 000,017,024 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2008.04.14 01:16:24 | 000,011,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP)
DRV - [2008.04.14 01:16:24 | 000,010,880 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2008.04.14 01:16:22 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2008.04.14 01:15:40 | 000,032,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008.04.14 01:09:52 | 000,005,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2008.04.14 00:58:40 | 000,175,744 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008.04.14 00:51:02 | 000,162,816 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008.04.14 00:50:44 | 000,091,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008.04.14 00:50:38 | 000,182,656 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008.04.14 00:49:50 | 000,048,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN-Miniport (PPTP)
DRV - [2008.04.14 00:49:44 | 000,075,264 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008.04.14 00:49:44 | 000,051,328 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN-Miniport (L2TP)
DRV - [2008.04.14 00:47:20 | 000,083,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008.04.14 00:45:56 | 000,060,800 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008.04.14 00:45:54 | 000,574,976 | ---- | M] () [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008.04.14 00:44:30 | 000,143,744 | ---- | M] () [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008.04.14 00:44:22 | 000,063,744 | ---- | M] () [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008.04.14 00:27:34 | 000,041,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008.04.14 00:27:28 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008.04.14 00:27:22 | 000,034,560 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008.04.14 00:27:16 | 000,152,832 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008.04.14 00:27:08 | 000,020,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008.04.14 00:26:40 | 000,069,120 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008.04.14 00:26:34 | 000,035,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008.04.14 00:26:04 | 000,034,688 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008.04.14 00:26:00 | 000,014,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008.04.14 00:24:30 | 000,011,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008.04.14 00:23:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008.04.14 00:21:26 | 000,059,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008.04.14 00:17:38 | 000,025,856 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008.04.14 00:15:40 | 000,026,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008.04.14 00:15:38 | 000,059,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008.04.14 00:15:36 | 000,030,208 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008.04.14 00:15:36 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)
DRV - [2008.04.14 00:15:36 | 000,015,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.14 00:15:28 | 000,010,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2008.04.14 00:15:14 | 000,002,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008.04.14 00:15:10 | 000,172,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008.04.14 00:15:10 | 000,056,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008.04.14 00:15:08 | 000,006,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008.04.14 00:15:02 | 000,052,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008.04.14 00:14:42 | 000,020,992 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\vga.sys -- (VgaSave)
DRV - [2008.04.14 00:11:00 | 000,042,112 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008.04.14 00:10:50 | 000,019,712 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008.04.14 00:10:50 | 000,011,392 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008.04.14 00:10:48 | 000,062,976 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008.04.14 00:10:48 | 000,036,352 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008.04.14 00:10:32 | 000,096,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008.04.14 00:10:26 | 000,027,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008.04.14 00:10:26 | 000,020,480 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008.04.14 00:10:14 | 000,015,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2008.04.14 00:09:54 | 000,007,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008.04.14 00:09:54 | 000,004,352 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008.04.14 00:09:52 | 000,005,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008.04.14 00:09:52 | 000,004,992 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008.04.14 00:09:48 | 000,384,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008.04.14 00:09:48 | 000,042,368 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008.04.14 00:06:48 | 000,015,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008.04.14 00:03:00 | 000,129,792 | ---- | M] () [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008.04.14 00:02:52 | 000,196,224 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008.04.14 00:02:46 | 000,180,608 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008.04.14 00:02:40 | 000,030,848 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008.04.14 00:02:40 | 000,019,072 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008.04.14 00:02:38 | 000,066,048 | ---- | M] () [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008.04.13 22:09:24 | 000,142,592 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2007.12.06 09:51:00 | 000,285,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007.07.27 13:00:00 | 000,126,336 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2007.07.27 13:00:00 | 000,032,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2007.07.27 13:00:00 | 000,032,512 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2007.07.27 13:00:00 | 000,018,688 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2007.07.27 13:00:00 | 000,016,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti) Parallelanschluss (direkt)
DRV - [2007.07.27 13:00:00 | 000,013,952 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2007.07.27 13:00:00 | 000,012,416 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2007.07.27 13:00:00 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2007.07.27 13:00:00 | 000,012,160 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2007.07.27 13:00:00 | 000,008,832 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2007.07.27 13:00:00 | 000,007,936 | ---- | M] () [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2007.07.27 13:00:00 | 000,007,040 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2007.07.27 13:00:00 | 000,005,888 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2007.07.27 13:00:00 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2007.07.27 13:00:00 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2007.07.27 13:00:00 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2007.07.27 13:00:00 | 000,002,944 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2006.11.02 08:22:54 | 000,492,000 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000)
DRV - [2006.11.01 20:45:14 | 000,219,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTCamDrv.sys -- (BTCAMDRV)
DRV - [2006.10.18 20:00:00 | 000,038,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2006.09.28 19:00:34 | 000,082,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2006.09.28 18:55:50 | 000,077,568 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf)
DRV - [2005.12.29 19:07:50 | 000,282,624 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WG311v3XP.sys -- (W8335XP) NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335)
DRV - [2005.09.22 16:34:18 | 003,727,680 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.08.24 15:55:48 | 000,066,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.10 16:06:28 | 000,019,968 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.07.29 17:11:04 | 000,012,928 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.07.29 17:11:02 | 000,034,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.03.10 07:42:00 | 000,227,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\m4cxw2k3.sys -- (m4cxw2k3)
DRV - [2005.03.09 15:53:00 | 000,043,008 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.03.29 18:28:24 | 000,014,531 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Ifp1000.sys -- (IFP1000)
DRV - [2001.08.18 05:30:42 | 000,003,328 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001.08.17 14:59:44 | 000,003,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = hxxp://search.qip.ru/?query={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.qip.ru
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/sm
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - No CLSID value found
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={FD4F9AF3-ED03-4BB9-A9F5-00763C762732}&mid=183ccc8ae69947d08dacd15ac987fc80-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=AVG&pr=fr&d=2012-06-07 14:25:12&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = hxxp://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1645522239-1417001333-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.114
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B94e2cb74-dbe2-4fad-bc81-7adfebb512d1%7D&mid=183ccc8ae69947d08dacd15ac987fc80-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=AVG&v=11.0.0.9&lang=de&pr=fr&d=2012-06-07%2012%3A24%3A07&sap=ku&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Programme\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\01040 [2012.06.07 10:55:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.08.04 10:16:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.06.29 22:35:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\01040 [2012.06.07 10:55:23 | 000,000,000 | ---D | M]
 
[2009.06.17 09:25:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions
[2012.06.08 08:36:19 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\xiwo6i1u.default\extensions
[2011.01.27 07:48:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\xiwo6i1u.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012.06.08 08:35:59 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\xiwo6i1u.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012.06.01 12:05:10 | 000,001,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\xiwo6i1u.default\searchplugins\icqplugin.xml
[2010.02.03 21:46:08 | 000,002,061 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\xiwo6i1u.default\searchplugins\qipsearch.xml
[2012.06.07 13:02:37 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.07 10:55:23 | 000,000,000 | ---D | M] (Java Link Helper) -- C:\WINDOWS\SYSTEM32\01040
[2010.03.18 08:46:15 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.07 14:25:09 | 000,003,766 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml
[2010.03.18 08:46:15 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2010.03.18 08:46:15 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.03.18 08:46:15 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.03.18 08:46:15 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: AVG Safe Search = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: AVG Do Not Track = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([8209.12.26 20:19:25 | 000,370,743 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 12778 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Launch LCDMon] C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Programme\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKU\S-1-5-21-1645522239-1417001333-682003330-500..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\NETGEAR WG311v3 Smart Wizard.lnk = C:\Programme\NETGEAR\WG311v3\WG311v3.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1645522239-1417001333-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E22448F-9A74-40EE-9156-51CC13B3F08C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B745368E-8FED-4663-98C1-9BF23A9B080A}: DhcpNameServer = 192.192.192.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA083841-AF7C-4A0B-946F-9E7F2F0C849C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - C:\WINDOWS\System32\MrvGINA.dll ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\Program Files\Plus!\Themes\Zelda64\Zelda64-1024x768.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\Program Files\Plus!\Themes\Zelda64\Zelda64-1024x768.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.16 13:57:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.10.10 21:13:33 | 000,000,000 | ---D | M] - C:\Autorun -- [ NTFS ]
O33 - MountPoints2\{e189ce72-aa14-11df-b957-00138f631573}\Shell - "" = AutoRun
O33 - MountPoints2\{e189ce72-aa14-11df-b957-00138f631573}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e189ce72-aa14-11df-b957-00138f631573}\Shell\AutoRun\command - "" = G:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Sharedaccess -  File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: SSHNAS -  File not found
 
MsConfig - Services: "WMPNetworkSvc"
MsConfig - Services: "vToolbarUpdater11.0.2"
MsConfig - Services: "SwitchBoard"
MsConfig - Services: "idsvc"
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 0
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: dmboot.sys - C:\WINDOWS\system32\drivers\dmboot.sys ()
SafeBootMin: dmio.sys - C:\WINDOWS\system32\drivers\dmio.sys ()
SafeBootMin: dmload.sys - C:\WINDOWS\system32\drivers\dmload.sys ()
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: sr.sys - C:\WINDOWS\system32\drivers\sr.sys ()
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: vgasave.sys - C:\WINDOWS\system32\drivers\vga.sys ()
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AFD - C:\WINDOWS\system32\drivers\afd.sys ()
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: dmboot.sys - C:\WINDOWS\system32\drivers\dmboot.sys ()
SafeBootNet: dmio.sys - C:\WINDOWS\system32\drivers\dmio.sys ()
SafeBootNet: dmload.sys - C:\WINDOWS\system32\drivers\dmload.sys ()
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: ip6fw.sys - C:\WINDOWS\system32\drivers\ip6fw.sys ()
SafeBootNet: ipnat.sys - C:\WINDOWS\system32\drivers\ipnat.sys ()
SafeBootNet: NDIS - C:\WINDOWS\System32\drivers\ndis.sys ()
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: Ndisuio - C:\WINDOWS\system32\drivers\ndisuio.sys ()
SafeBootNet: NetBIOS - C:\WINDOWS\system32\drivers\netbios.sys ()
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetBT - C:\WINDOWS\system32\drivers\netbt.sys ()
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpcdd.sys - C:\WINDOWS\system32\drivers\rdpcdd.sys ()
SafeBootNet: rdpdd.sys - C:\WINDOWS\System32\rdpdd.dll ()
SafeBootNet: rdpwd.sys - C:\WINDOWS\System32\drivers\rdpwd.sys ()
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: SharedAccess -  File not found
SafeBootNet: sr.sys - C:\WINDOWS\system32\drivers\sr.sys ()
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: Tcpip - C:\WINDOWS\system32\drivers\tcpip.sys ()
SafeBootNet: TDI - Driver Group
SafeBootNet: tdpipe.sys - C:\WINDOWS\System32\drivers\tdpipe.sys ()
SafeBootNet: tdtcp.sys - C:\WINDOWS\System32\drivers\tdtcp.sys ()
SafeBootNet: vga.sys - Driver
SafeBootNet: vgasave.sys - C:\WINDOWS\system32\drivers\vga.sys ()
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {33AFB180-450B-8B69-0C92-B8306F64C988} - Adobe Shockwave Director 10.2
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C080D639-AFF4-6451-C4C4-CE021A8DDFFA} - Browseranpassungen
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D0E6A122-19A6-DCD5-BC0C-355EA0EBADB5} - Java (Sun)
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /HideWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package - 
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MKVC - C:\WINDOWS\System32\KMVIDC32.DLL ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
System Restore Service not available.
 
========== Files/Folders - Created Within 30 Days ==========
 
[8209.12.26 20:38:58 | 000,604,488 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe
[8209.12.26 20:38:56 | 000,361,288 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[8209.12.26 20:38:56 | 000,029,000 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[8209.12.26 20:38:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2009
[8209.12.26 20:13:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spybot - Search & Destroy
[8209.12.26 20:13:12 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[8209.12.26 20:13:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
[2012.06.10 20:34:23 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.06.10 20:33:12 | 002,322,184 | ---- | C] (ESET) -- C:\Dokumente und Einstellungen\Administrator\Desktop\esetsmartinstaller_enu.exe
[2012.06.10 11:33:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012.06.10 11:32:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.06.10 11:31:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xmldm
[2012.06.07 14:57:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes
[2012.06.07 14:57:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.06.07 14:57:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.06.07 14:57:10 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.06.07 14:57:10 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.06.07 14:36:36 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2012.06.07 14:36:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google
[2012.06.07 14:35:44 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2012.06.07 14:35:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.06.07 12:50:49 | 000,000,000 | ---D | C] -- C:\Programme\Unlocker
[2012.06.07 12:24:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
[2012.06.07 12:23:17 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.06.07 12:20:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2012
[2012.06.07 12:13:06 | 000,000,000 | ---D | C] -- C:\Programme\AVG
[2012.06.07 11:25:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012.06.07 10:55:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\01040
[2012.06.06 20:52:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Sun
[2012.06.05 19:39:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2012.06.04 14:42:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2012.05.31 11:07:57 | 000,000,000 | ---D | C] -- C:\Programme\GUILD WARS
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[8209.12.26 20:38:58 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe
[8209.12.26 20:38:56 | 000,361,288 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[8209.12.26 20:38:52 | 000,001,601 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[8209.12.26 20:38:51 | 000,001,517 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2009.lnk
[8209.12.26 20:19:25 | 000,370,743 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[8209.12.26 18:48:27 | 000,001,786 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\NETGEAR WG311v3 Smart Wizard.lnk
[2012.06.10 23:00:03 | 000,000,508 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2012.06.10 20:33:11 | 002,322,184 | ---- | M] (ESET) -- C:\Dokumente und Einstellungen\Administrator\Desktop\esetsmartinstaller_enu.exe
[2012.06.10 11:34:55 | 000,002,953 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.06.10 10:00:37 | 000,193,252 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.06.10 10:00:30 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.06.10 09:55:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.06.10 02:01:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-STATION015-Administrator.job
[2012.06.07 14:59:20 | 002,359,350 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\screen 1.bmp
[2012.06.07 14:57:11 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.07 14:33:28 | 000,429,732 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.06.07 14:33:28 | 000,075,158 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.06.07 14:33:28 | 000,030,522 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.06.07 14:33:28 | 000,012,458 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.06.07 12:50:51 | 000,000,216 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\QuickStores.url
[2012.06.07 12:07:57 | 000,000,146 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2012.06.07 11:08:19 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.06.07 10:55:20 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\blckdom.res
[2012.06.04 16:21:56 | 000,068,408 | ---- | M] () -- C:\WINDOWS\System32\drivers\6baf4cf4c6102155.sys
[2012.06.04 14:02:02 | 000,103,188 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Boo.jpg
[2012.06.04 13:51:03 | 000,001,004 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012.05.31 11:07:57 | 000,000,596 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\GUILD WARS.lnk
[2012.05.13 03:02:51 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.05.12 04:21:28 | 003,622,880 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[8209.12.26 20:38:57 | 000,000,508 | ---- | C] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[8209.12.26 20:38:51 | 000,001,601 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[8209.12.26 20:38:51 | 000,001,517 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2009.lnk
[8209.12.26 20:38:51 | 000,000,813 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2009.lnk
[2012.06.07 14:59:20 | 002,359,350 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\screen 1.bmp
[2012.06.07 14:57:11 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.07 14:19:39 | 000,001,786 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\NETGEAR WG311v3 Smart Wizard.lnk
[2012.06.07 14:19:39 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
[2012.06.07 14:19:39 | 000,000,836 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\OpenOffice.org 3.1.lnk
[2012.06.07 12:50:51 | 000,000,216 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\QuickStores.url
[2012.06.07 10:55:20 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\blckdom.res
[2012.06.04 16:21:56 | 000,068,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\6baf4cf4c6102155.sys
[2012.06.04 13:56:20 | 000,103,188 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Boo.jpg
[2012.06.01 15:56:25 | 000,000,596 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\GUILD WARS.lnk
[2012.05.11 21:52:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.01.17 20:02:59 | 000,014,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\T10.SYS
[2011.01.17 20:02:59 | 000,014,531 | ---- | C] () -- C:\WINDOWS\System32\drivers\N10.SYS
[2011.01.17 20:02:59 | 000,014,531 | ---- | C] () -- C:\WINDOWS\System32\drivers\ifpusb.sys
[2011.01.17 20:02:59 | 000,014,531 | ---- | C] () -- C:\WINDOWS\System32\drivers\Ifp900.sys
[2011.01.17 20:02:59 | 000,014,531 | ---- | C] () -- C:\WINDOWS\System32\drivers\Ifp800.sys
[2011.01.17 20:02:59 | 000,014,531 | ---- | C] () -- C:\WINDOWS\System32\drivers\Ifp700.sys
[2011.01.17 20:02:59 | 000,014,531 | ---- | C] () -- C:\WINDOWS\System32\drivers\Ifp500.sys
[2011.01.17 20:02:59 | 000,014,531 | ---- | C] () -- C:\WINDOWS\System32\drivers\ifp300.sys
[2011.01.17 20:02:59 | 000,014,531 | ---- | C] () -- C:\WINDOWS\System32\drivers\Ifp1000.sys
[2010.12.09 17:36:15 | 000,070,656 | ---- | C] () -- C:\WINDOWS\pysoft_uninstaller.exe
[2010.11.03 16:44:08 | 000,000,132 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe PNG Format CS5 Prefs
[2010.11.03 16:42:14 | 000,001,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Adobe Für Web speichern 12.0 Prefs
[2010.09.02 19:57:28 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010.08.23 20:43:20 | 000,015,104 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbscan.sys
[2010.08.23 20:34:27 | 001,789,952 | ---- | C] () -- C:\WINDOWS\System32\ZHP1600R.DLL
[2010.08.23 20:34:27 | 000,749,568 | ---- | C] () -- C:\WINDOWS\System32\AGI1600.DLL
[2010.08.23 20:34:27 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\zSHP1600.EXE
[2010.08.23 20:34:27 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\ZHHP1600.EXE
[2010.07.27 15:41:24 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010.07.26 12:53:53 | 000,001,004 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010.07.10 11:42:09 | 000,000,147 | ---- | C] () -- C:\WINDOWS\simple-jpg-animator.ini
[2007.07.27 13:00:00 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\@
[2007.07.27 13:00:00 | 000,002,048 | -HS- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\@
 
========== LOP Check ==========
 
[2011.01.09 12:19:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\.purple
[2011.01.24 19:30:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Bumegy
[2011.01.22 09:42:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DAEMON Tools Lite
[2010.06.16 17:05:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DAEMON Tools Pro
[2010.11.06 22:59:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DVDVideoSoftIEHelpers
[2009.12.19 16:58:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\FOG Downloader
[2010.02.07 20:37:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\FreeVideoConverter
[2010.07.17 12:56:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\gtk-2.0
[2010.05.05 18:34:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Gutscheinmieze
[2010.12.05 10:15:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ICQ
[2010.03.08 15:41:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\mmserver
[2009.11.19 16:25:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\OpenOffice.org
[2009.11.20 18:17:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TuneUp Software
[2009.11.19 16:21:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Windows Desktop Search
[2009.11.20 23:59:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Windows Search
[2012.06.10 11:35:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.06.10 11:33:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2012
[2010.11.18 13:43:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\avg9
[2012.06.07 12:23:17 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2011.01.22 09:36:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010.06.16 17:00:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro
[2009.11.19 17:26:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2010.08.13 10:19:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2012.06.10 11:33:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2011.01.21 08:21:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\namco
[2010.10.19 08:35:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2010.07.09 10:44:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2009.12.20 22:22:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010.02.07 20:42:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VideoConverter
[2009.12.20 22:22:35 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357}
[2012.06.10 23:00:03 | 000,000,508 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.01.09 12:19:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\.purple
[2010.10.19 08:38:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe
[2009.11.19 16:05:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ATI
[2011.01.24 19:30:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Bumegy
[2012.06.04 13:56:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Corel
[2011.01.22 09:42:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DAEMON Tools Lite
[2010.06.16 17:05:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DAEMON Tools Pro
[2010.05.02 01:55:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DivX
[2010.11.06 22:59:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DVDVideoSoftIEHelpers
[2009.12.19 16:58:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\FOG Downloader
[2010.02.07 20:37:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\FreeVideoConverter
[2010.07.17 12:56:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\gtk-2.0
[2010.05.05 18:34:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Gutscheinmieze
[2010.03.12 13:28:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Help
[2010.12.05 10:15:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ICQ
[2009.06.16 14:04:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Identities
[2011.03.03 15:12:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\InstallShield
[2011.03.03 15:13:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Logitech
[2009.06.16 14:12:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia
[2012.06.07 14:57:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes
[2010.10.10 21:23:35 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft
[2010.03.08 15:41:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\mmserver
[2009.06.17 09:25:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla
[2009.11.19 16:25:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\OpenOffice.org
[2010.05.05 18:27:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Skype
[2010.05.04 17:42:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\skypePM
[2009.11.19 16:10:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun
[2009.11.20 18:17:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TuneUp Software
[2009.06.17 09:28:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\vlc
[2009.11.19 16:21:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Windows Desktop Search
[2009.11.20 23:59:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Windows Search
[2009.11.22 14:42:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.01.18 16:35:26 | 000,827,392 | ---- | M] (Synatix GmbH) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Gutscheinmieze\foxstart.exe
[2010.01.18 16:35:26 | 000,827,392 | ---- | M] (Synatix GmbH) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Gutscheinmieze\uninstall.exe
[2010.10.10 21:23:35 | 000,010,752 | R--- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Installer\{83F12F73-D52E-40C0-93B1-463C311C4E17}\Icon8255BBAC1.exe
[2010.10.10 21:23:36 | 000,006,144 | R--- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Installer\{83F12F73-D52E-40C0-93B1-463C311C4E17}\Icon83F12F734.exe
[2010.10.10 21:23:36 | 000,015,360 | R--- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Installer\{83F12F73-D52E-40C0-93B1-463C311C4E17}\Icon83F12F738.exe
[2010.01.18 16:35:26 | 000,827,392 | ---- | M] (Synatix GmbH) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\mmserver\FilterHost.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2007.07.27 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2007.07.27 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2007.07.27 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2007.07.27 13:00:00 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012.06.04 16:21:56 | 000,068,408 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\6baf4cf4c6102155.sys
[2008.04.14 07:19:04 | 000,188,800 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\acpi.sys
[2007.07.27 13:00:00 | 000,012,160 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\acpiec.sys
[2008.04.13 22:09:24 | 000,142,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\aec.sys
[2011.08.17 15:49:54 | 000,138,496 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\afd.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\agp440.sys
[2008.04.14 00:06:40 | 000,044,928 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\agpcpq.sys
[2005.09.22 16:34:18 | 003,727,680 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\alcxwdm.sys
[2008.04.14 00:06:40 | 000,042,752 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\alim1541.sys
[2008.04.14 00:06:40 | 000,043,008 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\amdagp.sys
[2008.04.14 07:20:06 | 000,041,472 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\amdk6.sys
[2008.04.14 07:20:08 | 000,041,856 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\amdk7.sys
[2005.03.09 15:53:00 | 000,043,008 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\AmdK8.sys
[2008.04.14 00:21:26 | 000,060,800 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\arp1394.sys
[2008.04.14 00:27:28 | 000,014,336 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\asyncmac.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 22:04:18 | 000,056,623 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1btxx.sys
[2008.04.13 22:04:18 | 000,011,615 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1mdxx.sys
[2008.04.13 22:04:18 | 000,012,047 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1pdxx.sys
[2008.04.13 22:04:18 | 000,030,671 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1raxx.sys
[2008.04.13 22:04:18 | 000,063,663 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1rvxx.sys
[2008.04.13 22:04:18 | 000,026,367 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1snxx.sys
[2008.04.13 22:04:18 | 000,021,343 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1ttxx.sys
[2008.04.13 22:04:18 | 000,036,463 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1tuxx.sys
[2008.04.13 22:04:20 | 000,029,455 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1xbxx.sys
[2008.04.13 22:04:20 | 000,034,735 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1xsxx.sys
[2008.04.14 07:21:00 | 000,327,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati2mtaa.sys
[2009.07.21 18:30:48 | 003,565,056 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati2mtag.sys
[2008.04.13 22:04:18 | 000,057,856 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinbtxx.sys
[2008.04.13 22:04:18 | 000,013,824 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinmdxx.sys
[2008.04.13 22:04:18 | 000,014,336 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinpdxx.sys
[2008.04.13 22:04:18 | 000,052,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinraxx.sys
[2008.04.13 22:04:18 | 000,104,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinrvxx.sys
[2008.04.13 22:04:18 | 000,028,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinsnxx.sys
[2008.04.13 22:04:18 | 000,013,824 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinttxx.sys
[2008.04.13 22:04:18 | 000,073,216 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atintuxx.sys
[2008.04.13 22:04:20 | 000,031,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinxbxx.sys
[2008.04.13 22:04:20 | 000,063,488 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinxsxx.sys
[2008.04.14 00:21:26 | 000,059,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atmarpc.sys
[2007.07.27 13:00:00 | 000,031,360 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atmepvc.sys
[2008.04.14 00:21:32 | 000,055,808 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atmlane.sys
[2007.07.27 13:00:00 | 000,352,256 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atmuni.sys
[2001.08.17 14:59:44 | 000,003,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\audstub.sys
[2007.07.27 13:00:00 | 000,004,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\beep.sys
[2008.04.14 00:23:24 | 000,071,552 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bridge.sys
[2006.11.01 20:45:14 | 000,219,264 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\BTCamDrv.sys
[2008.04.14 00:16:34 | 000,017,024 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthenum.sys
[2008.04.14 00:16:34 | 000,037,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthmodem.sys
[2008.04.14 00:21:36 | 000,101,120 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthpan.sys
[2008.06.14 19:32:01 | 000,273,024 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthport.sys
[2008.04.14 00:16:32 | 000,036,480 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthprint.sys
[2008.04.14 00:16:30 | 000,018,944 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthusb.sys
[2007.07.27 13:00:00 | 000,013,952 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cbidf2k.sys
[2008.04.14 01:16:24 | 000,017,024 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\CCDECODE.sys
[2007.07.27 13:00:00 | 000,018,688 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cdaudio.sys
[2008.04.14 00:44:22 | 000,063,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cdfs.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cdrom.sys
[2007.07.27 13:00:00 | 000,262,528 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cinemst2.sys
[2008.04.14 00:46:24 | 000,049,536 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\classpnp.sys
[2007.07.27 13:00:00 | 000,011,776 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cpqdap01.sys
[2008.04.14 07:26:32 | 000,040,832 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\crusoe.sys
[2008.04.14 00:10:48 | 000,036,352 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\disk.sys
[2008.04.14 00:10:46 | 000,014,208 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\diskdump.sys
[2008.04.14 07:28:14 | 000,800,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dmboot.sys
[2008.04.14 07:28:20 | 000,154,112 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dmio.sys
[2007.07.27 13:00:00 | 000,005,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dmload.sys
[2008.04.14 00:15:02 | 000,052,864 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dmusic.sys
[2008.04.14 00:15:16 | 000,060,160 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\drmk.sys
[2008.04.14 00:15:14 | 000,002,944 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\drmkaud.sys
[2007.07.27 13:00:00 | 000,010,496 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dxapi.sys
[2008.04.14 00:08:30 | 000,071,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dxg.sys
[2007.07.27 13:00:00 | 000,003,328 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dxgthk.sys
[2008.04.14 00:44:30 | 000,143,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fastfat.sys
[2008.04.14 00:10:26 | 000,027,392 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fdc.sys
[2008.04.14 07:22:52 | 000,044,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fips.sys
[2008.04.14 00:10:26 | 000,020,480 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\flpydisk.sys
[2008.04.14 00:03:00 | 000,129,792 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fltmgr.sys
[2007.07.27 13:00:00 | 000,012,288 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fsvga.sys
[2007.07.27 13:00:00 | 000,007,936 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fs_rec.sys
[2007.07.27 13:00:00 | 000,126,336 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ftdisk.sys
[2008.04.14 00:06:42 | 000,046,464 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\gagp30kx.sys
[2008.04.14 00:15:30 | 000,010,624 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\gameenum.sys
[2008.04.13 22:06:06 | 000,144,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hdaudbus.sys
[2008.04.14 07:24:50 | 000,025,856 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hidbth.sys
[2008.04.14 00:15:28 | 000,036,864 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hidclass.sys
[2008.04.14 00:15:28 | 000,019,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hidir.sys
[2008.04.14 00:15:24 | 000,024,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hidparse.sys
[2008.04.14 00:15:28 | 000,010,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hidusb.sys
[2008.04.13 23:53:50 | 000,220,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
[2008.04.13 23:53:52 | 000,685,056 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hsfcxts2.sys
[2008.04.13 23:53:54 | 001,041,536 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
[2009.10.20 18:20:16 | 000,265,728 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\http.sys
[2008.04.14 07:25:36 | 000,052,992 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2004.03.29 18:28:24 | 000,014,531 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\Ifp1000.sys
[2004.03.29 18:28:24 | 000,014,531 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ifp300.sys
[2004.03.29 18:28:24 | 000,014,531 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\Ifp500.sys
[2004.03.29 18:28:24 | 000,014,531 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\Ifp700.sys
[2004.03.29 18:28:24 | 000,014,531 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\Ifp800.sys
[2004.03.29 18:28:24 | 000,014,531 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\Ifp900.sys
[2004.03.29 18:28:24 | 000,014,531 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ifpusb.sys
[2008.04.14 00:11:00 | 000,042,112 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\imapi.sys
[2008.04.14 07:27:22 | 000,040,448 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\intelppm.sys
[2008.04.14 00:23:36 | 000,036,608 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ip6fw.sys
[2007.07.27 13:00:00 | 000,032,896 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ipfltdrv.sys
[2008.04.14 00:27:08 | 000,020,864 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ipinip.sys
[2008.04.14 00:27:16 | 000,152,832 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ipnat.sys
[2008.04.14 00:49:44 | 000,075,264 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ipsec.sys
[2008.04.14 00:15:36 | 000,046,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\irbus.sys
[2008.04.14 00:24:30 | 000,011,264 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\irenum.sys
[2008.04.14 07:28:04 | 000,037,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 07:28:38 | 000,025,216 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2008.04.14 07:28:38 | 000,014,720 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\kbdhid.sys
[2008.04.14 00:15:10 | 000,172,416 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\kmixer.sys
[2008.04.14 00:46:38 | 000,141,056 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ks.sys
[2009.06.24 13:18:41 | 000,092,928 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ksecdd.sys
[2009.07.14 16:35:30 | 000,019,720 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\LGBusEnum.sys
[2005.03.10 07:42:00 | 000,227,584 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\m4cxw2k3.sys
[2007.07.27 13:00:00 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mcd.sys
[2008.04.13 23:53:58 | 000,011,868 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mdmxsdk.sys
[2008.04.14 00:06:42 | 000,063,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mf.sys
[2007.07.27 13:00:00 | 000,004,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mnmdd.sys
[2008.04.14 07:19:34 | 000,030,336 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\modem.sys
[2008.04.14 07:19:38 | 000,023,552 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mouclass.sys
[2007.07.27 13:00:00 | 000,012,288 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mouhid.sys
[2008.04.14 00:09:48 | 000,042,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mountmgr.sys
[2008.04.14 00:09:46 | 000,092,544 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mqac.sys
[2008.04.14 00:02:46 | 000,180,608 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mrxdav.sys
[2011.07.15 15:29:31 | 000,456,320 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2008.04.14 00:02:40 | 000,019,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\msfs.sys
[2008.04.14 00:26:34 | 000,035,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\msgpc.sys
[2008.04.14 00:09:54 | 000,007,552 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mskssrv.sys
[2008.04.14 00:09:52 | 000,005,376 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mspclock.sys
[2008.04.14 00:09:52 | 000,004,992 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mspqm.sys
[2008.04.14 00:06:48 | 000,015,488 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mssmbios.sys
[2008.04.14 01:09:52 | 000,005,504 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\MSTEE.sys
[2008.04.13 23:53:42 | 000,126,686 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mtlmnt5.sys
[2008.04.13 23:53:40 | 001,309,184 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mtlstrm.sys
[2008.04.13 22:04:28 | 000,452,736 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mtxparhm.sys
[2011.04.21 15:37:43 | 000,105,472 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mup.sys
[2008.04.14 00:13:56 | 000,012,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mutohpen.sys
[2004.03.29 18:28:24 | 000,014,531 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\N10.SYS
[2008.04.14 01:16:26 | 000,085,248 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\NABTSFEC.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndis.sys
[2008.04.14 01:16:24 | 000,010,880 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\NdisIP.sys
[2011.07.08 16:02:00 | 000,010,496 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndistapi.sys
[2008.04.14 00:26:00 | 000,014,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndisuio.sys
[2008.04.14 00:50:44 | 000,091,520 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndiswan.sys
[2010.11.02 17:17:02 | 000,040,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndproxy.sys
[2008.04.14 00:26:04 | 000,034,688 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\netbios.sys
[2008.04.14 00:51:02 | 000,162,816 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\netbt.sys
[2008.04.14 00:21:26 | 000,061,824 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nic1394.sys
[2007.07.27 13:00:00 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nikedrv.sys
[2008.04.14 00:23:10 | 000,040,320 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nmnt.sys
[2008.04.14 00:02:40 | 000,030,848 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\npfs.sys
[2008.04.14 00:45:54 | 000,574,976 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ntfs.sys
[2008.04.13 23:53:42 | 000,180,360 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ntmtlfax.sys
[2009.05.09 02:14:20 | 000,014,736 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nuidfltr.sys
[2007.07.27 13:00:00 | 000,002,944 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\null.sys
[2008.09.17 23:55:00 | 006,132,576 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nv4_mini.sys
[2005.07.29 17:11:02 | 000,034,048 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\NVENETFD.sys
[2005.07.29 17:11:04 | 000,012,928 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nvnetbus.sys
[2005.07.29 17:10:46 | 000,301,312 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nvnrm.sys
[2005.07.29 17:10:32 | 000,221,824 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nvsnpu.sys
[2005.07.29 17:10:54 | 000,100,480 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nvtcp.sys
[2007.07.27 13:00:00 | 000,012,416 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkflt.sys
[2007.07.27 13:00:00 | 000,032,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
[2008.04.14 00:26:08 | 000,088,320 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkipx.sys
[2007.07.27 13:00:00 | 000,063,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnknb.sys
[2007.07.27 13:00:00 | 000,055,936 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkspx.sys
[2008.04.14 00:04:14 | 000,163,584 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwrdr.sys
[2007.07.27 13:00:00 | 000,003,456 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\oprghdlr.sys
[2008.04.14 07:32:10 | 000,046,848 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\p3.sys
[2008.04.14 07:32:12 | 000,080,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\parport.sys
[2008.04.14 00:10:50 | 000,019,712 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\partmgr.sys
[2007.07.27 13:00:00 | 000,007,040 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\parvdm.sys
[2008.04.14 07:32:14 | 000,068,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pci.sys
[2001.08.18 05:30:42 | 000,003,328 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pciide.sys
[2008.04.14 00:10:30 | 000,024,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pciidex.sys
[2008.04.14 07:32:18 | 000,120,576 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pcmcia.sys
[2008.04.14 00:49:42 | 000,146,048 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\portcls.sys
[2008.04.14 07:21:22 | 000,039,936 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\processr.sys
[2008.04.14 00:26:40 | 000,069,120 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\psched.sys
[2007.07.27 13:00:00 | 000,017,792 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ptilink.sys
[2010.03.31 03:58:04 | 000,044,944 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\PxHelp20.sys
[2007.07.27 13:00:00 | 000,008,832 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rasacd.sys
[2008.04.14 00:49:44 | 000,051,328 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rasl2tp.sys
[2008.04.14 00:27:34 | 000,041,472 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\raspppoe.sys
[2008.04.14 00:49:50 | 000,048,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\raspptp.sys
[2007.07.27 13:00:00 | 000,016,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\raspti.sys
[2007.07.27 13:00:00 | 000,034,432 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rawwan.sys
[2008.04.14 00:58:40 | 000,175,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdbss.sys
[2007.07.27 13:00:00 | 000,004,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdpcdd.sys
[2008.04.14 00:02:52 | 000,196,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdpdr.sys
[2012.01.09 18:20:20 | 000,139,784 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdpwd.sys
[2008.04.13 23:53:44 | 000,013,776 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\recagent.sys
[2008.04.14 07:22:52 | 000,057,728 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\redbook.sys
[2008.04.14 00:16:34 | 000,059,136 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rfcomm.sys
[2007.07.27 13:00:00 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rio8drv.sys
[2007.07.27 13:00:00 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\riodrv.sys
[2008.05.08 16:02:52 | 000,203,136 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rmcast.sys
[2008.04.14 00:26:50 | 000,030,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rndismp.sys
[2008.04.14 00:26:50 | 000,030,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rndismpx.sys
[2007.07.27 13:00:00 | 000,005,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rootmdm.sys
[2008.04.13 22:04:34 | 000,166,912 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s3gnbm.sys
[2008.04.14 00:10:32 | 000,096,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\scsiport.sys
[2008.04.14 00:06:46 | 000,079,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sdbus.sys
[2008.04.13 22:09:16 | 000,020,480 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\secdrv.sys
[2008.04.14 00:10:14 | 000,015,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\serenum.sys
[2008.04.14 07:25:00 | 000,065,536 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\serial.sys
[2005.08.10 14:44:04 | 000,050,688 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sfdrv01.sys
[2008.04.14 00:10:48 | 000,011,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sffdisk.sys
[2008.04.14 00:10:50 | 000,010,240 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sffp_mmc.sys
[2008.04.14 00:10:48 | 000,011,008 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sffp_sd.sys
[2005.05.16 15:20:39 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sfhlp02.sys
[2008.04.14 00:10:50 | 000,011,392 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sfloppy.sys
[2005.08.10 16:06:28 | 000,019,968 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sfsync02.sys
[2005.08.24 15:55:48 | 000,066,560 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sfvfs02.sys
[2008.04.14 00:06:40 | 000,040,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sisagp.sys
[2008.04.14 01:16:24 | 000,011,136 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\SLIP.sys
[2008.04.13 23:53:44 | 000,129,535 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slnt7554.sys
[2008.04.13 23:53:46 | 000,404,990 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slntamr.sys
[2008.04.13 23:53:48 | 000,095,424 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slnthal.sys
[2008.04.13 23:53:48 | 000,013,240 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slwdmsup.sys
[2008.04.14 00:06:36 | 000,005,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\smbali.sys
[2007.07.27 13:00:00 | 000,014,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\smclib.sys
[2008.04.14 00:16:08 | 000,025,344 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sonydcam.sys
[2008.04.14 00:15:08 | 000,006,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\splitter.sys
[2008.04.14 07:32:34 | 000,073,472 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sr.sys
[2011.02.17 15:18:03 | 000,357,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\srv.sys
[2008.04.14 00:15:16 | 000,049,408 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\stream.sys
[2008.04.14 01:16:22 | 000,015,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\StreamIP.sys
[2008.04.14 00:09:54 | 000,004,352 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\swenum.sys
[2008.04.14 00:15:10 | 000,056,576 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\swmidi.sys
[2008.04.14 00:45:56 | 000,060,800 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sysaudio.sys
[2005.04.15 15:13:16 | 000,014,540 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\T10.SYS
[2008.04.14 00:10:52 | 000,014,976 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tape.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2010.02.11 14:02:15 | 000,226,880 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tcpip6.sys
[2008.04.14 00:30:06 | 000,019,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tdi.sys
[2008.04.14 07:53:28 | 000,012,040 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tdpipe.sys
[2008.04.14 07:53:28 | 000,021,896 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tdtcp.sys
[2008.04.14 07:53:28 | 000,040,840 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\termdd.sys
[2007.07.27 13:00:00 | 000,051,712 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tosdvd.sys
[2007.07.27 13:00:00 | 000,021,376 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tsbvcap.sys
[2008.04.14 00:26:02 | 000,012,288 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tunmp.sys
[2008.04.14 00:06:42 | 000,044,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\uagp35.sys
[2008.04.14 00:02:38 | 000,066,048 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\udfs.sys
[2008.04.14 00:09:48 | 000,384,768 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\update.sys
[2008.04.14 00:26:50 | 000,012,800 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usb8023.sys
[2008.04.14 00:26:50 | 000,012,800 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usb8023x.sys
[2008.04.14 00:15:42 | 000,025,600 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbcamd.sys
[2008.04.14 00:15:42 | 000,025,728 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbcamd2.sys
[2008.04.14 01:15:40 | 000,032,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbccgp.sys
[2007.07.27 13:00:00 | 000,004,736 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbd.sys
[2008.04.14 00:15:36 | 000,030,208 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbehci.sys
[2008.04.14 00:15:38 | 000,059,520 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbhub.sys
[2008.04.14 00:15:44 | 000,015,872 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbintel.sys
[2008.04.14 00:15:36 | 000,017,152 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbohci.sys
[2008.04.14 00:15:38 | 000,143,872 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbport.sys
[2008.04.14 00:17:38 | 000,025,856 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbprint.sys
[2008.04.14 00:15:36 | 000,015,104 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbscan.sys
[2008.04.14 00:15:40 | 000,026,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbstor.sys
[2008.04.14 00:16:22 | 000,121,984 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbvideo.sys
[2009.08.09 23:25:56 | 000,029,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\VClone.sys
[2007.07.27 13:00:00 | 000,058,112 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\vdmindvd.sys
[2008.04.14 00:14:42 | 000,020,992 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\vga.sys
[2008.04.14 00:06:42 | 000,042,240 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\viaagp.sys
[2008.04.14 00:14:42 | 000,081,664 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\videoprt.sys
[2008.04.14 07:22:04 | 000,053,760 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\volsnap.sys
[2008.04.14 00:13:56 | 000,014,208 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wacompen.sys
[2008.04.13 22:04:28 | 000,011,807 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv07nt.sys
[2008.04.13 22:04:28 | 000,011,295 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv08nt.sys
[2008.04.13 22:04:28 | 000,011,871 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv09nt.sys
[2008.04.13 22:04:30 | 000,011,935 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv11nt.sys
[2008.04.14 00:27:22 | 000,034,560 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wanarp.sys
[2008.04.13 22:04:30 | 000,022,271 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\watv06nt.sys
[2008.04.13 22:04:30 | 000,025,471 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\watv10nt.sys
[2006.11.02 08:22:54 | 000,492,000 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wdf01000.sys
[2006.11.02 08:22:52 | 000,032,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wdfldr.sys
[2008.04.14 00:47:20 | 000,083,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wdmaud.sys
[2005.12.29 19:07:50 | 000,282,624 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\WG311v3XP.sys
[2007.07.27 13:00:00 | 000,004,352 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wmilib.sys
[2006.10.18 20:00:00 | 000,038,528 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wpdusb.sys
[2007.07.27 13:00:00 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
[2008.04.14 01:16:26 | 000,019,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
[2006.09.28 18:55:50 | 000,077,568 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\WudfPf.sys
[2006.09.28 19:00:34 | 000,082,944 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\WudfRd.sys
[2007.12.06 09:51:00 | 000,285,952 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\yk51x86.sys
 
< %systemroot%\System32\config\*.sav >
[2009.06.16 15:46:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.06.16 15:46:10 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.06.16 15:46:10 | 000,442,368 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 07:52:08 | 000,377,984 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ati2dvaa.dll
[2009.07.21 17:54:20 | 000,325,120 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ati2dvag.dll
[2008.04.14 07:52:08 | 000,870,784 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ati3d1ag.dll
[2009.07.21 17:32:12 | 003,818,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ati3duag.dll
[2009.07.21 17:17:30 | 002,670,720 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ativvaxx.dll
[2011.02.15 14:56:39 | 000,290,432 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\atmfd.dll
[2007.07.27 13:00:00 | 000,012,288 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\bootvid.dll
[2011.10.28 07:31:46 | 000,033,280 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\csrsrv.dll
[2008.04.14 07:50:36 | 000,009,344 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\framebuf.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\HAL.DLL
[2007.07.27 13:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\KBDAL.DLL
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdaze.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdazel.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdbe.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdbene.dll
[2008.04.14 07:50:52 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdbhc.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdblr.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdbr.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdbu.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdca.dll
[2007.07.27 13:00:00 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdcan.dll
[2007.07.27 13:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdcr.dll
[2007.07.27 13:00:00 | 000,007,168 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdcz.dll
[2007.07.27 13:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdcz1.dll
[2007.07.27 13:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdcz2.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdda.dll
[2007.07.27 13:00:00 | 000,005,120 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbddv.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdes.dll
[2007.07.27 13:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdest.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdfc.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdfi.dll
[2008.04.14 07:50:52 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdfi1.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdfo.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdfr.dll
[2007.07.27 13:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdgae.dll
[2007.07.27 13:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdgkl.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdgr.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdgr1.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhe.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhe220.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhe319.dll
[2007.07.27 13:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhela2.dll
[2007.07.27 13:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhela3.dll
[2007.07.27 13:00:00 | 000,008,192 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhept.dll
[2007.07.27 13:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhu.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhu1.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdic.dll
[2008.04.14 07:50:52 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdinbe1.dll
[2008.04.14 07:50:52 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdinben.dll
[2008.04.14 07:50:52 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdinmal.dll
[2007.07.27 13:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdir.dll
[2007.07.27 13:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdit.dll
[2007.07.27 13:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdit142.dll
[2008.04.14 07:50:52 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdiultn.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdkaz.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdkyr.dll
[2007.07.27 13:00:00 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdla.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdlt.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdlt1.dll
[2007.07.27 13:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdlv.dll
[2007.07.27 13:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdlv1.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdmac.dll
[2008.04.14 07:50:52 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdmaori.dll
[2008.04.14 07:50:52 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdmlt47.dll
[2008.04.14 07:50:52 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdmlt48.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdmon.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdne.dll
[2008.04.14 07:50:52 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdnec.dll
[2008.04.14 07:50:52 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdnepr.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdno.dll
[2008.04.14 07:50:52 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdno1.dll
[2008.04.14 07:50:52 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdpash.dll
[2007.07.27 13:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdpl.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdpl1.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdpo.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdro.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdru.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdru1.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsf.dll
[2007.07.27 13:00:00 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsg.dll
[2007.07.27 13:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsl.dll
[2007.07.27 13:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsl1.dll
[2008.04.14 07:50:52 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsmsfi.dll
[2008.04.14 07:50:52 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsmsno.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsp.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsw.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdtat.dll
[2007.07.27 13:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdtuf.dll
[2007.07.27 13:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdtuq.dll
[2007.07.27 13:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbduk.dll
[2008.04.14 07:50:52 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdukx.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdur.dll
[2007.07.27 13:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdus.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdusl.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdusr.dll
[2007.07.27 13:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdusx.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbduzb.dll
[2007.07.27 13:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdycc.dll
[2007.07.27 13:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdycl.dll
[2008.04.14 00:01:36 | 000,007,424 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kd1394.dll
[2007.07.27 13:00:00 | 000,007,040 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kdcom.dll
[2007.07.27 13:00:00 | 000,010,496 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\mcdsrv32.dll
[2008.04.14 07:52:16 | 000,034,560 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\mnmdd.dll
[2007.07.27 13:00:00 | 000,010,112 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\modex.dll
[2006.03.15 15:19:34 | 000,032,768 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\MrvGINA.dll
[2008.04.14 00:00:48 | 000,061,440 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\msvcrt40.dll
[2008.04.14 07:52:20 | 001,737,856 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\mtxparhd.dll
[2008.09.17 23:55:00 | 006,057,472 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\nv4_disp.dll
[2008.04.14 07:53:28 | 000,092,424 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\rdpdd.dll
[2008.04.14 07:52:24 | 000,397,056 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\s3gnb.dll
[2009.08.26 10:00:21 | 000,247,326 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\strmdll.dll
[2008.04.14 07:53:28 | 000,012,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\tsddd.dll
[2007.07.27 13:00:00 | 000,009,344 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\vga.dll
[2007.07.27 13:00:00 | 000,051,456 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\vga256.dll
[2007.07.27 13:00:00 | 000,018,176 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\vga64k.dll
[2007.07.27 13:00:00 | 000,060,928 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\wmerrDEU.dll
[2008.04.14 07:52:34 | 000,303,616 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\wmstream.dll
[2007.07.27 13:00:00 | 000,003,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\wowfax.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
<           >

< End of report >

cosinus · 11.06.2012, 11:28

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
[2012.06.01 12:05:10 | 000,001,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\xiwo6i1u.default\searchplugins\icqplugin.xml
[2010.02.03 21:46:08 | 000,002,061 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\xiwo6i1u.default\searchplugins\qipsearch.xml
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1417001333-682003330-500\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKU\S-1-5-21-1645522239-1417001333-682003330-500..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.16 13:57:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.10.10 21:13:33 | 000,000,000 | ---D | M] - C:\Autorun -- [ NTFS ]
O33 - MountPoints2\{e189ce72-aa14-11df-b957-00138f631573}\Shell - "" = AutoRun
O33 - MountPoints2\{e189ce72-aa14-11df-b957-00138f631573}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e189ce72-aa14-11df-b957-00138f631573}\Shell\AutoRun\command - "" = G:\Install.exe
[2012.06.07 11:25:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012.06.07 10:55:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\01040
[2012.06.07 10:55:20 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\blckdom.res
[2012.06.04 16:21:56 | 000,068,408 | ---- | M] () -- C:\WINDOWS\System32\drivers\6baf4cf4c6102155.sys
[2012.06.10 11:31:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xmldm
[2007.07.27 13:00:00 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\@
[2007.07.27 13:00:00 | 000,002,048 | -HS- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\@
[2010.05.05 18:34:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Gutscheinmieze
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Wutzkopp · 11.06.2012, 17:21

Hallo melde mich zurück^^
Hat alles so funktioniert wie beschrieben.

Code:

ATTFilter

All processes killed
========== OTL ==========
C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\xiwo6i1u.default\searchplugins\icqplugin.xml moved successfully.
C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\xiwo6i1u.default\searchplugins\qipsearch.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27}\ not found.
Registry value HKEY_USERS\S-1-5-21-1645522239-1417001333-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1645522239-1417001333-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27}\ not found.
Registry value HKEY_USERS\S-1-5-21-1645522239-1417001333-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UnlockerAssistant deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1645522239-1417001333-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
File  not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e189ce72-aa14-11df-b957-00138f631573}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e189ce72-aa14-11df-b957-00138f631573}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e189ce72-aa14-11df-b957-00138f631573}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e189ce72-aa14-11df-b957-00138f631573}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e189ce72-aa14-11df-b957-00138f631573}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e189ce72-aa14-11df-b957-00138f631573}\ not found.
File G:\Install.exe not found.
C:\WINDOWS\PIF folder moved successfully.
C:\WINDOWS\System32\01040\components folder moved successfully.
C:\WINDOWS\System32\01040 folder moved successfully.
C:\WINDOWS\system32\blckdom.res moved successfully.
File move failed. C:\WINDOWS\system32\drivers\6baf4cf4c6102155.sys scheduled to be moved on reboot.
C:\WINDOWS\System32\xmldm folder moved successfully.
C:\WINDOWS\Installer\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\@ moved successfully.
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\{1ac53c7a-ed05-275d-1316-08d039cfffbb}\@ moved successfully.
C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Gutscheinmieze folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 130105859 bytes
->Temporary Internet Files folder emptied: 145661240 bytes
->Java cache emptied: 61053 bytes
->FireFox cache emptied: 66362135 bytes
->Google Chrome cache emptied: 6434541 bytes
->Flash cache emptied: 217262 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 26608864 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 72787738 bytes
->Java cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2154807 bytes
%systemroot%\System32 .tmp files removed: 3215 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 45592 bytes
RecycleBin emptied: 984114 bytes
 
Total Files Cleaned = 431,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
Total Flash Files Cleaned = 0,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.48.0 log created on 06112012_181446

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\system32\drivers\6baf4cf4c6102155.sys scheduled to be moved on reboot.

Registry entries deleted on Reboot...

danke^^

cosinus · 11.06.2012, 20:25

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Wutzkopp · 12.06.2012, 16:42

Und Täglich grüßt das Murmeltier^^

hier mien TDSS Log:

Code:

ATTFilter

17:37:46.0875 2852	TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
17:37:47.0046 2852	============================================================
17:37:47.0046 2852	Current date / time: 2012/06/12 17:37:47.0046
17:37:47.0046 2852	SystemInfo:
17:37:47.0046 2852	
17:37:47.0046 2852	OS Version: 5.1.2600 ServicePack: 3.0
17:37:47.0046 2852	Product type: Workstation
17:37:47.0046 2852	ComputerName: STATION015
17:37:47.0046 2852	UserName: Administrator
17:37:47.0046 2852	Windows directory: C:\WINDOWS
17:37:47.0046 2852	System windows directory: C:\WINDOWS
17:37:47.0046 2852	Processor architecture: Intel x86
17:37:47.0046 2852	Number of processors: 1
17:37:47.0046 2852	Page size: 0x1000
17:37:47.0046 2852	Boot type: Normal boot
17:37:47.0046 2852	============================================================
17:37:51.0359 2852	!crdlk
17:37:51.0375 2852	Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
17:37:51.0375 2852	============================================================
17:37:51.0375 2852	\Device\Harddisk0\DR0:
17:37:51.0375 2852	MBR partitions:
17:37:51.0375 2852	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
17:37:51.0375 2852	============================================================
17:37:51.0421 2852	C: <-> \Device\Harddisk0\DR0\Partition0
17:37:51.0421 2852	============================================================
17:37:51.0421 2852	Initialize success
17:37:51.0421 2852	============================================================
17:38:04.0796 3876	============================================================
17:38:04.0796 3876	Scan started
17:38:04.0796 3876	Mode: Manual; SigCheck; TDLFS; 
17:38:04.0796 3876	============================================================
17:38:04.0937 3876	Suspicious service (NoAccess): 6baf4cf4c6102155
17:38:05.0078 3876	6baf4cf4c6102155 (1fb5b5f1e8ee11c948c0389ede1f8e8e) C:\WINDOWS\System32\Drivers\6baf4cf4c6102155.sys
17:38:05.0078 3876	Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\6baf4cf4c6102155.sys. md5: 1fb5b5f1e8ee11c948c0389ede1f8e8e
17:38:05.0093 3876	6baf4cf4c6102155 ( LockedService.Multi.Generic ) - warning
17:38:05.0093 3876	6baf4cf4c6102155 - detected LockedService.Multi.Generic (1)
17:38:05.0109 3876	Abiosdsk - ok
17:38:05.0140 3876	abp480n5 - ok
17:38:05.0218 3876	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:38:06.0421 3876	ACPI - ok
17:38:06.0484 3876	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:38:06.0625 3876	ACPIEC - ok
17:38:06.0640 3876	adfs - ok
17:38:06.0718 3876	Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
17:38:06.0734 3876	Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
17:38:06.0734 3876	Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
17:38:06.0750 3876	adpu160m - ok
17:38:06.0781 3876	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:38:06.0921 3876	aec - ok
17:38:06.0968 3876	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:38:07.0031 3876	AFD - ok
17:38:07.0046 3876	Aha154x - ok
17:38:07.0062 3876	aic78u2 - ok
17:38:07.0078 3876	aic78xx - ok
17:38:07.0250 3876	ALCXWDM         (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
17:38:07.0453 3876	ALCXWDM - ok
17:38:07.0609 3876	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
17:38:07.0718 3876	Alerter - ok
17:38:07.0734 3876	ALG - ok
17:38:07.0750 3876	AliIde - ok
17:38:07.0765 3876	AmdK8           (769844eb65df6a62aa51b886290fe51d) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:38:07.0781 3876	AmdK8 - ok
17:38:07.0796 3876	amdtools - ok
17:38:07.0812 3876	amsint - ok
17:38:07.0859 3876	AppMgmt         (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
17:38:07.0968 3876	AppMgmt - ok
17:38:07.0984 3876	asc - ok
17:38:08.0000 3876	asc3350p - ok
17:38:08.0015 3876	asc3550 - ok
17:38:08.0109 3876	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:38:08.0125 3876	aspnet_state - ok
17:38:08.0156 3876	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:38:08.0265 3876	AsyncMac - ok
17:38:08.0296 3876	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:38:08.0406 3876	atapi - ok
17:38:08.0421 3876	Atdisk - ok
17:38:08.0453 3876	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:38:08.0562 3876	Atmarpc - ok
17:38:08.0609 3876	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
17:38:08.0734 3876	AudioSrv - ok
17:38:08.0781 3876	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:38:08.0906 3876	audstub - ok
17:38:08.0953 3876	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:38:09.0093 3876	Beep - ok
17:38:09.0140 3876	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
17:38:09.0281 3876	BITS - ok
17:38:09.0312 3876	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
17:38:09.0437 3876	Browser - ok
17:38:09.0468 3876	BTCAMDRV        (62506a32d1f1878655dc3de3dfd1cff2) C:\WINDOWS\system32\DRIVERS\BTCamDrv.sys
17:38:09.0500 3876	BTCAMDRV ( UnsignedFile.Multi.Generic ) - warning
17:38:09.0500 3876	BTCAMDRV - detected UnsignedFile.Multi.Generic (1)
17:38:09.0531 3876	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:38:09.0671 3876	cbidf2k - ok
17:38:09.0703 3876	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:38:09.0796 3876	CCDECODE - ok
17:38:09.0812 3876	cd20xrnt - ok
17:38:09.0843 3876	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:38:09.0984 3876	Cdaudio - ok
17:38:10.0031 3876	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:38:10.0125 3876	Cdfs - ok
17:38:10.0156 3876	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:38:10.0281 3876	Cdrom - ok
17:38:10.0296 3876	Changer - ok
17:38:10.0328 3876	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
17:38:10.0453 3876	CiSvc - ok
17:38:10.0468 3876	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
17:38:10.0578 3876	ClipSrv - ok
17:38:10.0609 3876	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:38:10.0625 3876	clr_optimization_v2.0.50727_32 - ok
17:38:10.0640 3876	CmdIde - ok
17:38:10.0656 3876	COMSysApp - ok
17:38:10.0671 3876	Cpqarray - ok
17:38:10.0718 3876	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
17:38:10.0828 3876	CryptSvc - ok
17:38:10.0843 3876	dac2w2k - ok
17:38:10.0859 3876	dac960nt - ok
17:38:10.0921 3876	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:38:10.0984 3876	DcomLaunch - ok
17:38:11.0031 3876	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
17:38:11.0156 3876	Dhcp - ok
17:38:11.0187 3876	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:38:11.0328 3876	Disk - ok
17:38:11.0343 3876	dmadmin - ok
17:38:11.0406 3876	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
17:38:11.0562 3876	dmboot - ok
17:38:11.0593 3876	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
17:38:11.0734 3876	dmio - ok
17:38:11.0750 3876	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:38:11.0875 3876	dmload - ok
17:38:11.0921 3876	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
17:38:12.0046 3876	dmserver - ok
17:38:12.0078 3876	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:38:12.0203 3876	DMusic - ok
17:38:12.0234 3876	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
17:38:12.0296 3876	Dnscache - ok
17:38:12.0359 3876	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
17:38:12.0468 3876	Dot3svc - ok
17:38:12.0484 3876	dpti2o - ok
17:38:12.0531 3876	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:38:12.0625 3876	drmkaud - ok
17:38:12.0656 3876	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
17:38:12.0781 3876	EapHost - ok
17:38:12.0828 3876	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
17:38:12.0921 3876	ERSvc - ok
17:38:12.0984 3876	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:38:13.0031 3876	Eventlog - ok
17:38:13.0078 3876	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
17:38:13.0109 3876	EventSystem - ok
17:38:13.0140 3876	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:38:13.0265 3876	Fastfat - ok
17:38:13.0312 3876	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:38:13.0359 3876	FastUserSwitchingCompatibility - ok
17:38:13.0406 3876	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:38:13.0500 3876	Fdc - ok
17:38:13.0531 3876	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
17:38:13.0640 3876	Fips - ok
17:38:13.0671 3876	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:38:13.0812 3876	Flpydisk - ok
17:38:13.0843 3876	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:38:13.0953 3876	FltMgr - ok
17:38:14.0046 3876	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:38:14.0062 3876	FontCache3.0.0.0 - ok
17:38:14.0078 3876	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:38:14.0218 3876	Fs_Rec - ok
17:38:14.0250 3876	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:38:14.0406 3876	Ftdisk - ok
17:38:14.0421 3876	gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:38:14.0531 3876	gameenum - ok
17:38:14.0578 3876	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:38:14.0703 3876	Gpc - ok
17:38:14.0781 3876	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:38:14.0890 3876	helpsvc - ok
17:38:14.0921 3876	HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
17:38:15.0046 3876	HidServ - ok
17:38:15.0078 3876	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:38:15.0187 3876	hidusb - ok
17:38:15.0218 3876	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
17:38:15.0343 3876	hkmsvc - ok
17:38:15.0359 3876	hpn - ok
17:38:15.0421 3876	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:38:15.0468 3876	HTTP - ok
17:38:15.0500 3876	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
17:38:15.0625 3876	HTTPFilter - ok
17:38:15.0640 3876	i2omgmt - ok
17:38:15.0656 3876	i2omp - ok
17:38:15.0687 3876	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:38:15.0812 3876	i8042prt - ok
17:38:15.0906 3876	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:38:15.0953 3876	idsvc - ok
17:38:16.0015 3876	IFP1000         (7d19431e613a70262e5586fa76bb29f0) C:\WINDOWS\system32\drivers\ifp1000.sys
17:38:16.0031 3876	IFP1000 ( UnsignedFile.Multi.Generic ) - warning
17:38:16.0031 3876	IFP1000 - detected UnsignedFile.Multi.Generic (1)
17:38:16.0078 3876	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:38:16.0203 3876	Imapi - ok
17:38:16.0250 3876	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
17:38:16.0375 3876	ImapiService - ok
17:38:16.0390 3876	ini910u - ok
17:38:16.0406 3876	IntelIde - ok
17:38:16.0437 3876	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:38:16.0546 3876	Ip6Fw - ok
17:38:16.0578 3876	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:38:16.0703 3876	IpFilterDriver - ok
17:38:16.0734 3876	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:38:16.0843 3876	IpInIp - ok
17:38:16.0875 3876	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:38:17.0000 3876	IpNat - ok
17:38:17.0031 3876	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:38:17.0156 3876	IPSec - ok
17:38:17.0187 3876	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:38:17.0296 3876	IRENUM - ok
17:38:17.0328 3876	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:38:17.0453 3876	isapnp - ok
17:38:17.0531 3876	JavaQuickStarterService (39133291cb607bdd87cfc565a4a1e7a5) C:\Programme\Java\jre6\bin\jqs.exe
17:38:17.0546 3876	JavaQuickStarterService - ok
17:38:17.0562 3876	JL2005 - ok
17:38:17.0578 3876	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:38:17.0703 3876	Kbdclass - ok
17:38:17.0734 3876	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:38:17.0843 3876	kbdhid - ok
17:38:17.0859 3876	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:38:17.0984 3876	kmixer - ok
17:38:18.0015 3876	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:38:18.0062 3876	KSecDD - ok
17:38:18.0093 3876	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
17:38:18.0140 3876	lanmanserver - ok
17:38:18.0187 3876	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
17:38:18.0218 3876	lanmanworkstation - ok
17:38:18.0234 3876	lbrtfdc - ok
17:38:18.0281 3876	LGBusEnum       (4d29522a2c0ac9847fb2e628ba067583) C:\WINDOWS\system32\drivers\LGBusEnum.sys
17:38:18.0328 3876	LGBusEnum - ok
17:38:18.0375 3876	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
17:38:18.0484 3876	LmHosts - ok
17:38:18.0531 3876	m4cxw2k3        (3b1ad8ef095368ef02cadc7fcf0b8ac5) C:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys
17:38:18.0562 3876	m4cxw2k3 - ok
17:38:18.0640 3876	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
17:38:18.0656 3876	MBAMProtector - ok
17:38:18.0703 3876	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
17:38:18.0734 3876	MBAMService - ok
17:38:18.0812 3876	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
17:38:18.0937 3876	Messenger - ok
17:38:18.0984 3876	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:38:19.0125 3876	mnmdd - ok
17:38:19.0156 3876	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
17:38:19.0265 3876	mnmsrvc - ok
17:38:19.0281 3876	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
17:38:19.0390 3876	Modem - ok
17:38:19.0437 3876	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:38:19.0562 3876	Mouclass - ok
17:38:19.0593 3876	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:38:19.0734 3876	mouhid - ok
17:38:19.0781 3876	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:38:19.0921 3876	MountMgr - ok
17:38:19.0937 3876	mraid35x - ok
17:38:19.0984 3876	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:38:20.0109 3876	MRxDAV - ok
17:38:20.0171 3876	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:38:20.0218 3876	MRxSmb - ok
17:38:20.0250 3876	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
17:38:20.0359 3876	MSDTC - ok
17:38:20.0390 3876	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:38:20.0531 3876	Msfs - ok
17:38:20.0546 3876	MSIServer - ok
17:38:20.0578 3876	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:38:20.0687 3876	MSKSSRV - ok
17:38:20.0703 3876	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:38:20.0812 3876	MSPCLOCK - ok
17:38:20.0828 3876	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:38:20.0937 3876	MSPQM - ok
17:38:20.0984 3876	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:38:21.0093 3876	mssmbios - ok
17:38:21.0140 3876	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:38:21.0234 3876	MSTEE - ok
17:38:21.0281 3876	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:38:21.0312 3876	Mup - ok
17:38:21.0343 3876	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:38:21.0453 3876	NABTSFEC - ok
17:38:21.0500 3876	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
17:38:21.0609 3876	napagent - ok
17:38:21.0656 3876	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:38:21.0750 3876	NDIS - ok
17:38:21.0781 3876	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:38:21.0875 3876	NdisIP - ok
17:38:21.0906 3876	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:38:21.0953 3876	NdisTapi - ok
17:38:22.0000 3876	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:38:22.0125 3876	Ndisuio - ok
17:38:22.0140 3876	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:38:22.0250 3876	NdisWan - ok
17:38:22.0296 3876	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:38:22.0328 3876	NDProxy - ok
17:38:22.0375 3876	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:38:22.0468 3876	NetBIOS - ok
17:38:22.0484 3876	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:38:22.0609 3876	NetBT - ok
17:38:22.0656 3876	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:38:22.0765 3876	NetDDE - ok
17:38:22.0781 3876	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:38:22.0890 3876	NetDDEdsdm - ok
17:38:22.0921 3876	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:38:23.0015 3876	Netlogon - ok
17:38:23.0046 3876	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
17:38:23.0171 3876	Netman - ok
17:38:23.0265 3876	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:38:23.0281 3876	NetTcpPortSharing - ok
17:38:23.0328 3876	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
17:38:23.0359 3876	Nla - ok
17:38:23.0390 3876	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:38:23.0484 3876	Npfs - ok
17:38:23.0546 3876	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:38:23.0671 3876	Ntfs - ok
17:38:23.0687 3876	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:38:23.0781 3876	NtLmSsp - ok
17:38:23.0843 3876	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
17:38:23.0953 3876	NtmsSvc - ok
17:38:23.0984 3876	NuidFltr        (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
17:38:24.0000 3876	NuidFltr - ok
17:38:24.0031 3876	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:38:24.0171 3876	Null - ok
17:38:24.0468 3876	nv              (70cb8915895ccb92ddf23ce890c4f5be) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:38:24.0671 3876	nv - ok
17:38:24.0812 3876	NVENETFD        (2a7a2c6ab9631028b6e3a4159aa65705) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
17:38:24.0843 3876	NVENETFD - ok
17:38:24.0875 3876	nvnetbus        (20526a8827dc0956b5526aebcb6751a0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
17:38:24.0906 3876	nvnetbus - ok
17:38:24.0953 3876	NVSvc           (f96df45cfbdc670584293e03c2ab602a) C:\WINDOWS\system32\nvsvc32.exe
17:38:24.0968 3876	NVSvc - ok
17:38:25.0015 3876	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:38:25.0171 3876	NwlnkFlt - ok
17:38:25.0187 3876	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:38:25.0343 3876	NwlnkFwd - ok
17:38:25.0421 3876	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
17:38:25.0531 3876	Parport - ok
17:38:25.0562 3876	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:38:25.0671 3876	PartMgr - ok
17:38:25.0703 3876	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
17:38:25.0843 3876	ParVdm - ok
17:38:25.0859 3876	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
17:38:25.0968 3876	PCI - ok
17:38:25.0984 3876	PCIDump - ok
17:38:26.0015 3876	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:38:26.0156 3876	PCIIde - ok
17:38:26.0203 3876	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:38:26.0296 3876	Pcmcia - ok
17:38:26.0312 3876	PDCOMP - ok
17:38:26.0328 3876	PDFRAME - ok
17:38:26.0343 3876	PDRELI - ok
17:38:26.0359 3876	PDRFRAME - ok
17:38:26.0375 3876	perc2 - ok
17:38:26.0390 3876	perc2hib - ok
17:38:26.0484 3876	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:38:26.0484 3876	PlugPlay - ok
17:38:26.0515 3876	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:38:26.0609 3876	PolicyAgent - ok
17:38:26.0656 3876	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:38:26.0765 3876	PptpMiniport - ok
17:38:26.0796 3876	Processor       (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
17:38:26.0906 3876	Processor - ok
17:38:26.0921 3876	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:38:27.0015 3876	ProtectedStorage - ok
17:38:27.0093 3876	ProtexisLicensing (64e413ba0c529aa40c3924bbcc4153db) C:\WINDOWS\system32\PSIService.exe
17:38:27.0125 3876	ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
17:38:27.0125 3876	ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
17:38:27.0156 3876	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:38:27.0265 3876	PSched - ok
17:38:27.0312 3876	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:38:27.0484 3876	Ptilink - ok
17:38:27.0531 3876	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:38:27.0531 3876	PxHelp20 - ok
17:38:27.0562 3876	ql1080 - ok
17:38:27.0578 3876	Ql10wnt - ok
17:38:27.0593 3876	ql12160 - ok
17:38:27.0609 3876	ql1240 - ok
17:38:27.0625 3876	ql1280 - ok
17:38:27.0640 3876	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:38:27.0796 3876	RasAcd - ok
17:38:27.0828 3876	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
17:38:27.0937 3876	RasAuto - ok
17:38:27.0968 3876	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:38:28.0078 3876	Rasl2tp - ok
17:38:28.0125 3876	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
17:38:28.0250 3876	RasMan - ok
17:38:28.0265 3876	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:38:28.0375 3876	RasPppoe - ok
17:38:28.0406 3876	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:38:28.0562 3876	Raspti - ok
17:38:28.0609 3876	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:38:28.0703 3876	Rdbss - ok
17:38:28.0718 3876	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:38:28.0859 3876	RDPCDD - ok
17:38:28.0890 3876	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:38:29.0000 3876	rdpdr - ok
17:38:29.0062 3876	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:38:29.0093 3876	RDPWD - ok
17:38:29.0125 3876	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
17:38:29.0234 3876	RDSessMgr - ok
17:38:29.0265 3876	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:38:29.0375 3876	redbook - ok
17:38:29.0406 3876	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
17:38:29.0515 3876	RemoteAccess - ok
17:38:29.0562 3876	RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
17:38:29.0656 3876	RemoteRegistry - ok
17:38:29.0687 3876	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
17:38:29.0796 3876	RpcLocator - ok
17:38:29.0859 3876	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:38:29.0875 3876	RpcSs - ok
17:38:29.0921 3876	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
17:38:30.0078 3876	RSVP - ok
17:38:30.0109 3876	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:38:30.0203 3876	SamSs - ok
17:38:30.0250 3876	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
17:38:30.0359 3876	SCardSvr - ok
17:38:30.0406 3876	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
17:38:30.0515 3876	Schedule - ok
17:38:30.0562 3876	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:38:30.0656 3876	Secdrv - ok
17:38:30.0671 3876	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
17:38:30.0765 3876	seclogon - ok
17:38:30.0812 3876	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
17:38:30.0921 3876	SENS - ok
17:38:30.0953 3876	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:38:31.0062 3876	serenum - ok
17:38:31.0093 3876	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
17:38:31.0203 3876	Serial - ok
17:38:31.0265 3876	sfdrv01         (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
17:38:31.0296 3876	sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
17:38:31.0296 3876	sfdrv01 - detected UnsignedFile.Multi.Generic (1)
17:38:31.0312 3876	sfhlp02         (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
17:38:31.0312 3876	sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
17:38:31.0312 3876	sfhlp02 - detected UnsignedFile.Multi.Generic (1)
17:38:31.0343 3876	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:38:31.0453 3876	Sfloppy - ok
17:38:31.0484 3876	sfsync02        (efebbc1d13fdb77a6af4eddfc7232edf) C:\WINDOWS\system32\drivers\sfsync02.sys
17:38:31.0484 3876	sfsync02 ( UnsignedFile.Multi.Generic ) - warning
17:38:31.0484 3876	sfsync02 - detected UnsignedFile.Multi.Generic (1)
17:38:31.0515 3876	sfvfs02         (4edf98028a05263b515b17b3e7b52509) C:\WINDOWS\system32\drivers\sfvfs02.sys
17:38:31.0515 3876	sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
17:38:31.0515 3876	sfvfs02 - detected UnsignedFile.Multi.Generic (1)
17:38:31.0593 3876	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:38:31.0625 3876	ShellHWDetection - ok
17:38:31.0640 3876	Simbad - ok
17:38:31.0671 3876	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:38:31.0781 3876	SLIP - ok
17:38:31.0796 3876	Sparrow - ok
17:38:31.0828 3876	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:38:31.0937 3876	splitter - ok
17:38:31.0984 3876	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:38:32.0031 3876	Spooler - ok
17:38:32.0109 3876	sptd            (614deea4bdcec3fd5a07bdc705723ad7) C:\WINDOWS\System32\Drivers\sptd.sys
17:38:32.0125 3876	sptd - ok
17:38:32.0156 3876	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
17:38:32.0265 3876	sr - ok
17:38:32.0328 3876	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
17:38:32.0437 3876	srservice - ok
17:38:32.0484 3876	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:38:32.0546 3876	Srv - ok
17:38:32.0578 3876	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
17:38:32.0703 3876	SSDPSRV - ok
17:38:32.0734 3876	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
17:38:32.0875 3876	stisvc - ok
17:38:32.0906 3876	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:38:33.0015 3876	streamip - ok
17:38:33.0046 3876	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:38:33.0171 3876	swenum - ok
17:38:33.0296 3876	SwitchBoard     (f577910a133a592234ebaad3f3afa258) C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe
17:38:33.0312 3876	SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
17:38:33.0312 3876	SwitchBoard - detected UnsignedFile.Multi.Generic (1)
17:38:33.0359 3876	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:38:33.0468 3876	swmidi - ok
17:38:33.0484 3876	SwPrv - ok
17:38:33.0500 3876	symc810 - ok
17:38:33.0515 3876	symc8xx - ok
17:38:33.0531 3876	sym_hi - ok
17:38:33.0546 3876	sym_u3 - ok
17:38:33.0562 3876	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:38:33.0671 3876	sysaudio - ok
17:38:33.0703 3876	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
17:38:33.0812 3876	SysmonLog - ok
17:38:33.0859 3876	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
17:38:33.0968 3876	TapiSrv - ok
17:38:34.0031 3876	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:38:34.0062 3876	Tcpip - ok
17:38:34.0093 3876	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:38:34.0203 3876	TDPIPE - ok
17:38:34.0234 3876	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:38:34.0343 3876	TDTCP - ok
17:38:34.0390 3876	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:38:34.0484 3876	TermDD - ok
17:38:34.0546 3876	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
17:38:34.0671 3876	TermService - ok
17:38:34.0718 3876	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:38:34.0734 3876	Themes - ok
17:38:34.0781 3876	TlntSvr         (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
17:38:34.0875 3876	TlntSvr - ok
17:38:34.0890 3876	TosIde - ok
17:38:34.0937 3876	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
17:38:35.0046 3876	TrkWks - ok
17:38:35.0109 3876	TuneUp.Defrag   (6a29cd69d1128bdf49a705befc614a5b) C:\WINDOWS\System32\TuneUpDefragService.exe
17:38:35.0125 3876	TuneUp.Defrag - ok
17:38:35.0203 3876	TuneUp.ProgramStatisticsSvc (51ee2913ed525de18fda96dccbc5386a) C:\WINDOWS\System32\TUProgSt.exe
17:38:35.0250 3876	TuneUp.ProgramStatisticsSvc - ok
17:38:35.0281 3876	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:38:35.0390 3876	Udfs - ok
17:38:35.0421 3876	ultra - ok
17:38:35.0468 3876	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:38:35.0578 3876	Update - ok
17:38:35.0625 3876	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
17:38:35.0734 3876	upnphost - ok
17:38:35.0765 3876	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
17:38:35.0875 3876	UPS - ok
17:38:35.0921 3876	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:38:36.0015 3876	usbccgp - ok
17:38:36.0046 3876	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:38:36.0156 3876	usbehci - ok
17:38:36.0171 3876	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:38:36.0281 3876	usbhub - ok
17:38:36.0312 3876	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:38:36.0406 3876	usbohci - ok
17:38:36.0468 3876	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:38:36.0578 3876	usbprint - ok
17:38:36.0625 3876	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:38:36.0734 3876	usbscan - ok
17:38:36.0750 3876	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:38:36.0859 3876	USBSTOR - ok
17:38:36.0906 3876	UxTuneUp        (2e2e93041c8058bc7de6f0d743c4a0c6) C:\WINDOWS\System32\uxtuneup.dll
17:38:36.0921 3876	UxTuneUp - ok
17:38:36.0953 3876	VClone          (94d73b62e458fb56c9ce60aa96d914f9) C:\WINDOWS\system32\DRIVERS\VClone.sys
17:38:36.0968 3876	VClone ( UnsignedFile.Multi.Generic ) - warning
17:38:36.0968 3876	VClone - detected UnsignedFile.Multi.Generic (1)
17:38:37.0000 3876	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:38:37.0109 3876	VgaSave - ok
17:38:37.0125 3876	ViaIde - ok
17:38:37.0171 3876	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
17:38:37.0281 3876	VolSnap - ok
17:38:37.0328 3876	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
17:38:37.0437 3876	VSS - ok
17:38:37.0484 3876	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
17:38:37.0640 3876	W32Time - ok
17:38:37.0703 3876	W8335XP         (f0bdc2b474e26117ee77bfdba051fb3c) C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys
17:38:37.0734 3876	W8335XP ( UnsignedFile.Multi.Generic ) - warning
17:38:37.0734 3876	W8335XP - detected UnsignedFile.Multi.Generic (1)
17:38:37.0781 3876	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:38:37.0890 3876	Wanarp - ok
17:38:37.0953 3876	Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:38:37.0984 3876	Wdf01000 - ok
17:38:38.0000 3876	WDICA - ok
17:38:38.0031 3876	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:38:38.0140 3876	wdmaud - ok
17:38:38.0203 3876	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
17:38:38.0296 3876	WebClient - ok
17:38:38.0390 3876	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:38:38.0500 3876	winmgmt - ok
17:38:38.0562 3876	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:38:38.0609 3876	WmdmPmSN - ok
17:38:38.0687 3876	Wmi             (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
17:38:38.0750 3876	Wmi - ok
17:38:38.0812 3876	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:38:38.0921 3876	WmiApSrv - ok
17:38:39.0062 3876	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
17:38:39.0125 3876	WMPNetworkSvc - ok
17:38:39.0187 3876	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:38:39.0203 3876	WpdUsb - ok
17:38:39.0234 3876	WSearch - ok
17:38:39.0281 3876	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:38:39.0390 3876	WSTCODEC - ok
17:38:39.0421 3876	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
17:38:39.0546 3876	wuauserv - ok
17:38:39.0593 3876	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:38:39.0640 3876	WudfPf - ok
17:38:39.0656 3876	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:38:39.0687 3876	WudfRd - ok
17:38:39.0718 3876	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
17:38:39.0734 3876	WudfSvc - ok
17:38:39.0812 3876	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
17:38:39.0937 3876	WZCSVC - ok
17:38:39.0968 3876	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
17:38:40.0109 3876	xmlprov - ok
17:38:40.0156 3876	yukonwxp        (4322c32ced8c4772e039616dcbf01d3f) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
17:38:40.0187 3876	yukonwxp - ok
17:38:40.0265 3876	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
17:38:40.0656 3876	\Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:38:40.0656 3876	\Device\Harddisk0\DR0 - detected TDSS File System (1)
17:38:40.0687 3876	Boot (0x1200)   (92e74aedc387388a88143fc171643b26) \Device\Harddisk0\DR0\Partition0
17:38:40.0687 3876	\Device\Harddisk0\DR0\Partition0 - ok
17:38:40.0687 3876	============================================================
17:38:40.0687 3876	Scan finished
17:38:40.0687 3876	============================================================
17:38:40.0828 3652	Detected object count: 13
17:38:40.0828 3652	Actual detected object count: 13
17:39:52.0046 3652	6baf4cf4c6102155 ( LockedService.Multi.Generic ) - skipped by user
17:39:52.0046 3652	6baf4cf4c6102155 ( LockedService.Multi.Generic ) - User select action: Skip 
17:39:52.0046 3652	Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:52.0046 3652	Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:52.0046 3652	BTCAMDRV ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:52.0046 3652	BTCAMDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:52.0046 3652	IFP1000 ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:52.0046 3652	IFP1000 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:52.0046 3652	ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:52.0046 3652	ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:52.0046 3652	sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:52.0046 3652	sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:52.0062 3652	sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:52.0062 3652	sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:52.0062 3652	sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:52.0062 3652	sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:52.0062 3652	sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:52.0062 3652	sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:52.0062 3652	SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:52.0062 3652	SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:52.0062 3652	VClone ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:52.0062 3652	VClone ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:52.0062 3652	W8335XP ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:52.0062 3652	W8335XP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:52.0062 3652	\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:39:52.0062 3652	\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Vielen Dank^^

cosinus · 12.06.2012, 21:40

Zitat:

6baf4cf4c6102155 ( LockedService.Multi.Generic ) - skipped by user
\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

Diese beiden Einträge mit dem TDSS-Killer bitte entfernen lassen. (cure bzw. delete)
Starte Windows danach neu und mach ein neues Log mit dem TDSS-Killer

Wutzkopp · 13.06.2012, 17:25

Hallo^^
Sieht gut aus er scheint nichts gefunden zu haben, ausserdem hat der TDSS-Killer vor dem entfernen der 2 Einträge beim starten immer die Meldung "Cannot Load Driver" angezeigt, das macht er jetzt nicht mehr.

lG und vielen dank^^

Log:

Code:

ATTFilter

18:15:28.0156 0656	TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
18:15:28.0296 0656	============================================================
18:15:28.0296 0656	Current date / time: 2012/06/13 18:15:28.0296
18:15:28.0296 0656	SystemInfo:
18:15:28.0296 0656	
18:15:28.0296 0656	OS Version: 5.1.2600 ServicePack: 3.0
18:15:28.0296 0656	Product type: Workstation
18:15:28.0296 0656	ComputerName: STATION015
18:15:28.0296 0656	UserName: Administrator
18:15:28.0296 0656	Windows directory: C:\WINDOWS
18:15:28.0296 0656	System windows directory: C:\WINDOWS
18:15:28.0296 0656	Processor architecture: Intel x86
18:15:28.0296 0656	Number of processors: 1
18:15:28.0296 0656	Page size: 0x1000
18:15:28.0296 0656	Boot type: Normal boot
18:15:28.0296 0656	============================================================
18:15:29.0734 0656	Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:15:29.0734 0656	============================================================
18:15:29.0734 0656	\Device\Harddisk0\DR0:
18:15:29.0734 0656	MBR partitions:
18:15:29.0734 0656	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
18:15:29.0734 0656	============================================================
18:15:29.0765 0656	C: <-> \Device\Harddisk0\DR0\Partition0
18:15:29.0765 0656	============================================================
18:15:29.0765 0656	Initialize success
18:15:29.0765 0656	============================================================
18:15:35.0812 2772	============================================================
18:15:35.0812 2772	Scan started
18:15:35.0812 2772	Mode: Manual; 
18:15:35.0812 2772	============================================================
18:15:37.0671 2772	Abiosdsk - ok
18:15:37.0687 2772	abp480n5 - ok
18:15:37.0750 2772	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:15:37.0750 2772	ACPI - ok
18:15:37.0781 2772	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:15:37.0781 2772	ACPIEC - ok
18:15:37.0796 2772	adfs - ok
18:15:37.0875 2772	Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
18:15:37.0875 2772	Adobe LM Service - ok
18:15:37.0890 2772	adpu160m - ok
18:15:37.0921 2772	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:15:37.0921 2772	aec - ok
18:15:37.0968 2772	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:15:37.0968 2772	AFD - ok
18:15:37.0984 2772	Aha154x - ok
18:15:38.0000 2772	aic78u2 - ok
18:15:38.0000 2772	aic78xx - ok
18:15:38.0156 2772	ALCXWDM         (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
18:15:38.0203 2772	ALCXWDM - ok
18:15:38.0328 2772	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
18:15:38.0328 2772	Alerter - ok
18:15:38.0343 2772	ALG - ok
18:15:38.0343 2772	AliIde - ok
18:15:38.0375 2772	AmdK8           (769844eb65df6a62aa51b886290fe51d) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
18:15:38.0375 2772	AmdK8 - ok
18:15:38.0390 2772	amdtools - ok
18:15:38.0406 2772	amsint - ok
18:15:38.0437 2772	AppMgmt         (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
18:15:38.0453 2772	AppMgmt - ok
18:15:38.0453 2772	asc - ok
18:15:38.0468 2772	asc3350p - ok
18:15:38.0468 2772	asc3550 - ok
18:15:38.0515 2772	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:15:38.0515 2772	aspnet_state - ok
18:15:38.0546 2772	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:15:38.0546 2772	AsyncMac - ok
18:15:38.0578 2772	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:15:38.0578 2772	atapi - ok
18:15:38.0593 2772	Atdisk - ok
18:15:38.0625 2772	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:15:38.0625 2772	Atmarpc - ok
18:15:38.0687 2772	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
18:15:38.0687 2772	AudioSrv - ok
18:15:38.0718 2772	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:15:38.0718 2772	audstub - ok
18:15:38.0796 2772	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:15:38.0796 2772	Beep - ok
18:15:38.0843 2772	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
18:15:38.0875 2772	BITS - ok
18:15:38.0906 2772	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
18:15:38.0906 2772	Browser - ok
18:15:38.0953 2772	BTCAMDRV        (62506a32d1f1878655dc3de3dfd1cff2) C:\WINDOWS\system32\DRIVERS\BTCamDrv.sys
18:15:38.0968 2772	BTCAMDRV - ok
18:15:38.0984 2772	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:15:38.0984 2772	cbidf2k - ok
18:15:39.0000 2772	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:15:39.0000 2772	CCDECODE - ok
18:15:39.0015 2772	cd20xrnt - ok
18:15:39.0046 2772	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:15:39.0046 2772	Cdaudio - ok
18:15:39.0078 2772	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:15:39.0078 2772	Cdfs - ok
18:15:39.0125 2772	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:15:39.0125 2772	Cdrom - ok
18:15:39.0125 2772	Changer - ok
18:15:39.0156 2772	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
18:15:39.0156 2772	CiSvc - ok
18:15:39.0187 2772	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
18:15:39.0187 2772	ClipSrv - ok
18:15:39.0218 2772	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:15:39.0218 2772	clr_optimization_v2.0.50727_32 - ok
18:15:39.0234 2772	CmdIde - ok
18:15:39.0234 2772	COMSysApp - ok
18:15:39.0250 2772	Cpqarray - ok
18:15:39.0281 2772	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
18:15:39.0281 2772	CryptSvc - ok
18:15:39.0296 2772	dac2w2k - ok
18:15:39.0312 2772	dac960nt - ok
18:15:39.0375 2772	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
18:15:39.0375 2772	DcomLaunch - ok
18:15:39.0421 2772	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
18:15:39.0437 2772	Dhcp - ok
18:15:39.0453 2772	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:15:39.0453 2772	Disk - ok
18:15:39.0453 2772	dmadmin - ok
18:15:39.0531 2772	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
18:15:39.0546 2772	dmboot - ok
18:15:39.0562 2772	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
18:15:39.0562 2772	dmio - ok
18:15:39.0593 2772	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:15:39.0593 2772	dmload - ok
18:15:39.0609 2772	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
18:15:39.0609 2772	dmserver - ok
18:15:39.0640 2772	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:15:39.0640 2772	DMusic - ok
18:15:39.0671 2772	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
18:15:39.0671 2772	Dnscache - ok
18:15:39.0734 2772	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
18:15:39.0734 2772	Dot3svc - ok
18:15:39.0750 2772	dpti2o - ok
18:15:39.0765 2772	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:15:39.0765 2772	drmkaud - ok
18:15:39.0796 2772	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
18:15:39.0796 2772	EapHost - ok
18:15:39.0828 2772	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
18:15:39.0828 2772	ERSvc - ok
18:15:39.0859 2772	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
18:15:39.0875 2772	Eventlog - ok
18:15:39.0937 2772	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
18:15:39.0937 2772	EventSystem - ok
18:15:39.0953 2772	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:15:39.0953 2772	Fastfat - ok
18:15:40.0015 2772	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
18:15:40.0015 2772	FastUserSwitchingCompatibility - ok
18:15:40.0062 2772	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:15:40.0062 2772	Fdc - ok
18:15:40.0078 2772	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
18:15:40.0078 2772	Fips - ok
18:15:40.0093 2772	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:15:40.0093 2772	Flpydisk - ok
18:15:40.0109 2772	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:15:40.0109 2772	FltMgr - ok
18:15:40.0203 2772	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:15:40.0203 2772	FontCache3.0.0.0 - ok
18:15:40.0218 2772	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:15:40.0218 2772	Fs_Rec - ok
18:15:40.0234 2772	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:15:40.0234 2772	Ftdisk - ok
18:15:40.0250 2772	gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
18:15:40.0250 2772	gameenum - ok
18:15:40.0296 2772	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:15:40.0296 2772	Gpc - ok
18:15:40.0375 2772	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:15:40.0375 2772	helpsvc - ok
18:15:40.0406 2772	HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
18:15:40.0406 2772	HidServ - ok
18:15:40.0437 2772	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:15:40.0437 2772	hidusb - ok
18:15:40.0468 2772	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
18:15:40.0468 2772	hkmsvc - ok
18:15:40.0484 2772	hpn - ok
18:15:40.0531 2772	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:15:40.0531 2772	HTTP - ok
18:15:40.0562 2772	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
18:15:40.0562 2772	HTTPFilter - ok
18:15:40.0562 2772	i2omgmt - ok
18:15:40.0578 2772	i2omp - ok
18:15:40.0593 2772	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:15:40.0593 2772	i8042prt - ok
18:15:40.0718 2772	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:15:40.0734 2772	idsvc - ok
18:15:40.0765 2772	IFP1000         (7d19431e613a70262e5586fa76bb29f0) C:\WINDOWS\system32\drivers\ifp1000.sys
18:15:40.0765 2772	IFP1000 - ok
18:15:40.0812 2772	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:15:40.0812 2772	Imapi - ok
18:15:40.0875 2772	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
18:15:40.0875 2772	ImapiService - ok
18:15:40.0890 2772	ini910u - ok
18:15:40.0906 2772	IntelIde - ok
18:15:40.0937 2772	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:15:40.0937 2772	Ip6Fw - ok
18:15:40.0953 2772	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:15:40.0953 2772	IpFilterDriver - ok
18:15:40.0968 2772	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:15:40.0968 2772	IpInIp - ok
18:15:41.0000 2772	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:15:41.0000 2772	IpNat - ok
18:15:41.0031 2772	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:15:41.0031 2772	IPSec - ok
18:15:41.0062 2772	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:15:41.0062 2772	IRENUM - ok
18:15:41.0093 2772	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:15:41.0093 2772	isapnp - ok
18:15:41.0187 2772	JavaQuickStarterService (39133291cb607bdd87cfc565a4a1e7a5) C:\Programme\Java\jre6\bin\jqs.exe
18:15:41.0187 2772	JavaQuickStarterService - ok
18:15:41.0203 2772	JL2005 - ok
18:15:41.0218 2772	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:15:41.0218 2772	Kbdclass - ok
18:15:41.0265 2772	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:15:41.0265 2772	kbdhid - ok
18:15:41.0281 2772	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:15:41.0296 2772	kmixer - ok
18:15:41.0328 2772	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:15:41.0328 2772	KSecDD - ok
18:15:41.0343 2772	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
18:15:41.0343 2772	lanmanserver - ok
18:15:41.0390 2772	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
18:15:41.0390 2772	lanmanworkstation - ok
18:15:41.0406 2772	lbrtfdc - ok
18:15:41.0453 2772	LGBusEnum       (4d29522a2c0ac9847fb2e628ba067583) C:\WINDOWS\system32\drivers\LGBusEnum.sys
18:15:41.0453 2772	LGBusEnum - ok
18:15:41.0500 2772	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
18:15:41.0500 2772	LmHosts - ok
18:15:41.0546 2772	m4cxw2k3        (3b1ad8ef095368ef02cadc7fcf0b8ac5) C:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys
18:15:41.0546 2772	m4cxw2k3 - ok
18:15:41.0593 2772	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
18:15:41.0593 2772	MBAMProtector - ok
18:15:41.0671 2772	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
18:15:41.0687 2772	MBAMService - ok
18:15:41.0703 2772	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
18:15:41.0718 2772	Messenger - ok
18:15:41.0750 2772	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:15:41.0750 2772	mnmdd - ok
18:15:41.0781 2772	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
18:15:41.0796 2772	mnmsrvc - ok
18:15:41.0828 2772	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
18:15:41.0828 2772	Modem - ok
18:15:41.0843 2772	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:15:41.0843 2772	Mouclass - ok
18:15:41.0890 2772	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:15:41.0890 2772	mouhid - ok
18:15:41.0906 2772	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:15:41.0906 2772	MountMgr - ok
18:15:41.0921 2772	mraid35x - ok
18:15:41.0953 2772	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:15:41.0953 2772	MRxDAV - ok
18:15:41.0984 2772	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:15:41.0984 2772	MRxSmb - ok
18:15:42.0015 2772	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
18:15:42.0015 2772	MSDTC - ok
18:15:42.0046 2772	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:15:42.0046 2772	Msfs - ok
18:15:42.0062 2772	MSIServer - ok
18:15:42.0093 2772	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:15:42.0093 2772	MSKSSRV - ok
18:15:42.0093 2772	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:15:42.0093 2772	MSPCLOCK - ok
18:15:42.0109 2772	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:15:42.0109 2772	MSPQM - ok
18:15:42.0125 2772	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:15:42.0125 2772	mssmbios - ok
18:15:42.0156 2772	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:15:42.0156 2772	MSTEE - ok
18:15:42.0171 2772	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:15:42.0187 2772	Mup - ok
18:15:42.0203 2772	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:15:42.0203 2772	NABTSFEC - ok
18:15:42.0265 2772	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
18:15:42.0281 2772	napagent - ok
18:15:42.0296 2772	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:15:42.0312 2772	NDIS - ok
18:15:42.0328 2772	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:15:42.0328 2772	NdisIP - ok
18:15:42.0390 2772	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:15:42.0390 2772	NdisTapi - ok
18:15:42.0437 2772	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:15:42.0437 2772	Ndisuio - ok
18:15:42.0453 2772	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:15:42.0453 2772	NdisWan - ok
18:15:42.0500 2772	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:15:42.0500 2772	NDProxy - ok
18:15:42.0515 2772	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:15:42.0515 2772	NetBIOS - ok
18:15:42.0531 2772	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:15:42.0531 2772	NetBT - ok
18:15:42.0578 2772	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
18:15:42.0578 2772	NetDDE - ok
18:15:42.0593 2772	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
18:15:42.0593 2772	NetDDEdsdm - ok
18:15:42.0625 2772	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:15:42.0625 2772	Netlogon - ok
18:15:42.0703 2772	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
18:15:42.0703 2772	Netman - ok
18:15:42.0812 2772	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:15:42.0812 2772	NetTcpPortSharing - ok
18:15:42.0859 2772	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
18:15:42.0875 2772	Nla - ok
18:15:42.0890 2772	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:15:42.0890 2772	Npfs - ok
18:15:42.0968 2772	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:15:42.0968 2772	Ntfs - ok
18:15:42.0984 2772	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:15:42.0984 2772	NtLmSsp - ok
18:15:43.0046 2772	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
18:15:43.0046 2772	NtmsSvc - ok
18:15:43.0078 2772	NuidFltr        (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
18:15:43.0093 2772	NuidFltr - ok
18:15:43.0125 2772	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:15:43.0125 2772	Null - ok
18:15:43.0421 2772	nv              (70cb8915895ccb92ddf23ce890c4f5be) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:15:43.0546 2772	nv - ok
18:15:43.0671 2772	NVENETFD        (2a7a2c6ab9631028b6e3a4159aa65705) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
18:15:43.0671 2772	NVENETFD - ok
18:15:43.0718 2772	nvnetbus        (20526a8827dc0956b5526aebcb6751a0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
18:15:43.0718 2772	nvnetbus - ok
18:15:43.0765 2772	NVSvc           (f96df45cfbdc670584293e03c2ab602a) C:\WINDOWS\system32\nvsvc32.exe
18:15:43.0765 2772	NVSvc - ok
18:15:43.0796 2772	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:15:43.0796 2772	NwlnkFlt - ok
18:15:43.0812 2772	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:15:43.0812 2772	NwlnkFwd - ok
18:15:43.0828 2772	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
18:15:43.0828 2772	Parport - ok
18:15:43.0875 2772	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:15:43.0875 2772	PartMgr - ok
18:15:43.0875 2772	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
18:15:43.0875 2772	ParVdm - ok
18:15:43.0890 2772	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
18:15:43.0890 2772	PCI - ok
18:15:43.0906 2772	PCIDump - ok
18:15:43.0937 2772	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:15:43.0937 2772	PCIIde - ok
18:15:44.0046 2772	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:15:44.0046 2772	Pcmcia - ok
18:15:44.0062 2772	PDCOMP - ok
18:15:44.0078 2772	PDFRAME - ok
18:15:44.0093 2772	PDRELI - ok
18:15:44.0093 2772	PDRFRAME - ok
18:15:44.0109 2772	perc2 - ok
18:15:44.0109 2772	perc2hib - ok
18:15:44.0187 2772	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
18:15:44.0187 2772	PlugPlay - ok
18:15:44.0203 2772	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:15:44.0203 2772	PolicyAgent - ok
18:15:44.0234 2772	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:15:44.0234 2772	PptpMiniport - ok
18:15:44.0250 2772	Processor       (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
18:15:44.0250 2772	Processor - ok
18:15:44.0265 2772	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:15:44.0265 2772	ProtectedStorage - ok
18:15:44.0312 2772	ProtexisLicensing (64e413ba0c529aa40c3924bbcc4153db) C:\WINDOWS\system32\PSIService.exe
18:15:44.0328 2772	ProtexisLicensing - ok
18:15:44.0343 2772	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:15:44.0343 2772	PSched - ok
18:15:44.0359 2772	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:15:44.0359 2772	Ptilink - ok
18:15:44.0406 2772	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:15:44.0406 2772	PxHelp20 - ok
18:15:44.0421 2772	ql1080 - ok
18:15:44.0421 2772	Ql10wnt - ok
18:15:44.0437 2772	ql12160 - ok
18:15:44.0437 2772	ql1240 - ok
18:15:44.0453 2772	ql1280 - ok
18:15:44.0468 2772	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:15:44.0468 2772	RasAcd - ok
18:15:44.0500 2772	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
18:15:44.0515 2772	RasAuto - ok
18:15:44.0546 2772	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:15:44.0546 2772	Rasl2tp - ok
18:15:44.0593 2772	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
18:15:44.0593 2772	RasMan - ok
18:15:44.0609 2772	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:15:44.0609 2772	RasPppoe - ok
18:15:44.0609 2772	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:15:44.0625 2772	Raspti - ok
18:15:44.0656 2772	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:15:44.0656 2772	Rdbss - ok
18:15:44.0703 2772	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:15:44.0703 2772	RDPCDD - ok
18:15:44.0718 2772	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:15:44.0734 2772	rdpdr - ok
18:15:44.0781 2772	RDPWD           (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
18:15:44.0781 2772	RDPWD - ok
18:15:44.0812 2772	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
18:15:44.0812 2772	RDSessMgr - ok
18:15:44.0859 2772	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:15:44.0859 2772	redbook - ok
18:15:44.0890 2772	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
18:15:44.0890 2772	RemoteAccess - ok
18:15:44.0906 2772	RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
18:15:44.0906 2772	RemoteRegistry - ok
18:15:44.0937 2772	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
18:15:44.0937 2772	RpcLocator - ok
18:15:45.0000 2772	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
18:15:45.0000 2772	RpcSs - ok
18:15:45.0046 2772	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
18:15:45.0046 2772	RSVP - ok
18:15:45.0093 2772	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:15:45.0093 2772	SamSs - ok
18:15:45.0125 2772	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
18:15:45.0125 2772	SCardSvr - ok
18:15:45.0171 2772	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
18:15:45.0171 2772	Schedule - ok
18:15:45.0218 2772	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:15:45.0218 2772	Secdrv - ok
18:15:45.0234 2772	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
18:15:45.0234 2772	seclogon - ok
18:15:45.0265 2772	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
18:15:45.0265 2772	SENS - ok
18:15:45.0281 2772	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:15:45.0281 2772	serenum - ok
18:15:45.0296 2772	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
18:15:45.0296 2772	Serial - ok
18:15:45.0359 2772	sfdrv01         (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
18:15:45.0359 2772	sfdrv01 - ok
18:15:45.0375 2772	sfhlp02         (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
18:15:45.0375 2772	sfhlp02 - ok
18:15:45.0421 2772	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:15:45.0421 2772	Sfloppy - ok
18:15:45.0453 2772	sfsync02        (efebbc1d13fdb77a6af4eddfc7232edf) C:\WINDOWS\system32\drivers\sfsync02.sys
18:15:45.0453 2772	sfsync02 - ok
18:15:45.0468 2772	sfvfs02         (4edf98028a05263b515b17b3e7b52509) C:\WINDOWS\system32\drivers\sfvfs02.sys
18:15:45.0468 2772	sfvfs02 - ok
18:15:45.0531 2772	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
18:15:45.0531 2772	ShellHWDetection - ok
18:15:45.0546 2772	Simbad - ok
18:15:45.0578 2772	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:15:45.0578 2772	SLIP - ok
18:15:45.0578 2772	Sparrow - ok
18:15:45.0609 2772	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:15:45.0609 2772	splitter - ok
18:15:45.0656 2772	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
18:15:45.0656 2772	Spooler - ok
18:15:45.0718 2772	sptd            (614deea4bdcec3fd5a07bdc705723ad7) C:\WINDOWS\System32\Drivers\sptd.sys
18:15:45.0718 2772	sptd - ok
18:15:45.0734 2772	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
18:15:45.0734 2772	sr - ok
18:15:45.0781 2772	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
18:15:45.0781 2772	srservice - ok
18:15:45.0843 2772	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:15:45.0843 2772	Srv - ok
18:15:45.0875 2772	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
18:15:45.0875 2772	SSDPSRV - ok
18:15:45.0906 2772	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
18:15:45.0921 2772	stisvc - ok
18:15:45.0953 2772	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:15:45.0953 2772	streamip - ok
18:15:45.0984 2772	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:15:45.0984 2772	swenum - ok
18:15:46.0062 2772	SwitchBoard     (f577910a133a592234ebaad3f3afa258) C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe
18:15:46.0078 2772	SwitchBoard - ok
18:15:46.0109 2772	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:15:46.0109 2772	swmidi - ok
18:15:46.0109 2772	SwPrv - ok
18:15:46.0125 2772	symc810 - ok
18:15:46.0140 2772	symc8xx - ok
18:15:46.0140 2772	sym_hi - ok
18:15:46.0156 2772	sym_u3 - ok
18:15:46.0171 2772	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:15:46.0171 2772	sysaudio - ok
18:15:46.0218 2772	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
18:15:46.0218 2772	SysmonLog - ok
18:15:46.0250 2772	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
18:15:46.0265 2772	TapiSrv - ok
18:15:46.0312 2772	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:15:46.0328 2772	Tcpip - ok
18:15:46.0343 2772	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:15:46.0343 2772	TDPIPE - ok
18:15:46.0359 2772	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:15:46.0375 2772	TDTCP - ok
18:15:46.0390 2772	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:15:46.0390 2772	TermDD - ok
18:15:46.0421 2772	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
18:15:46.0437 2772	TermService - ok
18:15:46.0500 2772	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
18:15:46.0500 2772	Themes - ok
18:15:46.0546 2772	TlntSvr         (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
18:15:46.0546 2772	TlntSvr - ok
18:15:46.0562 2772	TosIde - ok
18:15:46.0593 2772	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
18:15:46.0593 2772	TrkWks - ok
18:15:46.0671 2772	TuneUp.Defrag   (6a29cd69d1128bdf49a705befc614a5b) C:\WINDOWS\System32\TuneUpDefragService.exe
18:15:46.0687 2772	TuneUp.Defrag - ok
18:15:46.0734 2772	TuneUp.ProgramStatisticsSvc (51ee2913ed525de18fda96dccbc5386a) C:\WINDOWS\System32\TUProgSt.exe
18:15:46.0734 2772	TuneUp.ProgramStatisticsSvc - ok
18:15:46.0765 2772	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:15:46.0765 2772	Udfs - ok
18:15:46.0796 2772	ultra - ok
18:15:46.0843 2772	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:15:46.0843 2772	Update - ok
18:15:46.0875 2772	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
18:15:46.0875 2772	upnphost - ok
18:15:46.0906 2772	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
18:15:46.0906 2772	UPS - ok
18:15:46.0953 2772	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:15:46.0953 2772	usbccgp - ok
18:15:46.0984 2772	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:15:46.0984 2772	usbehci - ok
18:15:47.0015 2772	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:15:47.0015 2772	usbhub - ok
18:15:47.0046 2772	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:15:47.0046 2772	usbohci - ok
18:15:47.0078 2772	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:15:47.0078 2772	usbprint - ok
18:15:47.0125 2772	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:15:47.0125 2772	usbscan - ok
18:15:47.0140 2772	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:15:47.0140 2772	USBSTOR - ok
18:15:47.0171 2772	UxTuneUp        (2e2e93041c8058bc7de6f0d743c4a0c6) C:\WINDOWS\System32\uxtuneup.dll
18:15:47.0171 2772	UxTuneUp - ok
18:15:47.0218 2772	VClone          (94d73b62e458fb56c9ce60aa96d914f9) C:\WINDOWS\system32\DRIVERS\VClone.sys
18:15:47.0218 2772	VClone - ok
18:15:47.0234 2772	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:15:47.0234 2772	VgaSave - ok
18:15:47.0234 2772	ViaIde - ok
18:15:47.0265 2772	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
18:15:47.0265 2772	VolSnap - ok
18:15:47.0312 2772	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
18:15:47.0328 2772	VSS - ok
18:15:47.0359 2772	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
18:15:47.0359 2772	W32Time - ok
18:15:47.0421 2772	W8335XP         (f0bdc2b474e26117ee77bfdba051fb3c) C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys
18:15:47.0437 2772	W8335XP - ok
18:15:47.0468 2772	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:15:47.0484 2772	Wanarp - ok
18:15:47.0531 2772	Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
18:15:47.0546 2772	Wdf01000 - ok
18:15:47.0546 2772	WDICA - ok
18:15:47.0578 2772	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:15:47.0593 2772	wdmaud - ok
18:15:47.0625 2772	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
18:15:47.0640 2772	WebClient - ok
18:15:47.0750 2772	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
18:15:47.0750 2772	winmgmt - ok
18:15:47.0796 2772	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
18:15:47.0796 2772	WmdmPmSN - ok
18:15:47.0875 2772	Wmi             (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
18:15:47.0875 2772	Wmi - ok
18:15:47.0906 2772	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:15:47.0906 2772	WmiApSrv - ok
18:15:48.0046 2772	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
18:15:48.0062 2772	WMPNetworkSvc - ok
18:15:48.0109 2772	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:15:48.0109 2772	WpdUsb - ok
18:15:48.0125 2772	WSearch - ok
18:15:48.0171 2772	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:15:48.0171 2772	WSTCODEC - ok
18:15:48.0203 2772	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
18:15:48.0218 2772	wuauserv - ok
18:15:48.0250 2772	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:15:48.0265 2772	WudfPf - ok
18:15:48.0296 2772	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:15:48.0296 2772	WudfRd - ok
18:15:48.0328 2772	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
18:15:48.0328 2772	WudfSvc - ok
18:15:48.0390 2772	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
18:15:48.0406 2772	WZCSVC - ok
18:15:48.0437 2772	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
18:15:48.0453 2772	xmlprov - ok
18:15:48.0484 2772	yukonwxp        (4322c32ced8c4772e039616dcbf01d3f) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
18:15:48.0500 2772	yukonwxp - ok
18:15:48.0531 2772	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
18:15:48.0906 2772	\Device\Harddisk0\DR0 - ok
18:15:48.0921 2772	Boot (0x1200)   (92e74aedc387388a88143fc171643b26) \Device\Harddisk0\DR0\Partition0
18:15:48.0921 2772	\Device\Harddisk0\DR0\Partition0 - ok
18:15:48.0921 2772	============================================================
18:15:48.0921 2772	Scan finished
18:15:48.0921 2772	============================================================
18:15:48.0937 2496	Detected object count: 0
18:15:48.0937 2496	Actual detected object count: 0

cosinus · 13.06.2012, 20:40

Du hast jetzt aber nicht alles entfernt, nur die beiden von mir genannten Einträge?!

Wutzkopp · 13.06.2012, 21:58

jap nur die beiden genannten Einträge, die anderen habe ich auf "Skip" stehen lassen...

10.06.2012, 01:54	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virus Blockiert Virenscanner und Firewall, ewwy7owwge.exe Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt? Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind. __________________ __________________

13.06.2012, 20:40	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virus Blockiert Virenscanner und Firewall, ewwy7owwge.exe Du hast jetzt aber nicht alles entfernt, nur die beiden von mir genannten Einträge?! __________________ Logfiles bitte immer in CODE-Tags posten

Virus Blockiert Virenscanner und Firewall, ewwy7owwge.exe

Log-Analyse und Auswertung: Virus Blockiert Virenscanner und Firewall, ewwy7owwge.exe