| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GEMA Trojaner hat mein PC gesperrtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.09.2012, 21:15
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  GEMA Trojaner hat mein PC gesperrt Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.09.2012, 08:13
| #17 |
 | GEMA Trojaner hat mein PC gesperrt Hier der Log
__________________Code:
ATTFilter TL logfile created on: 07.09.2012 09:04:10 - Run 3 OTL by OldTimer - Version 3.2.61.1 Folder = C:\Dokumente und Einstellungen\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,96 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 88,43% Memory free 3,82 Gb Paging File | 3,76 Gb Available in Paging File | 98,42% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 99,99 Gb Total Space | 41,58 Gb Free Space | 41,58% Space Free | Partition Type: NTFS Computer Name: XP-INTERNET | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.09.07 09:01:57 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll ========== Services (SafeList) ========== SRV - [2012.08.30 19:09:08 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.07.05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.05.09 19:51:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.09 19:51:22 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.05.20 22:13:10 | 000,174,640 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Programme\VMware\VMware Tools\VMUpgradeHelper.exe -- (VMUpgradeHelper) SRV - [2010.05.20 22:12:46 | 000,379,440 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Programme\VMware\VMware Tools\vmacthlp.exe -- (VMware Physical Disk Helper Service) SRV - [2010.05.20 22:12:34 | 000,050,224 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Programme\VMware\VMware Tools\vmtoolsd.exe -- (VMTools) SRV - [2010.05.20 22:09:20 | 000,390,432 | R--- | M] (ThinPrint AG) [On_Demand | Stopped] -- C:\Programme\VMware\VMware Tools\TPVCGateway.exe -- (TPVCGateway) SRV - [2010.05.20 22:09:20 | 000,255,304 | R--- | M] (ThinPrint AG) [On_Demand | Stopped] -- C:\Programme\VMware\VMware Tools\TPAutoConnSvc.exe -- (tpautoconnsvc) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.05.09 19:51:23 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2012.05.09 19:51:23 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.01.18 15:55:56 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio) DRV - [2012.01.18 15:55:54 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio) DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.05.21 07:19:22 | 000,017,968 | R--- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vmscsi.sys -- (vmscsi) DRV - [2010.05.20 22:13:16 | 000,129,200 | ---- | M] (VMware, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\vmhgfs.sys -- (vmhgfs) DRV - [2010.05.20 22:12:56 | 000,014,384 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Programme\VMware\VMware Tools\Drivers\memctl\vmmemctl.sys -- (VMMEMCTL) DRV - [2010.05.20 22:12:32 | 000,023,088 | ---- | M] (VMware, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\vmdebug.sys -- (vmdebug) DRV - [2010.05.20 22:11:38 | 000,036,912 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmxnet.sys -- (vmxnet) DRV - [2010.05.20 22:11:36 | 000,011,440 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmmouse.sys -- (vmmouse) DRV - [2010.05.20 22:10:16 | 000,028,080 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmx_svga.sys -- (vmx_svga) DRV - [2009.07.26 16:22:34 | 000,651,264 | ---- | M] (www.ext2fsd.com) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ext2fsd.sys -- (Ext2Fsd) DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2007.10.08 14:32:56 | 000,036,400 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\lgtosync.sys -- (LGTO_Sync) DRV - [2001.08.17 13:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1085031214-1844237615-839522115-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1085031214-1844237615-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.08.30 19:09:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.08.04 09:42:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2012.08.04 14:43:20 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions [2012.08.31 08:47:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\q6gz4m4w.default\extensions [2012.04.28 16:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.08.30 19:09:09 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.02.18 17:07:01 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.30 19:09:02 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.02.18 17:07:01 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.02.18 17:07:01 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.18 17:07:01 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.18 17:07:01 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2001.08.18 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [VMware Tools] C:\Programme\VMware\VMware Tools\VMwareTray.exe (VMware, Inc.) O4 - HKLM..\Run: [VMware User Process] C:\Programme\VMware\VMware Tools\VMwareUser.exe (VMware, Inc.) O4 - HKU\S-1-5-21-1085031214-1844237615-839522115-500..\RunOnce: [Report] C:\AdwCleaner[S1].txt () O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.) O4 - Startup: C:\Dokumente und Einstellungen\Eckenroth\Startmenü\Programme\Autostart\ja.lnk = File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Programme\VMware\VMware Tools\VSock SDK\bin\win32\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Programme\VMware\VMware Tools\VSock SDK\bin\win32\vsocklib.dll (VMware, Inc.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1345219616117 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05) O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDCE8E3A-8533-4393-A549-A72BDC2AD132}: NameServer = 192.168.11.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop BackupWallPaper: O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\1.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: cfsvcs - File not found NetSvcs: hpqcxs08 - File not found NetSvcs: tsscoreservice - File not found NetSvcs: IFP700 - File not found NetSvcs: se2End5 - File not found NetSvcs: ec2007service - File not found NetSvcs: admservice - File not found NetSvcs: ntsecure - File not found NetSvcs: slabbus - File not found NetSvcs: s716nd5 - File not found NetSvcs: dlcc_device - File not found NetSvcs: sis315 - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetBT - Service SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: Microsoft Base Smart Card Crypto Provider Package - Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Unable to start System Restore Service. Error code 10 ========== Files/Folders - Created Within 30 Days ========== [2012.09.07 09:01:57 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe [2012.09.03 19:47:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\vlc [2012.09.02 16:02:17 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\PrivacIE [2012.09.01 15:57:24 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2012.09.01 15:54:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Temp [2012.09.01 15:54:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Adobe [2012.09.01 15:54:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WinRAR [2012.09.01 11:07:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Thunderbird [2012.09.01 11:07:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Thunderbird [2012.08.31 16:23:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Sun [2012.08.31 16:23:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun [2012.08.31 10:51:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Windows Search [2012.08.19 14:57:52 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET [2012.08.19 11:28:41 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader [2012.08.19 11:28:41 | 000,000,000 | ---D | C] -- C:\Programme\Brotherhood Software [2012.08.18 16:18:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Adobe [2012.08.18 15:51:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell [2012.08.18 15:51:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm [2012.08.18 15:51:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$ [2012.08.18 15:51:18 | 000,000,000 | ---D | C] -- C:\Programme\Windows Desktop Search [2012.08.18 15:51:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy [2012.08.18 15:50:15 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Connect 2 [2012.08.18 15:48:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2012.08.18 15:48:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2012.08.17 19:31:55 | 000,000,000 | ---D | C] -- C:\d4b45d1afb4004e291e1024837 [2012.08.17 19:31:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2012.08.17 18:10:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage [2012.08.17 18:10:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2012.08.13 20:14:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner [2012.08.13 20:14:49 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2012.08.12 19:37:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2012.08.12 19:30:57 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2012.08.12 19:30:29 | 000,000,000 | ---D | C] -- C:\Programme\Oracle [2012.08.08 19:43:25 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware ========== Files - Modified Within 30 Days ========== [2012.09.07 09:01:57 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe [2012.09.07 08:54:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.09.07 08:54:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.09.05 16:00:26 | 000,511,265 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner.exe [2012.09.02 20:06:34 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.09.02 16:02:12 | 000,000,170 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Neue Internetverknüpfung.url [2012.09.02 11:03:02 | 000,517,850 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.09.02 11:03:02 | 000,473,038 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.09.02 11:03:02 | 000,101,284 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.09.02 11:03:02 | 000,076,132 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.08.29 20:17:22 | 000,002,705 | ---- | M] () -- C:\WINDOWS\WINCMD.INI [2012.08.29 19:02:39 | 000,000,500 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini [2012.08.19 14:46:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.08.18 15:51:28 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk [2012.08.18 15:50:25 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2012.08.18 15:50:25 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2012.08.18 15:48:57 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2012.08.18 09:38:26 | 000,100,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.08.13 20:14:50 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk ========== Files Created - No Company Name ========== [2012.09.05 16:00:26 | 000,511,265 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner.exe [2012.09.02 16:02:09 | 000,000,170 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Neue Internetverknüpfung.url [2012.08.25 11:02:31 | 000,001,834 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\JDownloader.lnk [2012.08.25 11:02:31 | 000,001,778 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\JDownloader Deinstallationsprogramm.lnk [2012.08.25 11:02:31 | 000,001,757 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\JDownloader Update.lnk [2012.08.18 15:51:28 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Search.lnk [2012.08.18 15:51:28 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk [2012.08.18 15:48:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2012.08.18 15:48:07 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb [2012.08.17 18:25:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.08.17 18:25:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll [2012.08.17 18:10:25 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2012.08.13 20:14:50 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2012.08.04 16:26:31 | 000,003,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.04.13 16:20:49 | 000,000,426 | ---- | C] () -- C:\WINDOWS\d.ini [2012.03.30 20:17:11 | 000,922,184 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe [2012.03.30 20:17:11 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys [2012.03.30 20:17:11 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys [2011.11.05 15:03:32 | 000,000,500 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2011.11.05 15:03:02 | 000,002,705 | ---- | C] () -- C:\WINDOWS\WINCMD.INI [2011.10.09 18:49:44 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2011.10.09 18:49:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe [2011.10.01 10:42:12 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.10.01 10:08:43 | 002,275,888 | R--- | C] () -- C:\WINDOWS\System32\vmwogl32.dll [2001.08.18 14:00:00 | 000,002,048 | -HS- | C] () -- C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\{9d851d65-4158-d444-715b-2ca085bf4867}\@ ========== LOP Check ========== [2012.09.01 11:07:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Thunderbird [2012.08.31 10:51:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Windows Search [2012.02.25 10:42:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Database Workbench 4 Pro [2011.10.01 10:30:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip [2012.02.10 17:04:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\avidemux [2011.10.03 11:20:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\AVM [2012.01.29 17:34:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\FolderSync [2011.10.01 10:00:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\Forte [2011.10.09 18:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\FreePDF [2011.12.28 16:28:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\HK-Software [2012.04.13 16:47:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\Notepad++ [2012.08.12 19:30:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\Oracle [2012.01.29 17:33:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\OTi [2012.01.29 17:34:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\OutlookSync [2012.04.14 10:33:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\RDP6 [2011.12.21 20:09:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\Thunderbird [2012.07.29 16:50:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\TV-Browser [2012.08.18 15:51:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\Windows Desktop Search [2012.08.18 15:54:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\Windows Search ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.09.01 15:54:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe [2012.08.04 14:48:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia [2012.08.05 09:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes [2012.09.01 15:54:51 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft [2012.08.04 14:43:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla [2012.08.31 16:23:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun [2012.09.01 11:07:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Thunderbird [2012.09.03 19:47:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\vlc [2012.08.31 10:51:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Windows Search [2012.09.01 15:54:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WinRAR < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys [2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\AGP440.SYS < MD5 for: ATAPI.SYS > [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll [2004.08.04 00:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: NETLOGON.DLL > [2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll [2004.08.04 00:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll [2004.08.04 00:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll < MD5 for: USER32.DLL > [2004.08.04 00:57:38 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll [2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe [2004.08.04 00:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: WINLOGON.EXE > [2004.08.04 00:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2001.08.18 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2001.08.18 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.09.09 10:36:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2008.09.09 10:36:42 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2008.09.09 10:36:42 | 000,389,120 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [C:\WINDOWS\$NtUninstallKB13932$] -> Error: Cannot create file handle -> Unknown point type < End of report > |
|
07.09.2012, 12:44
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GEMA Trojaner hat mein PC gesperrtCode:
ATTFilter Windows XP Professional Edition
NameServer = 192.168.11.1
C:\Programme\VMware\VMware Tools\VMwareTray.exe (VMware, Inc.)
Wenn nein, dann verrate mir bitte warum - Pro-Edition von Windows? - ungewöhnliches Subnet 192.168.11.1 (ok, kann von VMware sein) - VMWare?
__________________ |
|
07.09.2012, 13:09
| #19 | |
| | GEMA Trojaner hat mein PC gesperrtZitat:
Nein es ist kein Büro PC. Ich vermute einmal das du mit Büro-PC ein dienstlich genutzer Rechner auf der Arbeit meinst. Diese Kiste hier benutze ich rein Privat und ich habe keine Firma. Wenn ich so etwas auf meine Dienst PC eingefangen hätte würde ich einiges zu hören bekommen. Frage 2: Diese Version habe ich auf einer Messe einmal gekauft und zwischen der kleinen und der Pro waren 5 € unterschied und somit habe ich mich für Pro entschieden. Frage 3: Ich möchte nicht das selbe haben wie alle anderen. Jeder nimmt doch 192.168.1.1 für den Router und dann 192.168.1.100 für den ersten PC. Ich dachte mir benutze doch einfach mal das Subnetz 11. Es ist kein DHCP von VMWare sondern eine fest zugewiesene Adresen. Ja ich weis es ist eine lustige Antwort und man hat mir schon mehrmals gesagt ich wäre ein wenig verückt weil ich ein anderes Subnetz wie jeder ande haben möchte.. Frage 4: VMWare benutze ich aus genau diesem Grund hier. Ich möchte verhinden das ich z.B. meine Bankgeschäfte mache und plötzlich das Konto leer ist. Einen extra Rechner wollte ich darmals nicht kaufen und bin auf VMWare gestoßen. |
|
09.09.2012, 20:55
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GEMA Trojaner hat mein PC gesperrtZitat:
 Es ist weder sicherer, noch sonstwie irgendwie "besser" nur weil man das vom Router vordefinierte Subnetz ändert. Zudem weiß ich aber von VPN-Problemen gerade in Firmen, genau die wollen sich durch "unübliche" interne Netzwerkadressen voneinander unterscheiden, damit VPN vernünftig läuft und keine Adresskonflikte da sind 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.09.2012, 19:08
| #21 | |
| | GEMA Trojaner hat mein PC gesperrtZitat:
|
|
10.09.2012, 21:04
| #22 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GEMA Trojaner hat mein PC gesperrtZitat:
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - user.js - File not found
O4 - Startup: C:\Dokumente und Einstellungen\Eckenroth\Startmenü\Programme\Autostart\ja.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O31 - SafeBoot: AlternateShell - C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\1.exe
:Files
C:\WINDOWS\$968930Uinstall_KB968930$
C:\d4b45d1afb4004e291e1024837
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\{9d851d65-4158-d444-715b-2ca085bf4867}
C:\WINDOWS\$NtUninstallKB13932$
C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\1.exe
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Sun\Java\Deployment\cach
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.09.2012, 19:16
| #23 |
| | GEMA Trojaner hat mein PC gesperrt Vielen Dank für Deinen Hilfe. Hier das Log Code:
ATTFilter ll processes killed
========== OTL ==========
C:\Dokumente und Einstellungen\Eckenroth\Startmenü\Programme\Autostart\ja.lnk moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoViewContextMenu deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\AlternateShell deleted successfully.
========== FILES ==========
C:\WINDOWS\$968930Uinstall_KB968930$\spuninst folder moved successfully.
C:\WINDOWS\$968930Uinstall_KB968930$ folder moved successfully.
Folder move failed. C:\d4b45d1afb4004e291e1024837\i386 scheduled to be moved on reboot.
Folder move failed. C:\d4b45d1afb4004e291e1024837\amd64 scheduled to be moved on reboot.
C:\d4b45d1afb4004e291e1024837 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\{9d851d65-4158-d444-715b-2ca085bf4867}\U folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\{9d851d65-4158-d444-715b-2ca085bf4867}\L folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\{9d851d65-4158-d444-715b-2ca085bf4867} folder moved successfully.
Folder move failed. C:\WINDOWS\$NtUninstallKB13932$ scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Eckenroth\Anwendungsdaten\1.exe moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\F folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\E folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\D\55 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\D folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\C folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\B folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\A folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\9 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\8 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\7 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\6 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\5 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\4 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\3 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\2 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\1\26 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\1 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache\0 folder moved successfully.
C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\5p8zlkxz.default\Cache folder moved successfully.
File\Folder C:\Dokumente und Einstellungen\Eckenroth\Lokale Einstellungen\Anwendungsdaten\Sun\Java\Deployment\cach not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\Administrator\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\Administrator\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 4733252 bytes
->Temporary Internet Files folder emptied: 1211314 bytes
->FireFox cache emptied: 63646162 bytes
->Flash cache emptied: 1721 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Eckenroth
->Temp folder emptied: 147286781 bytes
->Temporary Internet Files folder emptied: 11635510 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 60453891 bytes
->Flash cache emptied: 30260 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 603778 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 276,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.61.1 log created on 09132012_200654
Files\Folders moved on Reboot...
File\Folder C:\d4b45d1afb4004e291e1024837\i386 not found!
File\Folder C:\d4b45d1afb4004e291e1024837\amd64 not found!
Folder move failed. C:\WINDOWS\$NtUninstallKB13932$ scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
14.09.2012, 12:31
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GEMA Trojaner hat mein PC gesperrt Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.09.2012, 16:43
| #25 |
| | GEMA Trojaner hat mein PC gesperrt Hioer das gewünschte Log Code:
ATTFilter 17:32:10.0062 2688 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:32:10.0171 2688 ============================================================
17:32:10.0171 2688 Current date / time: 2012/09/19 17:32:10.0171
17:32:10.0171 2688 SystemInfo:
17:32:10.0171 2688
17:32:10.0171 2688 OS Version: 5.1.2600 ServicePack: 3.0
17:32:10.0171 2688 Product type: Workstation
17:32:10.0171 2688 ComputerName: XP-INTERNET
17:32:10.0171 2688 UserName: Eckenroth
17:32:10.0171 2688 Windows directory: C:\WINDOWS
17:32:10.0171 2688 System windows directory: C:\WINDOWS
17:32:10.0171 2688 Processor architecture: Intel x86
17:32:10.0171 2688 Number of processors: 1
17:32:10.0171 2688 Page size: 0x1000
17:32:10.0171 2688 Boot type: Normal boot
17:32:10.0171 2688 ============================================================
17:32:10.0781 2688 Drive \Device\Harddisk0\DR0 - Size: 0x1900000000 (100.00 Gb), SectorSize: 0x200, Cylinders: 0x32FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:32:10.0781 2688 ============================================================
17:32:10.0781 2688 \Device\Harddisk0\DR0:
17:32:10.0781 2688 MBR partitions:
17:32:10.0781 2688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC7FB67E
17:32:10.0781 2688 ============================================================
17:32:10.0827 2688 C: <-> \Device\Harddisk0\DR0\Partition1
17:32:10.0827 2688 ============================================================
17:32:10.0827 2688 Initialize success
17:32:10.0827 2688 ============================================================
17:32:47.0718 2444 ============================================================
17:32:47.0718 2444 Scan started
17:32:47.0718 2444 Mode: Manual;
17:32:47.0718 2444 ============================================================
17:32:47.0890 2444 ================ Scan system memory ========================
17:32:47.0890 2444 System memory - ok
17:32:47.0890 2444 ================ Scan services =============================
17:32:48.0234 2444 Abiosdsk - ok
17:32:48.0234 2444 abp480n5 - ok
17:32:48.0296 2444 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:32:48.0296 2444 ACPI - ok
17:32:48.0327 2444 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:32:48.0327 2444 ACPIEC - ok
17:32:48.0343 2444 adpu160m - ok
17:32:48.0359 2444 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:32:48.0374 2444 aec - ok
17:32:48.0406 2444 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:32:48.0406 2444 AFD - ok
17:32:48.0437 2444 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
17:32:48.0437 2444 agp440 - ok
17:32:48.0437 2444 Aha154x - ok
17:32:48.0437 2444 aic78u2 - ok
17:32:48.0452 2444 aic78xx - ok
17:32:48.0546 2444 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:32:48.0546 2444 Alerter - ok
17:32:48.0562 2444 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
17:32:48.0562 2444 ALG - ok
17:32:48.0562 2444 AliIde - ok
17:32:48.0577 2444 amsint - ok
17:32:48.0718 2444 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
17:32:48.0718 2444 AntiVirSchedulerService - ok
17:32:48.0749 2444 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
17:32:48.0749 2444 AntiVirService - ok
17:32:48.0796 2444 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:32:48.0796 2444 AppMgmt - ok
17:32:48.0796 2444 asc - ok
17:32:48.0812 2444 asc3350p - ok
17:32:48.0812 2444 asc3550 - ok
17:32:48.0921 2444 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:32:48.0921 2444 aspnet_state - ok
17:32:48.0937 2444 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:32:48.0937 2444 AsyncMac - ok
17:32:48.0937 2444 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:32:48.0937 2444 atapi - ok
17:32:48.0968 2444 Atdisk - ok
17:32:48.0984 2444 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:32:48.0984 2444 Atmarpc - ok
17:32:49.0015 2444 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:32:49.0015 2444 AudioSrv - ok
17:32:49.0046 2444 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:32:49.0046 2444 audstub - ok
17:32:49.0077 2444 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:32:49.0077 2444 avgntflt - ok
17:32:49.0124 2444 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:32:49.0124 2444 avipbb - ok
17:32:49.0156 2444 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:32:49.0156 2444 avkmgr - ok
17:32:49.0202 2444 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:32:49.0202 2444 Beep - ok
17:32:49.0234 2444 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
17:32:49.0249 2444 BITS - ok
17:32:49.0327 2444 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
17:32:49.0327 2444 Browser - ok
17:32:49.0452 2444 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:32:49.0687 2444 cbidf2k - ok
17:32:49.0718 2444 cd20xrnt - ok
17:32:49.0859 2444 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:32:49.0859 2444 Cdaudio - ok
17:32:49.0937 2444 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:32:49.0937 2444 Cdfs - ok
17:32:49.0968 2444 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:32:49.0968 2444 Cdrom - ok
17:32:50.0015 2444 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] cisvc C:\WINDOWS\System32\cisvc.exe
17:32:50.0015 2444 cisvc - ok
17:32:50.0015 2444 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:32:50.0015 2444 ClipSrv - ok
17:32:50.0046 2444 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:32:50.0062 2444 clr_optimization_v2.0.50727_32 - ok
17:32:50.0109 2444 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:32:50.0109 2444 clr_optimization_v4.0.30319_32 - ok
17:32:50.0171 2444 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:32:50.0171 2444 CmBatt - ok
17:32:50.0171 2444 CmdIde - ok
17:32:50.0171 2444 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:32:50.0171 2444 Compbatt - ok
17:32:50.0187 2444 COMSysApp - ok
17:32:50.0187 2444 Cpqarray - ok
17:32:50.0249 2444 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:32:50.0249 2444 CryptSvc - ok
17:32:50.0249 2444 dac2w2k - ok
17:32:50.0265 2444 dac960nt - ok
17:32:50.0327 2444 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:32:50.0343 2444 DcomLaunch - ok
17:32:50.0421 2444 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:32:50.0421 2444 Dhcp - ok
17:32:50.0515 2444 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:32:50.0515 2444 Disk - ok
17:32:50.0515 2444 dmadmin - ok
17:32:50.0531 2444 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:32:50.0546 2444 dmboot - ok
17:32:50.0577 2444 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:32:50.0577 2444 dmio - ok
17:32:50.0624 2444 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:32:50.0624 2444 dmload - ok
17:32:50.0640 2444 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:32:50.0656 2444 dmserver - ok
17:32:50.0671 2444 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:32:50.0671 2444 DMusic - ok
17:32:50.0702 2444 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:32:50.0702 2444 Dnscache - ok
17:32:50.0765 2444 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:32:50.0765 2444 Dot3svc - ok
17:32:50.0781 2444 dpti2o - ok
17:32:50.0781 2444 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:32:50.0781 2444 drmkaud - ok
17:32:50.0796 2444 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:32:50.0796 2444 EapHost - ok
17:32:50.0859 2444 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:32:50.0859 2444 ERSvc - ok
17:32:50.0937 2444 [ A55DD7D8CED5D2624A9EE2DDA7BE0319 ] es1371 C:\WINDOWS\system32\drivers\es1371mp.sys
17:32:50.0937 2444 es1371 - ok
17:32:50.0952 2444 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
17:32:50.0952 2444 Eventlog - ok
17:32:50.0968 2444 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\System32\es.dll
17:32:50.0968 2444 EventSystem - ok
17:32:51.0046 2444 [ 9F8D1120E72C627BB2549B0424D2BD9A ] Ext2Fsd C:\WINDOWS\system32\drivers\Ext2Fsd.sys
17:32:51.0046 2444 Ext2Fsd - ok
17:32:51.0062 2444 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:32:51.0062 2444 Fastfat - ok
17:32:51.0140 2444 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:32:51.0140 2444 FastUserSwitchingCompatibility - ok
17:32:51.0156 2444 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
17:32:51.0156 2444 Fdc - ok
17:32:51.0156 2444 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:32:51.0156 2444 Fips - ok
17:32:51.0234 2444 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:32:51.0234 2444 Flpydisk - ok
17:32:51.0281 2444 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:32:51.0343 2444 FltMgr - ok
17:32:51.0406 2444 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:32:51.0421 2444 FontCache3.0.0.0 - ok
17:32:51.0421 2444 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:32:51.0421 2444 Fs_Rec - ok
17:32:51.0468 2444 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:32:51.0484 2444 Ftdisk - ok
17:32:51.0531 2444 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:32:51.0531 2444 gameenum - ok
17:32:51.0577 2444 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:32:51.0577 2444 Gpc - ok
17:32:51.0624 2444 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:32:51.0624 2444 helpsvc - ok
17:32:51.0640 2444 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:32:51.0640 2444 HidUsb - ok
17:32:51.0671 2444 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:32:51.0671 2444 hkmsvc - ok
17:32:51.0671 2444 hpn - ok
17:32:51.0718 2444 hpt3xx - ok
17:32:51.0812 2444 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:32:51.0812 2444 HTTP - ok
17:32:51.0843 2444 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:32:51.0843 2444 HTTPFilter - ok
17:32:51.0874 2444 i2omp - ok
17:32:51.0906 2444 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:32:51.0906 2444 i8042prt - ok
17:32:52.0046 2444 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:32:52.0077 2444 idsvc - ok
17:32:52.0109 2444 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:32:52.0109 2444 Imapi - ok
17:32:52.0140 2444 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\System32\imapi.exe
17:32:52.0140 2444 ImapiService - ok
17:32:52.0140 2444 ini910u - ok
17:32:52.0156 2444 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
17:32:52.0156 2444 IntelIde - ok
17:32:52.0171 2444 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:32:52.0171 2444 intelppm - ok
17:32:52.0187 2444 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:32:52.0187 2444 ip6fw - ok
17:32:52.0218 2444 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:32:52.0218 2444 IpFilterDriver - ok
17:32:52.0234 2444 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:32:52.0265 2444 IpInIp - ok
17:32:52.0281 2444 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:32:52.0281 2444 IpNat - ok
17:32:52.0281 2444 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:32:52.0281 2444 IPSec - ok
17:32:52.0312 2444 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:32:52.0312 2444 IRENUM - ok
17:32:52.0327 2444 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:32:52.0327 2444 isapnp - ok
17:32:52.0359 2444 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
17:32:52.0359 2444 JavaQuickStarterService - ok
17:32:52.0390 2444 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:32:52.0390 2444 Kbdclass - ok
17:32:52.0421 2444 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:32:52.0421 2444 kmixer - ok
17:32:52.0452 2444 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:32:52.0452 2444 KSecDD - ok
17:32:52.0468 2444 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:32:52.0468 2444 lanmanserver - ok
17:32:52.0499 2444 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:32:52.0499 2444 lanmanworkstation - ok
17:32:52.0531 2444 [ E6BECE8B315BBE2148EFB742B5EF06F2 ] LGTO_Sync C:\WINDOWS\System32\Drivers\lgtosync.sys
17:32:52.0546 2444 LGTO_Sync - ok
17:32:52.0593 2444 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:32:52.0593 2444 LmHosts - ok
17:32:52.0609 2444 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
17:32:52.0609 2444 MBAMProtector - ok
17:32:52.0640 2444 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
17:32:52.0640 2444 MBAMService - ok
17:32:52.0656 2444 MBAMSwissArmy - ok
17:32:52.0687 2444 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:32:52.0687 2444 Messenger - ok
17:32:52.0718 2444 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:32:52.0734 2444 mnmdd - ok
17:32:52.0749 2444 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
17:32:52.0765 2444 mnmsrvc - ok
17:32:52.0781 2444 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:32:52.0796 2444 Modem - ok
17:32:52.0827 2444 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:32:52.0827 2444 Mouclass - ok
17:32:52.0859 2444 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:32:52.0859 2444 mouhid - ok
17:32:52.0874 2444 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:32:52.0874 2444 MountMgr - ok
17:32:52.0921 2444 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
17:32:52.0937 2444 MozillaMaintenance - ok
17:32:52.0968 2444 mraid35x - ok
17:32:52.0999 2444 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:32:52.0999 2444 MRxDAV - ok
17:32:53.0062 2444 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:32:53.0109 2444 MRxSmb - ok
17:32:53.0171 2444 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\System32\msdtc.exe
17:32:53.0171 2444 MSDTC - ok
17:32:53.0187 2444 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:32:53.0187 2444 Msfs - ok
17:32:53.0187 2444 MSIServer - ok
17:32:53.0218 2444 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:32:53.0218 2444 MSKSSRV - ok
17:32:53.0218 2444 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:32:53.0218 2444 MSPCLOCK - ok
17:32:53.0234 2444 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:32:53.0234 2444 MSPQM - ok
17:32:53.0296 2444 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:32:53.0296 2444 mssmbios - ok
17:32:53.0312 2444 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:32:53.0312 2444 Mup - ok
17:32:53.0343 2444 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
17:32:53.0374 2444 napagent - ok
17:32:53.0374 2444 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:32:53.0390 2444 NDIS - ok
17:32:53.0421 2444 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:32:53.0421 2444 NdisTapi - ok
17:32:53.0437 2444 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:32:53.0437 2444 Ndisuio - ok
17:32:53.0437 2444 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:32:53.0437 2444 NdisWan - ok
17:32:53.0452 2444 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:32:53.0452 2444 NDProxy - ok
17:32:53.0484 2444 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:32:53.0484 2444 NetBIOS - ok
17:32:53.0499 2444 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
17:32:53.0499 2444 NetDDE - ok
17:32:53.0499 2444 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:32:53.0499 2444 NetDDEdsdm - ok
17:32:53.0531 2444 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\System32\lsass.exe
17:32:53.0531 2444 Netlogon - ok
17:32:53.0562 2444 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
17:32:53.0577 2444 Netman - ok
17:32:53.0656 2444 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:32:53.0656 2444 NetTcpPortSharing - ok
17:32:53.0702 2444 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
17:32:53.0702 2444 Nla - ok
17:32:53.0718 2444 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:32:53.0718 2444 Npfs - ok
17:32:53.0734 2444 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:32:53.0749 2444 Ntfs - ok
17:32:53.0765 2444 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
17:32:53.0765 2444 NtLmSsp - ok
17:32:53.0781 2444 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:32:53.0843 2444 NtmsSvc - ok
17:32:53.0843 2444 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:32:53.0843 2444 Null - ok
17:32:53.0874 2444 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:32:53.0890 2444 NwlnkFlt - ok
17:32:53.0890 2444 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:32:53.0890 2444 NwlnkFwd - ok
17:32:53.0921 2444 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:32:53.0921 2444 Parport - ok
17:32:53.0921 2444 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:32:53.0968 2444 PartMgr - ok
17:32:54.0046 2444 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:32:54.0046 2444 ParVdm - ok
17:32:54.0046 2444 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:32:54.0046 2444 PCI - ok
17:32:54.0077 2444 PCIIde - ok
17:32:54.0093 2444 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:32:54.0093 2444 Pcmcia - ok
17:32:54.0124 2444 [ 7BC8027D56FAB153A987C56AE9835664 ] PCnet C:\WINDOWS\system32\DRIVERS\pcntpci5.sys
17:32:54.0124 2444 PCnet - ok
17:32:54.0124 2444 perc2 - ok
17:32:54.0140 2444 perc2hib - ok
17:32:54.0156 2444 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
17:32:54.0156 2444 PlugPlay - ok
17:32:54.0171 2444 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
17:32:54.0171 2444 PolicyAgent - ok
17:32:54.0171 2444 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:32:54.0171 2444 PptpMiniport - ok
17:32:54.0187 2444 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:32:54.0187 2444 Processor - ok
17:32:54.0187 2444 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:32:54.0218 2444 ProtectedStorage - ok
17:32:54.0218 2444 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:32:54.0218 2444 PSched - ok
17:32:54.0249 2444 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:32:54.0249 2444 Ptilink - ok
17:32:54.0281 2444 [ 681AE4F1927FE0FDEEE2863F1684088D ] pwdrvio C:\WINDOWS\system32\pwdrvio.sys
17:32:54.0296 2444 pwdrvio - ok
17:32:54.0327 2444 [ BC60895CE021309EBD887D2F22055654 ] pwdspio C:\WINDOWS\system32\pwdspio.sys
17:32:54.0327 2444 pwdspio - ok
17:32:54.0327 2444 ql1080 - ok
17:32:54.0327 2444 Ql10wnt - ok
17:32:54.0359 2444 ql12160 - ok
17:32:54.0359 2444 ql1240 - ok
17:32:54.0359 2444 ql1280 - ok
17:32:54.0374 2444 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:32:54.0374 2444 RasAcd - ok
17:32:54.0406 2444 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:32:54.0406 2444 RasAuto - ok
17:32:54.0468 2444 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:32:54.0468 2444 Rasl2tp - ok
17:32:54.0515 2444 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:32:54.0531 2444 RasMan - ok
17:32:54.0531 2444 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:32:54.0531 2444 RasPppoe - ok
17:32:54.0593 2444 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:32:54.0593 2444 Raspti - ok
17:32:54.0624 2444 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:32:54.0624 2444 Rdbss - ok
17:32:54.0624 2444 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:32:54.0624 2444 RDPCDD - ok
17:32:54.0687 2444 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:32:54.0687 2444 rdpdr - ok
17:32:54.0765 2444 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:32:54.0765 2444 RDPWD - ok
17:32:54.0765 2444 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:32:54.0781 2444 RDSessMgr - ok
17:32:54.0781 2444 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:32:54.0781 2444 redbook - ok
17:32:54.0859 2444 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:32:54.0859 2444 RemoteAccess - ok
17:32:54.0921 2444 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:32:54.0921 2444 RemoteRegistry - ok
17:32:54.0921 2444 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\System32\locator.exe
17:32:54.0921 2444 RpcLocator - ok
17:32:54.0984 2444 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:32:54.0999 2444 RpcSs - ok
17:32:55.0015 2444 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\System32\rsvp.exe
17:32:55.0015 2444 RSVP - ok
17:32:55.0062 2444 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
17:32:55.0062 2444 SamSs - ok
17:32:55.0062 2444 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:32:55.0062 2444 SCardSvr - ok
17:32:55.0077 2444 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:32:55.0077 2444 Schedule - ok
17:32:55.0124 2444 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:32:55.0124 2444 Secdrv - ok
17:32:55.0171 2444 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
17:32:55.0171 2444 seclogon - ok
17:32:55.0171 2444 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
17:32:55.0171 2444 SENS - ok
17:32:55.0187 2444 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:32:55.0187 2444 serenum - ok
17:32:55.0187 2444 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:32:55.0187 2444 Serial - ok
17:32:55.0249 2444 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:32:55.0249 2444 Sfloppy - ok
17:32:55.0296 2444 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:32:55.0312 2444 SharedAccess - ok
17:32:55.0312 2444 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:32:55.0327 2444 ShellHWDetection - ok
17:32:55.0327 2444 Simbad - ok
17:32:55.0327 2444 Sparrow - ok
17:32:55.0359 2444 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:32:55.0359 2444 splitter - ok
17:32:55.0406 2444 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:32:55.0421 2444 Spooler - ok
17:32:55.0452 2444 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:32:55.0452 2444 sr - ok
17:32:55.0562 2444 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\System32\srsvc.dll
17:32:55.0562 2444 srservice - ok
17:32:55.0624 2444 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:32:55.0624 2444 Srv - ok
17:32:55.0656 2444 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:32:55.0671 2444 SSDPSRV - ok
17:32:55.0718 2444 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:32:55.0718 2444 ssmdrv - ok
17:32:55.0765 2444 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:32:55.0765 2444 stisvc - ok
17:32:55.0796 2444 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:32:55.0796 2444 swenum - ok
17:32:55.0812 2444 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:32:55.0812 2444 swmidi - ok
17:32:55.0812 2444 SwPrv - ok
17:32:55.0812 2444 symc810 - ok
17:32:55.0859 2444 symc8xx - ok
17:32:55.0859 2444 sym_hi - ok
17:32:55.0859 2444 sym_u3 - ok
17:32:55.0874 2444 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:32:55.0890 2444 sysaudio - ok
17:32:55.0890 2444 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:32:55.0890 2444 SysmonLog - ok
17:32:55.0937 2444 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:32:55.0937 2444 TapiSrv - ok
17:32:55.0999 2444 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:32:55.0999 2444 Tcpip - ok
17:32:56.0015 2444 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:32:56.0015 2444 TDPIPE - ok
17:32:56.0031 2444 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:32:56.0031 2444 TDTCP - ok
17:32:56.0046 2444 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:32:56.0046 2444 TermDD - ok
17:32:56.0062 2444 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
17:32:56.0077 2444 TermService - ok
17:32:56.0077 2444 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:32:56.0077 2444 Themes - ok
17:32:56.0124 2444 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
17:32:56.0124 2444 TlntSvr - ok
17:32:56.0156 2444 TosIde - ok
17:32:56.0202 2444 [ 318FECDB840272065BBB8D034749CB8A ] tpautoconnsvc C:\Programme\VMware\VMware Tools\TPAutoConnSvc.exe
17:32:56.0202 2444 tpautoconnsvc - ok
17:32:56.0202 2444 [ A2C4F995230DD11213BC465353E4C7A9 ] TPVCGateway C:\Programme\VMware\VMware Tools\TPVCGateway.exe
17:32:56.0249 2444 TPVCGateway - ok
17:32:56.0265 2444 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:32:56.0281 2444 TrkWks - ok
17:32:56.0327 2444 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:32:56.0327 2444 Udfs - ok
17:32:56.0359 2444 ultra - ok
17:32:56.0421 2444 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:32:56.0421 2444 Update - ok
17:32:56.0452 2444 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:32:56.0452 2444 upnphost - ok
17:32:56.0452 2444 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
17:32:56.0452 2444 UPS - ok
17:32:56.0468 2444 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:32:56.0468 2444 usbccgp - ok
17:32:56.0515 2444 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:32:56.0515 2444 usbehci - ok
17:32:56.0515 2444 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:32:56.0515 2444 usbhub - ok
17:32:56.0546 2444 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:32:56.0546 2444 USBSTOR - ok
17:32:56.0593 2444 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:32:56.0593 2444 usbuhci - ok
17:32:56.0593 2444 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:32:56.0593 2444 VgaSave - ok
17:32:56.0593 2444 ViaIde - ok
17:32:56.0609 2444 [ CF6E387851AB9166C3601FED101CA53D ] vmdebug C:\WINDOWS\system32\Drivers\vmdebug.sys
17:32:56.0609 2444 vmdebug - ok
17:32:56.0656 2444 [ 2BD36852A877C6B6B0F8320E88FCFD95 ] vmhgfs C:\WINDOWS\system32\DRIVERS\vmhgfs.sys
17:32:56.0656 2444 vmhgfs - ok
17:32:56.0687 2444 [ 1E9F3624B188A0EA23D508895C8D841D ] VMMEMCTL C:\Programme\VMware\VMware Tools\Drivers\memctl\vmmemctl.sys
17:32:56.0687 2444 VMMEMCTL - ok
17:32:56.0687 2444 [ 794D1672CAF56DBB6479D943F7CA1286 ] vmmouse C:\WINDOWS\system32\DRIVERS\vmmouse.sys
17:32:56.0687 2444 vmmouse - ok
17:32:56.0702 2444 [ 19754658F7958E31F00F0227F87DAF1D ] vmscsi C:\WINDOWS\system32\DRIVERS\vmscsi.sys
17:32:56.0718 2444 vmscsi - ok
17:32:56.0734 2444 [ 10251901F16560AC4009F078DAAB5A99 ] VMTools C:\Programme\VMware\VMware Tools\vmtoolsd.exe
17:32:56.0734 2444 VMTools - ok
17:32:56.0765 2444 [ F70284882D8219D6EC07CC6431E04E18 ] VMUpgradeHelper C:\Programme\VMware\VMware Tools\VMUpgradeHelper.exe
17:32:56.0765 2444 VMUpgradeHelper - ok
17:32:56.0781 2444 [ 658EFFF4A90321F92B6AC180C25100A9 ] VMware Physical Disk Helper Service C:\Programme\VMware\VMware Tools\vmacthlp.exe
17:32:56.0781 2444 VMware Physical Disk Helper Service - ok
17:32:56.0796 2444 [ A4D4A2273B7CD427D70B74EF70035F54 ] vmxnet C:\WINDOWS\system32\DRIVERS\vmxnet.sys
17:32:56.0796 2444 vmxnet - ok
17:32:56.0812 2444 [ 4319450CF04D2EAF4F80F1EF53628AFF ] vmx_svga C:\WINDOWS\system32\DRIVERS\vmx_svga.sys
17:32:56.0812 2444 vmx_svga - ok
17:32:56.0812 2444 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:32:56.0812 2444 VolSnap - ok
17:32:56.0843 2444 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
17:32:56.0843 2444 VSS - ok
17:32:56.0874 2444 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\System32\w32time.dll
17:32:56.0874 2444 W32Time - ok
17:32:56.0890 2444 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:32:56.0890 2444 Wanarp - ok
17:32:56.0921 2444 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:32:56.0921 2444 wdmaud - ok
17:32:56.0937 2444 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:32:56.0937 2444 WebClient - ok
17:32:57.0077 2444 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:32:57.0093 2444 winmgmt - ok
17:32:57.0218 2444 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:32:57.0249 2444 WinRM - ok
17:32:57.0312 2444 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:32:57.0312 2444 WmdmPmSN - ok
17:32:57.0343 2444 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:32:57.0343 2444 Wmi - ok
17:32:57.0390 2444 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
17:32:57.0390 2444 WmiApSrv - ok
17:32:57.0531 2444 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
17:32:57.0562 2444 WMPNetworkSvc - ok
17:32:57.0656 2444 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:32:57.0702 2444 WPFFontCache_v0400 - ok
17:32:57.0749 2444 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:32:57.0749 2444 WS2IFSL - ok
17:32:57.0749 2444 WSearch - ok
17:32:57.0781 2444 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:32:57.0781 2444 wuauserv - ok
17:32:57.0859 2444 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:32:57.0859 2444 WudfPf - ok
17:32:57.0874 2444 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:32:57.0874 2444 WudfRd - ok
17:32:57.0890 2444 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:32:57.0890 2444 WudfSvc - ok
17:32:57.0952 2444 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:32:57.0952 2444 WZCSVC - ok
17:32:58.0046 2444 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:32:58.0046 2444 xmlprov - ok
17:32:58.0046 2444 ================ Scan global ===============================
17:32:58.0077 2444 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
17:32:58.0156 2444 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
17:32:58.0156 2444 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
17:32:58.0171 2444 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
17:32:58.0171 2444 [Global] - ok
17:32:58.0171 2444 ================ Scan MBR ==================================
17:32:58.0187 2444 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
17:32:58.0624 2444 \Device\Harddisk0\DR0 - ok
17:32:58.0624 2444 ================ Scan VBR ==================================
17:32:58.0640 2444 [ F08CA7A62FCC66661FA1BC23ECBFB8D7 ] \Device\Harddisk0\DR0\Partition1
17:32:58.0640 2444 \Device\Harddisk0\DR0\Partition1 - ok
17:32:58.0640 2444 ============================================================
17:32:58.0640 2444 Scan finished
17:32:58.0640 2444 ============================================================
17:32:58.0640 3628 Detected object count: 0
17:32:58.0640 3628 Actual detected object count: 0
17:33:26.0421 3660 ============================================================
17:33:26.0421 3660 Scan started
17:33:26.0421 3660 Mode: Manual;
17:33:26.0421 3660 ============================================================
17:33:28.0015 3660 ================ Scan system memory ========================
17:33:28.0015 3660 System memory - ok
17:33:28.0015 3660 ================ Scan services =============================
17:33:29.0046 3660 Abiosdsk - ok
17:33:29.0046 3660 abp480n5 - ok
17:33:29.0890 3660 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:33:29.0890 3660 ACPI - ok
17:33:29.0906 3660 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:33:29.0906 3660 ACPIEC - ok
17:33:29.0921 3660 adpu160m - ok
17:33:29.0937 3660 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:33:29.0937 3660 aec - ok
17:33:29.0968 3660 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:33:29.0968 3660 AFD - ok
17:33:29.0999 3660 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
17:33:29.0999 3660 agp440 - ok
17:33:29.0999 3660 Aha154x - ok
17:33:29.0999 3660 aic78u2 - ok
17:33:29.0999 3660 aic78xx - ok
17:33:30.0062 3660 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:33:30.0062 3660 Alerter - ok
17:33:30.0062 3660 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
17:33:30.0062 3660 ALG - ok
17:33:30.0077 3660 AliIde - ok
17:33:30.0077 3660 amsint - ok
17:33:30.0156 3660 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
17:33:30.0156 3660 AntiVirSchedulerService - ok
17:33:30.0187 3660 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
17:33:30.0187 3660 AntiVirService - ok
17:33:30.0218 3660 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:33:30.0218 3660 AppMgmt - ok
17:33:30.0234 3660 asc - ok
17:33:30.0234 3660 asc3350p - ok
17:33:30.0234 3660 asc3550 - ok
17:33:30.0312 3660 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:33:30.0312 3660 aspnet_state - ok
17:33:30.0327 3660 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:33:30.0327 3660 AsyncMac - ok
17:33:30.0327 3660 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:33:30.0343 3660 atapi - ok
17:33:30.0343 3660 Atdisk - ok
17:33:30.0343 3660 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:33:30.0343 3660 Atmarpc - ok
17:33:30.0359 3660 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:33:30.0359 3660 AudioSrv - ok
17:33:30.0390 3660 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:33:30.0390 3660 audstub - ok
17:33:30.0406 3660 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:33:30.0406 3660 avgntflt - ok
17:33:30.0999 3660 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:33:31.0077 3660 avipbb - ok
17:33:31.0109 3660 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:33:31.0109 3660 avkmgr - ok
17:33:31.0140 3660 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:33:31.0140 3660 Beep - ok
17:33:31.0202 3660 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
17:33:31.0202 3660 BITS - ok
17:33:31.0234 3660 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
17:33:31.0234 3660 Browser - ok
17:33:31.0265 3660 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:33:31.0265 3660 cbidf2k - ok
17:33:31.0281 3660 cd20xrnt - ok
17:33:31.0281 3660 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:33:31.0281 3660 Cdaudio - ok
17:33:31.0327 3660 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:33:31.0327 3660 Cdfs - ok
17:33:31.0343 3660 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:33:31.0343 3660 Cdrom - ok
17:33:31.0390 3660 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] cisvc C:\WINDOWS\System32\cisvc.exe
17:33:31.0390 3660 cisvc - ok
17:33:31.0406 3660 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:33:31.0421 3660 ClipSrv - ok
17:33:31.0452 3660 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:33:31.0452 3660 clr_optimization_v2.0.50727_32 - ok
17:33:31.0531 3660 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:33:31.0531 3660 clr_optimization_v4.0.30319_32 - ok
17:33:31.0562 3660 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:33:31.0562 3660 CmBatt - ok
17:33:31.0562 3660 CmdIde - ok
17:33:31.0577 3660 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:33:31.0577 3660 Compbatt - ok
17:33:31.0577 3660 COMSysApp - ok
17:33:31.0593 3660 Cpqarray - ok
17:33:31.0609 3660 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:33:31.0609 3660 CryptSvc - ok
17:33:31.0624 3660 dac2w2k - ok
17:33:31.0624 3660 dac960nt - ok
17:33:31.0671 3660 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:33:31.0671 3660 DcomLaunch - ok
17:33:31.0687 3660 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:33:31.0687 3660 Dhcp - ok
17:33:31.0687 3660 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:33:31.0702 3660 Disk - ok
17:33:31.0702 3660 dmadmin - ok
17:33:31.0718 3660 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:33:31.0734 3660 dmboot - ok
17:33:31.0765 3660 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:33:31.0765 3660 dmio - ok
17:33:31.0781 3660 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:33:31.0781 3660 dmload - ok
17:33:31.0812 3660 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:33:31.0812 3660 dmserver - ok
17:33:31.0859 3660 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:33:31.0859 3660 DMusic - ok
17:33:31.0890 3660 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:33:31.0890 3660 Dnscache - ok
17:33:31.0921 3660 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:33:31.0921 3660 Dot3svc - ok
17:33:31.0937 3660 dpti2o - ok
17:33:31.0937 3660 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:33:31.0937 3660 drmkaud - ok
17:33:31.0952 3660 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:33:31.0952 3660 EapHost - ok
17:33:31.0968 3660 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:33:31.0984 3660 ERSvc - ok
17:33:32.0015 3660 [ A55DD7D8CED5D2624A9EE2DDA7BE0319 ] es1371 C:\WINDOWS\system32\drivers\es1371mp.sys
17:33:32.0015 3660 es1371 - ok
17:33:32.0046 3660 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
17:33:32.0046 3660 Eventlog - ok
17:33:32.0077 3660 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\System32\es.dll
17:33:32.0077 3660 EventSystem - ok
17:33:32.0109 3660 [ 9F8D1120E72C627BB2549B0424D2BD9A ] Ext2Fsd C:\WINDOWS\system32\drivers\Ext2Fsd.sys
17:33:32.0124 3660 Ext2Fsd - ok
17:33:32.0124 3660 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:33:32.0140 3660 Fastfat - ok
17:33:32.0171 3660 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:33:32.0171 3660 FastUserSwitchingCompatibility - ok
17:33:32.0187 3660 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
17:33:32.0187 3660 Fdc - ok
17:33:32.0187 3660 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:33:32.0187 3660 Fips - ok
17:33:32.0202 3660 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:33:32.0202 3660 Flpydisk - ok
17:33:32.0218 3660 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:33:32.0218 3660 FltMgr - ok
17:33:32.0343 3660 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:33:32.0343 3660 FontCache3.0.0.0 - ok
17:33:32.0359 3660 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:33:32.0359 3660 Fs_Rec - ok
17:33:32.0390 3660 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:33:32.0390 3660 Ftdisk - ok
17:33:32.0406 3660 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:33:32.0406 3660 gameenum - ok
17:33:32.0406 3660 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:33:32.0406 3660 Gpc - ok
17:33:32.0468 3660 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:33:32.0468 3660 helpsvc - ok
17:33:32.0484 3660 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:33:32.0484 3660 HidUsb - ok
17:33:32.0531 3660 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:33:32.0531 3660 hkmsvc - ok
17:33:32.0531 3660 hpn - ok
17:33:32.0531 3660 hpt3xx - ok
17:33:32.0577 3660 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:33:32.0577 3660 HTTP - ok
17:33:32.0593 3660 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:33:32.0593 3660 HTTPFilter - ok
17:33:32.0593 3660 i2omp - ok
17:33:32.0624 3660 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:33:32.0624 3660 i8042prt - ok
17:33:32.0781 3660 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:33:32.0781 3660 idsvc - ok
17:33:32.0812 3660 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:33:32.0812 3660 Imapi - ok
17:33:32.0843 3660 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\System32\imapi.exe
17:33:32.0843 3660 ImapiService - ok
17:33:32.0843 3660 ini910u - ok
17:33:32.0859 3660 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
17:33:32.0859 3660 IntelIde - ok
17:33:32.0890 3660 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:33:32.0890 3660 intelppm - ok
17:33:32.0921 3660 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:33:32.0921 3660 ip6fw - ok
17:33:32.0952 3660 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:33:32.0968 3660 IpFilterDriver - ok
17:33:32.0968 3660 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:33:32.0968 3660 IpInIp - ok
17:33:32.0984 3660 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:33:32.0984 3660 IpNat - ok
17:33:32.0984 3660 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:33:32.0999 3660 IPSec - ok
17:33:32.0999 3660 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:33:32.0999 3660 IRENUM - ok
17:33:33.0015 3660 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:33:33.0015 3660 isapnp - ok
17:33:33.0093 3660 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
17:33:33.0093 3660 JavaQuickStarterService - ok
17:33:33.0109 3660 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:33:33.0109 3660 Kbdclass - ok
17:33:33.0124 3660 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:33:33.0124 3660 kmixer - ok
17:33:33.0156 3660 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:33:33.0156 3660 KSecDD - ok
17:33:33.0187 3660 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:33:33.0187 3660 lanmanserver - ok
17:33:33.0218 3660 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:33:33.0218 3660 lanmanworkstation - ok
17:33:33.0249 3660 [ E6BECE8B315BBE2148EFB742B5EF06F2 ] LGTO_Sync C:\WINDOWS\System32\Drivers\lgtosync.sys
17:33:33.0249 3660 LGTO_Sync - ok
17:33:33.0296 3660 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:33:33.0296 3660 LmHosts - ok
17:33:33.0312 3660 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
17:33:33.0312 3660 MBAMProtector - ok
17:33:33.0359 3660 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
17:33:33.0359 3660 MBAMService - ok
17:33:33.0374 3660 MBAMSwissArmy - ok
17:33:33.0390 3660 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:33:33.0406 3660 Messenger - ok
17:33:33.0437 3660 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:33:33.0437 3660 mnmdd - ok
17:33:33.0468 3660 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
17:33:33.0468 3660 mnmsrvc - ok
17:33:33.0499 3660 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:33:33.0499 3660 Modem - ok
17:33:33.0499 3660 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:33:33.0499 3660 Mouclass - ok
17:33:33.0531 3660 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:33:33.0531 3660 mouhid - ok
17:33:33.0546 3660 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:33:33.0546 3660 MountMgr - ok
17:33:33.0593 3660 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
17:33:33.0593 3660 MozillaMaintenance - ok
17:33:33.0593 3660 mraid35x - ok
17:33:33.0609 3660 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:33:33.0609 3660 MRxDAV - ok
17:33:33.0656 3660 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:33:33.0656 3660 MRxSmb - ok
17:33:33.0687 3660 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\System32\msdtc.exe
17:33:33.0687 3660 MSDTC - ok
17:33:33.0702 3660 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:33:33.0702 3660 Msfs - ok
17:33:33.0718 3660 MSIServer - ok
17:33:33.0718 3660 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:33:33.0718 3660 MSKSSRV - ok
17:33:33.0718 3660 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:33:33.0718 3660 MSPCLOCK - ok
17:33:33.0734 3660 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:33:33.0734 3660 MSPQM - ok
17:33:33.0765 3660 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:33:33.0765 3660 mssmbios - ok
17:33:33.0796 3660 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:33:33.0796 3660 Mup - ok
17:33:33.0843 3660 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
17:33:33.0843 3660 napagent - ok
17:33:33.0906 3660 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:33:33.0906 3660 NDIS - ok
17:33:33.0921 3660 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:33:33.0921 3660 NdisTapi - ok
17:33:33.0921 3660 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:33:33.0921 3660 Ndisuio - ok
17:33:33.0937 3660 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:33:33.0937 3660 NdisWan - ok
17:33:33.0952 3660 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:33:33.0952 3660 NDProxy - ok
17:33:33.0952 3660 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:33:33.0968 3660 NetBIOS - ok
17:33:33.0999 3660 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
17:33:33.0999 3660 NetDDE - ok
17:33:33.0999 3660 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:33:33.0999 3660 NetDDEdsdm - ok
17:33:34.0031 3660 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\System32\lsass.exe
17:33:34.0031 3660 Netlogon - ok
17:33:34.0046 3660 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
17:33:34.0046 3660 Netman - ok
17:33:34.0093 3660 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:33:34.0093 3660 NetTcpPortSharing - ok
17:33:34.0109 3660 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
17:33:34.0124 3660 Nla - ok
17:33:34.0124 3660 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:33:34.0124 3660 Npfs - ok
17:33:34.0140 3660 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:33:34.0140 3660 Ntfs - ok
17:33:34.0156 3660 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
17:33:34.0156 3660 NtLmSsp - ok
17:33:34.0171 3660 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:33:34.0187 3660 NtmsSvc - ok
17:33:34.0187 3660 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:33:34.0187 3660 Null - ok
17:33:34.0218 3660 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:33:34.0218 3660 NwlnkFlt - ok
17:33:34.0218 3660 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:33:34.0234 3660 NwlnkFwd - ok
17:33:34.0249 3660 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:33:34.0249 3660 Parport - ok
17:33:34.0249 3660 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:33:34.0249 3660 PartMgr - ok
17:33:34.0281 3660 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:33:34.0281 3660 ParVdm - ok
17:33:34.0296 3660 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:33:34.0296 3660 PCI - ok
17:33:34.0296 3660 PCIIde - ok
17:33:34.0312 3660 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:33:34.0312 3660 Pcmcia - ok
17:33:34.0359 3660 [ 7BC8027D56FAB153A987C56AE9835664 ] PCnet C:\WINDOWS\system32\DRIVERS\pcntpci5.sys
17:33:34.0359 3660 PCnet - ok
17:33:34.0359 3660 perc2 - ok
17:33:34.0359 3660 perc2hib - ok
17:33:34.0421 3660 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
17:33:34.0421 3660 PlugPlay - ok
17:33:34.0437 3660 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
17:33:34.0437 3660 PolicyAgent - ok
17:33:34.0468 3660 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:33:34.0468 3660 PptpMiniport - ok
17:33:34.0515 3660 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:33:34.0515 3660 Processor - ok
17:33:34.0515 3660 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:33:34.0515 3660 ProtectedStorage - ok
17:33:34.0531 3660 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:33:34.0531 3660 PSched - ok
17:33:34.0546 3660 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:33:34.0546 3660 Ptilink - ok
17:33:34.0577 3660 [ 681AE4F1927FE0FDEEE2863F1684088D ] pwdrvio C:\WINDOWS\system32\pwdrvio.sys
17:33:34.0577 3660 pwdrvio - ok
17:33:34.0593 3660 [ BC60895CE021309EBD887D2F22055654 ] pwdspio C:\WINDOWS\system32\pwdspio.sys
17:33:34.0593 3660 pwdspio - ok
17:33:34.0609 3660 ql1080 - ok
17:33:34.0609 3660 Ql10wnt - ok
17:33:34.0609 3660 ql12160 - ok
17:33:34.0609 3660 ql1240 - ok
17:33:34.0609 3660 ql1280 - ok
17:33:34.0640 3660 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:33:34.0640 3660 RasAcd - ok
17:33:34.0656 3660 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:33:34.0656 3660 RasAuto - ok
17:33:34.0671 3660 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:33:34.0671 3660 Rasl2tp - ok
17:33:34.0687 3660 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:33:34.0702 3660 RasMan - ok
17:33:34.0702 3660 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:33:34.0702 3660 RasPppoe - ok
17:33:34.0718 3660 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:33:34.0718 3660 Raspti - ok
17:33:34.0734 3660 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:33:34.0734 3660 Rdbss - ok
17:33:34.0749 3660 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:33:34.0749 3660 RDPCDD - ok
17:33:34.0749 3660 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:33:34.0765 3660 rdpdr - ok
17:33:34.0796 3660 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:33:34.0796 3660 RDPWD - ok
17:33:34.0812 3660 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:33:34.0812 3660 RDSessMgr - ok
17:33:34.0812 3660 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:33:34.0812 3660 redbook - ok
17:33:34.0843 3660 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:33:34.0843 3660 RemoteAccess - ok
17:33:34.0859 3660 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:33:34.0859 3660 RemoteRegistry - ok
17:33:34.0874 3660 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\System32\locator.exe
17:33:34.0874 3660 RpcLocator - ok
17:33:34.0890 3660 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:33:34.0890 3660 RpcSs - ok
17:33:34.0921 3660 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\System32\rsvp.exe
17:33:34.0921 3660 RSVP - ok
17:33:34.0921 3660 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
17:33:34.0921 3660 SamSs - ok
17:33:34.0937 3660 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:33:34.0952 3660 SCardSvr - ok
17:33:34.0968 3660 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:33:34.0968 3660 Schedule - ok
17:33:34.0999 3660 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:33:34.0999 3660 Secdrv - ok
17:33:35.0015 3660 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
17:33:35.0015 3660 seclogon - ok
17:33:35.0031 3660 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
17:33:35.0031 3660 SENS - ok
17:33:35.0031 3660 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:33:35.0031 3660 serenum - ok
17:33:35.0046 3660 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:33:35.0046 3660 Serial - ok
17:33:35.0062 3660 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:33:35.0062 3660 Sfloppy - ok
17:33:35.0109 3660 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:33:35.0109 3660 SharedAccess - ok
17:33:35.0124 3660 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:33:35.0124 3660 ShellHWDetection - ok
17:33:35.0124 3660 Simbad - ok
17:33:35.0140 3660 Sparrow - ok
17:33:35.0156 3660 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:33:35.0156 3660 splitter - ok
17:33:35.0187 3660 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:33:35.0187 3660 Spooler - ok
17:33:35.0187 3660 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:33:35.0187 3660 sr - ok
17:33:35.0218 3660 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\System32\srsvc.dll
17:33:35.0218 3660 srservice - ok
17:33:35.0281 3660 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:33:35.0281 3660 Srv - ok
17:33:35.0327 3660 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:33:35.0327 3660 SSDPSRV - ok
17:33:35.0359 3660 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:33:35.0359 3660 ssmdrv - ok
17:33:35.0421 3660 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:33:35.0421 3660 stisvc - ok
17:33:35.0421 3660 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:33:35.0421 3660 swenum - ok
17:33:35.0468 3660 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:33:35.0468 3660 swmidi - ok
17:33:35.0484 3660 SwPrv - ok
17:33:35.0484 3660 symc810 - ok
17:33:35.0499 3660 symc8xx - ok
17:33:35.0499 3660 sym_hi - ok
17:33:35.0499 3660 sym_u3 - ok
17:33:35.0515 3660 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:33:35.0515 3660 sysaudio - ok
17:33:35.0546 3660 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:33:35.0546 3660 SysmonLog - ok
17:33:35.0562 3660 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:33:35.0577 3660 TapiSrv - ok
17:33:35.0593 3660 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:33:35.0609 3660 Tcpip - ok
17:33:35.0640 3660 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:33:35.0640 3660 TDPIPE - ok
17:33:35.0687 3660 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:33:35.0687 3660 TDTCP - ok
17:33:35.0687 3660 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:33:35.0687 3660 TermDD - ok
17:33:35.0702 3660 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
17:33:35.0718 3660 TermService - ok
17:33:35.0718 3660 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:33:35.0734 3660 Themes - ok
17:33:35.0796 3660 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
17:33:35.0796 3660 TlntSvr - ok
17:33:35.0796 3660 TosIde - ok
17:33:35.0859 3660 [ 318FECDB840272065BBB8D034749CB8A ] tpautoconnsvc C:\Programme\VMware\VMware Tools\TPAutoConnSvc.exe
17:33:35.0874 3660 tpautoconnsvc - ok
17:33:35.0874 3660 [ A2C4F995230DD11213BC465353E4C7A9 ] TPVCGateway C:\Programme\VMware\VMware Tools\TPVCGateway.exe
17:33:35.0890 3660 TPVCGateway - ok
17:33:35.0890 3660 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:33:35.0906 3660 TrkWks - ok
17:33:35.0921 3660 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:33:35.0921 3660 Udfs - ok
17:33:35.0937 3660 ultra - ok
17:33:35.0968 3660 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:33:35.0968 3660 Update - ok
17:33:36.0015 3660 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:33:36.0015 3660 upnphost - ok
17:33:36.0015 3660 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
17:33:36.0031 3660 UPS - ok
17:33:36.0031 3660 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:33:36.0031 3660 usbccgp - ok
17:33:36.0062 3660 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:33:36.0062 3660 usbehci - ok
17:33:36.0062 3660 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:33:36.0062 3660 usbhub - ok
17:33:36.0093 3660 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:33:36.0093 3660 USBSTOR - ok
17:33:36.0124 3660 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:33:36.0124 3660 usbuhci - ok
17:33:36.0124 3660 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:33:36.0140 3660 VgaSave - ok
17:33:36.0140 3660 ViaIde - ok
17:33:36.0140 3660 [ CF6E387851AB9166C3601FED101CA53D ] vmdebug C:\WINDOWS\system32\Drivers\vmdebug.sys
17:33:36.0140 3660 vmdebug - ok
17:33:36.0187 3660 [ 2BD36852A877C6B6B0F8320E88FCFD95 ] vmhgfs C:\WINDOWS\system32\DRIVERS\vmhgfs.sys
17:33:36.0187 3660 vmhgfs - ok
17:33:36.0202 3660 [ 1E9F3624B188A0EA23D508895C8D841D ] VMMEMCTL C:\Programme\VMware\VMware Tools\Drivers\memctl\vmmemctl.sys
17:33:36.0202 3660 VMMEMCTL - ok
17:33:36.0218 3660 [ 794D1672CAF56DBB6479D943F7CA1286 ] vmmouse C:\WINDOWS\system32\DRIVERS\vmmouse.sys
17:33:36.0218 3660 vmmouse - ok
17:33:36.0234 3660 [ 19754658F7958E31F00F0227F87DAF1D ] vmscsi C:\WINDOWS\system32\DRIVERS\vmscsi.sys
17:33:36.0234 3660 vmscsi - ok
17:33:36.0234 3660 [ 10251901F16560AC4009F078DAAB5A99 ] VMTools C:\Programme\VMware\VMware Tools\vmtoolsd.exe
17:33:36.0234 3660 VMTools - ok
17:33:36.0249 3660 [ F70284882D8219D6EC07CC6431E04E18 ] VMUpgradeHelper C:\Programme\VMware\VMware Tools\VMUpgradeHelper.exe
17:33:36.0249 3660 VMUpgradeHelper - ok
17:33:36.0296 3660 [ 658EFFF4A90321F92B6AC180C25100A9 ] VMware Physical Disk Helper Service C:\Programme\VMware\VMware Tools\vmacthlp.exe
17:33:36.0296 3660 VMware Physical Disk Helper Service - ok
17:33:36.0327 3660 [ A4D4A2273B7CD427D70B74EF70035F54 ] vmxnet C:\WINDOWS\system32\DRIVERS\vmxnet.sys
17:33:36.0327 3660 vmxnet - ok
17:33:36.0327 3660 [ 4319450CF04D2EAF4F80F1EF53628AFF ] vmx_svga C:\WINDOWS\system32\DRIVERS\vmx_svga.sys
17:33:36.0327 3660 vmx_svga - ok
17:33:36.0343 3660 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:33:36.0343 3660 VolSnap - ok
17:33:36.0390 3660 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
17:33:36.0406 3660 VSS - ok
17:33:36.0421 3660 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\System32\w32time.dll
17:33:36.0421 3660 W32Time - ok
17:33:36.0468 3660 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:33:36.0468 3660 Wanarp - ok
17:33:36.0499 3660 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:33:36.0499 3660 wdmaud - ok
17:33:36.0531 3660 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:33:36.0531 3660 WebClient - ok
17:33:36.0609 3660 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:33:36.0624 3660 winmgmt - ok
17:33:36.0718 3660 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:33:36.0734 3660 WinRM - ok
17:33:36.0781 3660 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:33:36.0781 3660 WmdmPmSN - ok
17:33:37.0234 3660 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:33:37.0249 3660 Wmi - ok
17:33:37.0312 3660 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
17:33:37.0312 3660 WmiApSrv - ok
17:33:37.0468 3660 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
17:33:37.0468 3660 WMPNetworkSvc - ok
17:33:37.0624 3660 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:33:37.0624 3660 WPFFontCache_v0400 - ok
17:33:37.0656 3660 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:33:37.0656 3660 WS2IFSL - ok
17:33:37.0656 3660 WSearch - ok
17:33:37.0702 3660 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:33:37.0702 3660 wuauserv - ok
17:33:37.0718 3660 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:33:37.0734 3660 WudfPf - ok
17:33:37.0765 3660 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:33:37.0765 3660 WudfRd - ok
17:33:37.0812 3660 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:33:37.0812 3660 WudfSvc - ok
17:33:37.0874 3660 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:33:37.0890 3660 WZCSVC - ok
17:33:37.0937 3660 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:33:37.0937 3660 xmlprov - ok
17:33:37.0937 3660 ================ Scan global ===============================
17:33:37.0968 3660 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
17:33:37.0999 3660 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
17:33:38.0015 3660 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
17:33:38.0031 3660 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
17:33:38.0031 3660 [Global] - ok
17:33:38.0031 3660 ================ Scan MBR ==================================
17:33:38.0062 3660 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
17:33:38.0327 3660 \Device\Harddisk0\DR0 - ok
17:33:38.0327 3660 ================ Scan VBR ==================================
17:33:38.0327 3660 [ F08CA7A62FCC66661FA1BC23ECBFB8D7 ] \Device\Harddisk0\DR0\Partition1
17:33:38.0327 3660 \Device\Harddisk0\DR0\Partition1 - ok
17:33:38.0327 3660 ============================================================
17:33:38.0327 3660 Scan finished
17:33:38.0327 3660 ============================================================
17:33:38.0327 1692 Detected object count: 0
17:33:38.0327 1692 Actual detected object count: 0
17:35:08.0531 3880 ============================================================
17:35:08.0531 3880 Scan started
17:35:08.0531 3880 Mode: Manual; SigCheck; TDLFS;
17:35:08.0531 3880 ============================================================
17:35:08.0687 3880 ================ Scan system memory ========================
17:35:08.0687 3880 System memory - ok
17:35:08.0687 3880 ================ Scan services =============================
17:35:08.0781 3880 Abiosdsk - ok
17:35:08.0781 3880 abp480n5 - ok
17:35:08.0812 3880 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:35:09.0937 3880 ACPI - ok
17:35:09.0968 3880 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:35:10.0093 3880 ACPIEC - ok
17:35:10.0093 3880 adpu160m - ok
17:35:10.0124 3880 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:35:10.0218 3880 aec - ok
17:35:10.0249 3880 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:35:10.0281 3880 AFD - ok
17:35:10.0312 3880 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
17:35:10.0437 3880 agp440 - ok
17:35:10.0452 3880 Aha154x - ok
17:35:10.0452 3880 aic78u2 - ok
17:35:10.0452 3880 aic78xx - ok
17:35:10.0484 3880 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:35:10.0577 3880 Alerter - ok
17:35:10.0593 3880 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
17:35:10.0687 3880 ALG - ok
17:35:10.0702 3880 AliIde - ok
17:35:10.0702 3880 amsint - ok
17:35:10.0781 3880 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
17:35:10.0812 3880 AntiVirSchedulerService - ok
17:35:10.0843 3880 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
17:35:10.0859 3880 AntiVirService - ok
17:35:10.0906 3880 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:35:11.0046 3880 AppMgmt - ok
17:35:11.0046 3880 asc - ok
17:35:11.0046 3880 asc3350p - ok
17:35:11.0062 3880 asc3550 - ok
17:35:11.0124 3880 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:35:11.0140 3880 aspnet_state - ok
17:35:11.0156 3880 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:35:11.0265 3880 AsyncMac - ok
17:35:11.0265 3880 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:35:11.0359 3880 atapi - ok
17:35:11.0359 3880 Atdisk - ok
17:35:11.0374 3880 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:35:11.0484 3880 Atmarpc - ok
17:35:11.0515 3880 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:35:11.0593 3880 AudioSrv - ok
17:35:11.0640 3880 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:35:11.0749 3880 audstub - ok
17:35:11.0749 3880 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:35:11.0781 3880 avgntflt - ok
17:35:11.0812 3880 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:35:11.0827 3880 avipbb - ok
17:35:11.0859 3880 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:35:11.0874 3880 avkmgr - ok
17:35:11.0906 3880 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:35:11.0999 3880 Beep - ok
17:35:12.0046 3880 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
17:35:12.0156 3880 BITS - ok
17:35:12.0187 3880 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
17:35:12.0234 3880 Browser - ok
17:35:12.0249 3880 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:35:12.0374 3880 cbidf2k - ok
17:35:12.0374 3880 cd20xrnt - ok
17:35:12.0390 3880 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:35:12.0484 3880 Cdaudio - ok
17:35:12.0499 3880 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:35:12.0593 3880 Cdfs - ok
17:35:12.0640 3880 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:35:12.0765 3880 Cdrom - ok
17:35:12.0781 3880 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] cisvc C:\WINDOWS\System32\cisvc.exe
17:35:12.0874 3880 cisvc - ok
17:35:12.0890 3880 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:35:12.0984 3880 ClipSrv - ok
17:35:13.0015 3880 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:35:13.0031 3880 clr_optimization_v2.0.50727_32 - ok
17:35:13.0077 3880 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:35:13.0077 3880 clr_optimization_v4.0.30319_32 - ok
17:35:13.0093 3880 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:35:13.0171 3880 CmBatt - ok
17:35:13.0187 3880 CmdIde - ok
17:35:13.0202 3880 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:35:13.0281 3880 Compbatt - ok
17:35:13.0296 3880 COMSysApp - ok
17:35:13.0296 3880 Cpqarray - ok
17:35:13.0312 3880 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:35:13.0406 3880 CryptSvc - ok
17:35:13.0406 3880 dac2w2k - ok
17:35:13.0406 3880 dac960nt - ok
17:35:13.0437 3880 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:35:13.0484 3880 DcomLaunch - ok
17:35:13.0515 3880 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:35:13.0671 3880 Dhcp - ok
17:35:13.0671 3880 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:35:13.0781 3880 Disk - ok
17:35:13.0781 3880 dmadmin - ok
17:35:13.0796 3880 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:35:13.0921 3880 dmboot - ok
17:35:13.0937 3880 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:35:14.0031 3880 dmio - ok
17:35:14.0062 3880 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:35:14.0171 3880 dmload - ok
17:35:14.0187 3880 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:35:14.0281 3880 dmserver - ok
17:35:14.0296 3880 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:35:14.0390 3880 DMusic - ok
17:35:14.0421 3880 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:35:14.0468 3880 Dnscache - ok
17:35:14.0499 3880 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:35:14.0577 3880 Dot3svc - ok
17:35:14.0593 3880 dpti2o - ok
17:35:14.0593 3880 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:35:14.0687 3880 drmkaud - ok
17:35:14.0702 3880 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:35:14.0781 3880 EapHost - ok
17:35:14.0812 3880 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:35:14.0906 3880 ERSvc - ok
17:35:14.0937 3880 [ A55DD7D8CED5D2624A9EE2DDA7BE0319 ] es1371 C:\WINDOWS\system32\drivers\es1371mp.sys
17:35:15.0031 3880 es1371 - ok
17:35:15.0046 3880 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
17:35:15.0077 3880 Eventlog - ok
17:35:15.0093 3880 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\System32\es.dll
17:35:15.0140 3880 EventSystem - ok
17:35:15.0187 3880 [ 9F8D1120E72C627BB2549B0424D2BD9A ] Ext2Fsd C:\WINDOWS\system32\drivers\Ext2Fsd.sys
17:35:15.0202 3880 Ext2Fsd ( UnsignedFile.Multi.Generic ) - warning
17:35:15.0202 3880 Ext2Fsd - detected UnsignedFile.Multi.Generic (1)
17:35:15.0218 3880 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:35:15.0343 3880 Fastfat - ok
17:35:15.0359 3880 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:35:15.0390 3880 FastUserSwitchingCompatibility - ok
17:35:15.0406 3880 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
17:35:15.0484 3880 Fdc - ok
17:35:15.0499 3880 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:35:15.0593 3880 Fips - ok
17:35:15.0609 3880 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:35:15.0687 3880 Flpydisk - ok
17:35:15.0718 3880 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:35:15.0796 3880 FltMgr - ok
17:35:15.0859 3880 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:35:15.0874 3880 FontCache3.0.0.0 - ok
17:35:15.0874 3880 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:35:15.0984 3880 Fs_Rec - ok
17:35:15.0984 3880 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:35:16.0109 3880 Ftdisk - ok
17:35:16.0124 3880 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:35:16.0202 3880 gameenum - ok
17:35:16.0218 3880 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:35:16.0296 3880 Gpc - ok
17:35:16.0343 3880 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:35:16.0437 3880 helpsvc - ok
17:35:16.0452 3880 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:35:16.0531 3880 HidUsb - ok
17:35:16.0562 3880 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:35:16.0671 3880 hkmsvc - ok
17:35:16.0671 3880 hpn - ok
17:35:16.0671 3880 hpt3xx - ok
17:35:16.0702 3880 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:35:16.0734 3880 HTTP - ok
17:35:16.0781 3880 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:35:16.0874 3880 HTTPFilter - ok
17:35:16.0890 3880 i2omp - ok
17:35:16.0906 3880 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:35:17.0015 3880 i8042prt - ok
17:35:17.0156 3880 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:35:17.0202 3880 idsvc - ok
17:35:17.0218 3880 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:35:17.0296 3880 Imapi - ok
17:35:17.0327 3880 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\System32\imapi.exe
17:35:17.0421 3880 ImapiService - ok
17:35:17.0421 3880 ini910u - ok
17:35:17.0421 3880 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
17:35:17.0515 3880 IntelIde - ok
17:35:17.0546 3880 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:35:17.0624 3880 intelppm - ok
17:35:17.0656 3880 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:35:17.0749 3880 ip6fw - ok
17:35:17.0796 3880 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:35:17.0890 3880 IpFilterDriver - ok
17:35:17.0906 3880 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:35:17.0999 3880 IpInIp - ok
17:35:18.0015 3880 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:35:18.0093 3880 IpNat - ok
17:35:18.0109 3880 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:35:18.0187 3880 IPSec - ok
17:35:18.0202 3880 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:35:18.0296 3880 IRENUM - ok
17:35:18.0296 3880 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:35:18.0390 3880 isapnp - ok
17:35:18.0452 3880 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
17:35:18.0468 3880 JavaQuickStarterService - ok
17:35:18.0468 3880 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:35:18.0546 3880 Kbdclass - ok
17:35:18.0562 3880 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:35:18.0656 3880 kmixer - ok
17:35:18.0702 3880 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:35:18.0890 3880 KSecDD - ok
17:35:18.0921 3880 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:35:18.0937 3880 lanmanserver - ok
17:35:18.0968 3880 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:35:19.0015 3880 lanmanworkstation - ok
17:35:19.0046 3880 [ E6BECE8B315BBE2148EFB742B5EF06F2 ] LGTO_Sync C:\WINDOWS\System32\Drivers\lgtosync.sys
17:35:19.0062 3880 LGTO_Sync - ok
17:35:19.0109 3880 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:35:19.0234 3880 LmHosts - ok
17:35:19.0249 3880 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
17:35:19.0265 3880 MBAMProtector - ok
17:35:19.0296 3880 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
17:35:19.0327 3880 MBAMService - ok
17:35:19.0343 3880 MBAMSwissArmy - ok
17:35:19.0359 3880 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:35:19.0452 3880 Messenger - ok
17:35:19.0484 3880 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:35:19.0577 3880 mnmdd - ok
17:35:19.0593 3880 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
17:35:19.0687 3880 mnmsrvc - ok
17:35:19.0718 3880 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:35:19.0796 3880 Modem - ok
17:35:19.0843 3880 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:35:19.0921 3880 Mouclass - ok
17:35:19.0952 3880 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:35:20.0046 3880 mouhid - ok
17:35:20.0062 3880 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:35:20.0156 3880 MountMgr - ok
17:35:20.0202 3880 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
17:35:20.0202 3880 MozillaMaintenance - ok
17:35:20.0218 3880 mraid35x - ok
17:35:20.0218 3880 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:35:20.0296 3880 MRxDAV - ok
17:35:20.0343 3880 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:35:20.0437 3880 MRxSmb - ok
17:35:20.0468 3880 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\System32\msdtc.exe
17:35:20.0562 3880 MSDTC - ok
17:35:20.0577 3880 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:35:20.0671 3880 Msfs - ok
17:35:20.0671 3880 MSIServer - ok
17:35:20.0671 3880 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:35:20.0765 3880 MSKSSRV - ok
17:35:20.0765 3880 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:35:20.0859 3880 MSPCLOCK - ok
17:35:20.0859 3880 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:35:20.0952 3880 MSPQM - ok
17:35:20.0984 3880 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:35:21.0062 3880 mssmbios - ok
17:35:21.0077 3880 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:35:21.0109 3880 Mup - ok
17:35:21.0124 3880 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
17:35:21.0218 3880 napagent - ok
17:35:21.0249 3880 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:35:21.0327 3880 NDIS - ok
17:35:21.0343 3880 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:35:21.0390 3880 NdisTapi - ok
17:35:21.0406 3880 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:35:21.0499 3880 Ndisuio - ok
17:35:21.0499 3880 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:35:21.0577 3880 NdisWan - ok
17:35:21.0593 3880 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:35:21.0656 3880 NDProxy - ok
17:35:21.0656 3880 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:35:21.0749 3880 NetBIOS - ok
17:35:21.0749 3880 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
17:35:21.0843 3880 NetDDE - ok
17:35:21.0843 3880 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:35:21.0937 3880 NetDDEdsdm - ok
17:35:21.0968 3880 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\System32\lsass.exe
17:35:22.0046 3880 Netlogon - ok
17:35:22.0062 3880 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
17:35:22.0156 3880 Netman - ok
17:35:22.0202 3880 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:35:22.0202 3880 NetTcpPortSharing - ok
17:35:22.0234 3880 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
17:35:22.0234 3880 Nla - ok
17:35:22.0249 3880 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:35:22.0327 3880 Npfs - ok
17:35:22.0359 3880 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:35:22.0499 3880 Ntfs - ok
17:35:22.0499 3880 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
17:35:22.0593 3880 NtLmSsp - ok
17:35:22.0624 3880 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:35:22.0718 3880 NtmsSvc - ok
17:35:22.0734 3880 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:35:22.0827 3880 Null - ok
17:35:22.0859 3880 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:35:22.0952 3880 NwlnkFlt - ok
17:35:22.0968 3880 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:35:23.0062 3880 NwlnkFwd - ok
17:35:23.0077 3880 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:35:23.0171 3880 Parport - ok
17:35:23.0187 3880 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:35:23.0265 3880 PartMgr - ok
17:35:23.0296 3880 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:35:23.0406 3880 ParVdm - ok
17:35:23.0406 3880 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:35:23.0499 3880 PCI - ok
17:35:23.0499 3880 PCIIde - ok
17:35:23.0515 3880 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:35:23.0593 3880 Pcmcia - ok
17:35:23.0624 3880 [ 7BC8027D56FAB153A987C56AE9835664 ] PCnet C:\WINDOWS\system32\DRIVERS\pcntpci5.sys
17:35:23.0718 3880 PCnet - ok
17:35:23.0734 3880 perc2 - ok
17:35:23.0734 3880 perc2hib - ok
17:35:23.0734 3880 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
17:35:23.0749 3880 PlugPlay - ok
17:35:23.0749 3880 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
17:35:23.0843 3880 PolicyAgent - ok
17:35:23.0874 3880 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:35:23.0968 3880 PptpMiniport - ok
17:35:23.0984 3880 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:35:24.0062 3880 Processor - ok
17:35:24.0077 3880 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:35:24.0171 3880 ProtectedStorage - ok
17:35:24.0171 3880 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:35:24.0265 3880 PSched - ok
17:35:24.0281 3880 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:35:24.0406 3880 Ptilink - ok
17:35:24.0437 3880 [ 681AE4F1927FE0FDEEE2863F1684088D ] pwdrvio C:\WINDOWS\system32\pwdrvio.sys
17:35:24.0452 3880 pwdrvio - ok
17:35:24.0468 3880 [ BC60895CE021309EBD887D2F22055654 ] pwdspio C:\WINDOWS\system32\pwdspio.sys
17:35:24.0468 3880 pwdspio - ok
17:35:24.0484 3880 ql1080 - ok
17:35:24.0484 3880 Ql10wnt - ok
17:35:24.0484 3880 ql12160 - ok
17:35:24.0484 3880 ql1240 - ok
17:35:24.0499 3880 ql1280 - ok
17:35:24.0499 3880 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:35:24.0593 3880 RasAcd - ok
17:35:24.0640 3880 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:35:24.0765 3880 RasAuto - ok
17:35:24.0796 3880 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:35:24.0906 3880 Rasl2tp - ok
17:35:24.0952 3880 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:35:25.0046 3880 RasMan - ok
17:35:25.0046 3880 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:35:25.0140 3880 RasPppoe - ok
17:35:25.0140 3880 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:35:25.0265 3880 Raspti - ok
17:35:25.0281 3880 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:35:25.0374 3880 Rdbss - ok
17:35:25.0374 3880 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:35:25.0484 3880 RDPCDD - ok
17:35:25.0484 3880 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:35:25.0577 3880 rdpdr - ok
17:35:25.0609 3880 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:35:25.0656 3880 RDPWD - ok
17:35:25.0671 3880 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:35:25.0765 3880 RDSessMgr - ok
17:35:25.0781 3880 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:35:25.0859 3880 redbook - ok
17:35:25.0890 3880 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:35:25.0984 3880 RemoteAccess - ok
17:35:25.0999 3880 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:35:26.0077 3880 RemoteRegistry - ok
17:35:26.0093 3880 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\System32\locator.exe
17:35:26.0171 3880 RpcLocator - ok
17:35:26.0202 3880 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:35:26.0218 3880 RpcSs - ok
17:35:26.0234 3880 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\System32\rsvp.exe
17:35:26.0327 3880 RSVP - ok
17:35:26.0343 3880 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
17:35:26.0437 3880 SamSs - ok
17:35:26.0452 3880 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:35:26.0531 3880 SCardSvr - ok
17:35:26.0546 3880 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:35:26.0640 3880 Schedule - ok
17:35:26.0656 3880 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:35:26.0734 3880 Secdrv - ok
17:35:26.0765 3880 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
17:35:26.0843 3880 seclogon - ok
17:35:26.0859 3880 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
17:35:26.0937 3880 SENS - ok
17:35:26.0952 3880 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:35:27.0031 3880 serenum - ok
17:35:27.0046 3880 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:35:27.0124 3880 Serial - ok
17:35:27.0156 3880 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:35:27.0249 3880 Sfloppy - ok
17:35:27.0296 3880 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:35:27.0390 3880 SharedAccess - ok
17:35:27.0406 3880 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:35:27.0421 3880 ShellHWDetection - ok
17:35:27.0421 3880 Simbad - ok
17:35:27.0437 3880 Sparrow - ok
17:35:27.0452 3880 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:35:27.0546 3880 splitter - ok
17:35:27.0562 3880 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:35:27.0577 3880 Spooler - ok
17:35:27.0593 3880 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:35:27.0687 3880 sr - ok
17:35:27.0702 3880 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\System32\srsvc.dll
17:35:27.0796 3880 srservice - ok
17:35:27.0812 3880 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:35:27.0874 3880 Srv - ok
17:35:27.0890 3880 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:35:27.0968 3880 SSDPSRV - ok
17:35:27.0999 3880 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:35:28.0015 3880 ssmdrv - ok
17:35:28.0046 3880 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:35:28.0202 3880 stisvc - ok
17:35:28.0234 3880 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:35:28.0327 3880 swenum - ok
17:35:28.0343 3880 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:35:28.0421 3880 swmidi - ok
17:35:28.0437 3880 SwPrv - ok
17:35:28.0437 3880 symc810 - ok
17:35:28.0437 3880 symc8xx - ok
17:35:28.0452 3880 sym_hi - ok
17:35:28.0452 3880 sym_u3 - ok
17:35:28.0468 3880 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:35:28.0562 3880 sysaudio - ok
17:35:28.0593 3880 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:35:28.0687 3880 SysmonLog - ok
17:35:28.0718 3880 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:35:28.0812 3880 TapiSrv - ok
17:35:28.0843 3880 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:35:28.0859 3880 Tcpip - ok
17:35:28.0890 3880 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:35:28.0984 3880 TDPIPE - ok
17:35:28.0984 3880 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:35:29.0077 3880 TDTCP - ok
17:35:29.0093 3880 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:35:29.0171 3880 TermDD - ok
17:35:29.0187 3880 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
17:35:29.0281 3880 TermService - ok
17:35:29.0296 3880 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:35:29.0312 3880 Themes - ok
17:35:29.0343 3880 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
17:35:29.0437 3880 TlntSvr - ok
17:35:29.0437 3880 TosIde - ok
17:35:29.0484 3880 [ 318FECDB840272065BBB8D034749CB8A ] tpautoconnsvc C:\Programme\VMware\VMware Tools\TPAutoConnSvc.exe
17:35:29.0499 3880 tpautoconnsvc - ok
17:35:29.0499 3880 [ A2C4F995230DD11213BC465353E4C7A9 ] TPVCGateway C:\Programme\VMware\VMware Tools\TPVCGateway.exe
17:35:29.0531 3880 TPVCGateway - ok
17:35:29.0531 3880 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:35:29.0624 3880 TrkWks - ok
17:35:29.0656 3880 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:35:29.0734 3880 Udfs - ok
17:35:29.0749 3880 ultra - ok
17:35:29.0781 3880 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:35:29.0874 3880 Update - ok
17:35:29.0890 3880 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:35:29.0999 3880 upnphost - ok
17:35:29.0999 3880 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
17:35:30.0093 3880 UPS - ok
17:35:30.0093 3880 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:35:30.0187 3880 usbccgp - ok
17:35:30.0202 3880 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:35:30.0296 3880 usbehci - ok
17:35:30.0296 3880 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:35:30.0390 3880 usbhub - ok
17:35:30.0421 3880 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:35:30.0499 3880 USBSTOR - ok
17:35:30.0531 3880 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:35:30.0952 3880 usbuhci - ok
17:35:30.0952 3880 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:35:31.0077 3880 VgaSave - ok
17:35:31.0077 3880 ViaIde - ok
17:35:31.0093 3880 [ CF6E387851AB9166C3601FED101CA53D ] vmdebug C:\WINDOWS\system32\Drivers\vmdebug.sys
17:35:31.0109 3880 vmdebug - ok
17:35:31.0140 3880 [ 2BD36852A877C6B6B0F8320E88FCFD95 ] vmhgfs C:\WINDOWS\system32\DRIVERS\vmhgfs.sys
17:35:31.0140 3880 vmhgfs - ok
17:35:31.0171 3880 [ 1E9F3624B188A0EA23D508895C8D841D ] VMMEMCTL C:\Programme\VMware\VMware Tools\Drivers\memctl\vmmemctl.sys
17:35:31.0171 3880 VMMEMCTL - ok
17:35:31.0187 3880 [ 794D1672CAF56DBB6479D943F7CA1286 ] vmmouse C:\WINDOWS\system32\DRIVERS\vmmouse.sys
17:35:31.0202 3880 vmmouse - ok
17:35:31.0218 3880 [ 19754658F7958E31F00F0227F87DAF1D ] vmscsi C:\WINDOWS\system32\DRIVERS\vmscsi.sys
17:35:31.0218 3880 vmscsi - ok
17:35:31.0234 3880 [ 10251901F16560AC4009F078DAAB5A99 ] VMTools C:\Programme\VMware\VMware Tools\vmtoolsd.exe
17:35:31.0234 3880 VMTools - ok
17:35:31.0265 3880 [ F70284882D8219D6EC07CC6431E04E18 ] VMUpgradeHelper C:\Programme\VMware\VMware Tools\VMUpgradeHelper.exe
17:35:31.0281 3880 VMUpgradeHelper - ok
17:35:31.0296 3880 [ 658EFFF4A90321F92B6AC180C25100A9 ] VMware Physical Disk Helper Service C:\Programme\VMware\VMware Tools\vmacthlp.exe
17:35:31.0312 3880 VMware Physical Disk Helper Service - ok
17:35:31.0327 3880 [ A4D4A2273B7CD427D70B74EF70035F54 ] vmxnet C:\WINDOWS\system32\DRIVERS\vmxnet.sys
17:35:31.0327 3880 vmxnet - ok
17:35:31.0343 3880 [ 4319450CF04D2EAF4F80F1EF53628AFF ] vmx_svga C:\WINDOWS\system32\DRIVERS\vmx_svga.sys
17:35:31.0343 3880 vmx_svga - ok
17:35:31.0343 3880 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:35:31.0452 3880 VolSnap - ok
17:35:31.0484 3880 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
17:35:31.0562 3880 VSS - ok
17:35:31.0593 3880 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\System32\w32time.dll
17:35:31.0671 3880 W32Time - ok
17:35:31.0687 3880 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:35:31.0781 3880 Wanarp - ok
17:35:31.0781 3880 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:35:31.0874 3880 wdmaud - ok
17:35:31.0890 3880 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:35:31.0984 3880 WebClient - ok
17:35:32.0062 3880 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:35:32.0140 3880 winmgmt - ok
17:35:32.0202 3880 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:35:32.0296 3880 WinRM - ok
17:35:32.0343 3880 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:35:32.0421 3880 WmdmPmSN - ok
17:35:32.0468 3880 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:35:32.0531 3880 Wmi - ok
17:35:32.0562 3880 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
17:35:32.0718 3880 WmiApSrv - ok
17:35:32.0765 3880 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
17:35:32.0812 3880 WMPNetworkSvc - ok
17:35:32.0906 3880 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:35:32.0937 3880 WPFFontCache_v0400 - ok
17:35:32.0984 3880 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:35:33.0077 3880 WS2IFSL - ok
17:35:33.0077 3880 WSearch - ok
17:35:33.0124 3880 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:35:33.0218 3880 wuauserv - ok
17:35:33.0249 3880 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:35:33.0296 3880 WudfPf - ok
17:35:33.0312 3880 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:35:33.0327 3880 WudfRd - ok
17:35:33.0343 3880 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:35:33.0359 3880 WudfSvc - ok
17:35:33.0406 3880 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:35:33.0546 3880 WZCSVC - ok
17:35:33.0562 3880 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:35:33.0671 3880 xmlprov - ok
17:35:33.0671 3880 ================ Scan global ===============================
17:35:33.0702 3880 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
17:35:33.0718 3880 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
17:35:33.0718 3880 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
17:35:33.0749 3880 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
17:35:33.0749 3880 [Global] - ok
17:35:33.0749 3880 ================ Scan MBR ==================================
17:35:33.0765 3880 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
17:35:34.0077 3880 \Device\Harddisk0\DR0 - ok
17:35:34.0077 3880 ================ Scan VBR ==================================
17:35:34.0093 3880 [ F08CA7A62FCC66661FA1BC23ECBFB8D7 ] \Device\Harddisk0\DR0\Partition1
17:35:34.0093 3880 \Device\Harddisk0\DR0\Partition1 - ok
17:35:34.0093 3880 ============================================================
17:35:34.0093 3880 Scan finished
17:35:34.0093 3880 ============================================================
17:35:34.0202 2364 Detected object count: 1
17:35:34.0202 2364 Actual detected object count: 1
17:35:59.0171 2364 Ext2Fsd ( UnsignedFile.Multi.Generic ) - skipped by user
17:35:59.0171 2364 Ext2Fsd ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
19.09.2012, 21:02
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GEMA Trojaner hat mein PC gesperrt Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu GEMA Trojaner hat mein PC gesperrt |
| gema trojaner, gesperrt, leute, logdateien, pc gesperrt, troja, trojaner |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
