Mehrere Trojaner, Malware usw. aufgesammelt

platinman · 27.09.2012, 17:08

Hallo zusammen,

Ich habe von einem Bekannten einen PC bekommen und soll mal schauen warum der denn nicht mehr geht.

Problem:
Beim Starten weißes Fenster (mit Internetanschluss wird eine Sanduhr gezeigt, ohne Internet "Fehler der Verbindung"). Dieses Fenster lässt sich weder schließen, noch komme ich in den Taskmanager usw.

Nun habe ich seit gestern abend etwas selbst ausprobiert, unter anderem mit Informationen aus dem Forum usw. hat mich aber nicht weitergebracht (Hätte mich lieber gleich registrieren sollen

)

Deshalb lasse ich an die ganze Sache nun die Profis ran:
Als ich den PC damals eingerichtet hatte, habe ich ein Admin-Konto erstellt und ein weiteres (Auch Adminrechte). Dies hat mich jetzt in sofern gerettet, als dass ich immerhin im Abgesicherten Modus aufgrund des Admin-Kontos auf den PC zugreifen kann.

Es handelt sich um einen Windows XP-Rechner.

Hier nun die geforderten Log-Files:

OTL.txt
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 27.09.2012 16:57:20 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 80,91% Memory free
3,85 Gb Paging File | 3,68 Gb Available in Paging File | 95,59% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 0,84 Gb Free Space | 1,72% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 164,25 Gb Free Space | 84,10% Space Free | Partition Type: NTFS
Drive G: | 221,62 Gb Total Space | 114,45 Gb Free Space | 51,65% Space Free | Partition Type: NTFS
 
Computer Name: BIE | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.27 15:56:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe
PRC - [2012.09.13 19:04:32 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.08.29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- G:\Spiele neu\Hamachi\hamachi-2.exe
PRC - [2008.04.14 10:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINXP\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.13 19:04:32 | 002,244,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.01.03 15:10:46 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2009.07.31 00:13:32 | 000,035,840 | ---- | M] () -- C:\Programme\DAEMON Tools Pro\cryptapi.dll
MOD - [2007.04.05 02:59:56 | 000,007,680 | ---- | M] () -- C:\Programme\DAEMON Tools Pro\Plugins\Images\bw5mount.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice_tmp.exe -- (MozillaMaintenance)
SRV - [2012.09.19 05:33:36 | 003,082,640 | ---- | M] (Emsisoft GmbH) [Auto | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012.08.29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- G:\Spiele neu\Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.08.15 18:13:07 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011.09.20 22:15:28 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.0.229\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Stopped] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.06 19:48:47 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.17 19:34:00 | 000,098,488 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.05.13 14:18:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.03.31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Stopped] -- C:\WINXP\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.11.04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.08.29 15:20:56 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.02.18 12:16:30 | 000,110,592 | ---- | M] (Apple, Inc.) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\XDva399.sys -- (XDva399)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\XDva398.sys -- (XDva398)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINXP\System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\MSI\DualCoreCenter\RushTop.sys -- (RushTopDevice2)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\MSI\DualCoreCenter\NTGLM7X.sys -- (DualCoreCenter)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.09.27 14:19:50 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.04.30 18:45:28 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2009.12.07 20:21:51 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINXP\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.07.06 17:10:22 | 005,788,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.05.11 07:42:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINXP\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.05.05 21:07:52 | 000,026,216 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.03.31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.30 08:03:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINXP\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 10:05:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.08.05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.13 08:51:50 | 000,017,920 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\Ntaccess.sys -- (WEBNTACCESS)
DRV - [2008.01.03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.12.14 06:51:32 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\FlashSys.sys -- (FLASHSYS)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.01.04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\Monfilt.sys -- (Monfilt)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINXP\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINXP\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINXP\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.9.9: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.09.13 19:04:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.09.13 19:04:26 | 000,000,000 | ---D | M]
 
[2012.09.26 21:58:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions
[2012.09.26 22:56:35 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\buysoypq.default\extensions
[2012.09.26 23:00:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.17 16:18:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.13 19:04:32 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.06.25 16:32:54 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.11 17:55:16 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.25 16:32:54 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.25 16:32:54 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.25 16:32:54 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.25 16:32:54 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2008.04.14 10:00:00 | 000,000,820 | ---- | M]) - C:\WINXP\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (4sharedExt) - {95525BD9-6136-4A26-8263-9CEE295D442D} - C:\Programme\4Shared Toolbar\4sharedExt32.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [EEventManager] C:\Programme\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Programme\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [LiveMonitor] C:\Programme\MSI\Live Update 3\LMonitor.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] G:\Spiele neu\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NBKeyScan] "C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" File not found
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINXP\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINXP\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\RunOnce: [DeleteOnReboot] C:\WINXP\DeleteOnReboot.bat ()
O4 - HKCU..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKCU..\RunOnce: [NeroHomeFirstStart] "C:\Programme\Gemeinsame Dateien\Nero\Lib\NMFirstStart.exe" File not found
O4 - HKCU..\RunOnce: [Report] C:\AdwCleaner[S1].txt ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\3.0.229\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\phase-6 Reminder.lnk =  File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk = G:\Spiele neu\WZQKPICK32.EXE (WinZip Computing, S.L.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AFC7E311-B432-4382-8DA5-840C46A673AB}: DhcpNameServer = 83.169.184.225 83.169.184.161 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINXP\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINXP\system32\userinit.exe) - C:\WINXP\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop BackupWallPaper: 
O31 - SafeBoot: AlternateShell - C:\Dokumente und Einstellungen\*****\Anwendungsdaten\1.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.30 23:21:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.27 16:25:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Emsisoft Anti-Malware
[2012.09.27 16:25:19 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2012.09.27 16:25:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Anti-Malware
[2012.09.27 16:11:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.27 14:19:50 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbamswissarmy.sys
[2012.09.26 23:05:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes
[2012.09.26 23:05:37 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys
[2012.09.26 23:05:37 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.09.26 23:05:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.09.26 23:05:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.09.26 22:11:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia
[2012.09.26 22:11:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe
[2012.09.26 21:59:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
[2012.09.26 21:58:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2012.09.26 21:58:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla
[2012.09.26 21:56:46 | 000,000,000 | -HSD | C] -- C:\WINXP\CSC
[2012.09.26 21:30:07 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien
[2012.09.26 21:12:34 | 000,000,000 | ---D | C] -- C:\WINXP\pss
[2012.09.18 18:19:14 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.09.18 18:19:14 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft
[2012.09.18 18:19:14 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo
[2012.09.18 18:19:14 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
[2012.09.18 18:19:14 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör
[2012.09.18 18:19:14 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü
[2012.09.18 18:19:14 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart
[2012.09.18 18:19:14 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies
[2012.09.18 18:19:14 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen
[2012.09.18 18:19:14 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent
[2012.09.18 18:19:14 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung
[2012.09.18 18:19:14 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen
[2012.09.18 18:19:14 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung
[2012.09.18 18:19:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft Help
[2012.09.18 18:19:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten
[2012.09.18 18:19:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop
[2012.09.17 16:17:59 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2012.09.17 16:17:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2012.09.17 16:17:58 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2012.09.17 16:17:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype
[2012.09.13 19:04:23 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.09.11 17:51:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\WinZip
[2012.09.09 13:19:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\phase-6
[2012.09.09 13:19:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Phase6
[2012.09.01 21:05:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\LogMeIn Hamachi
[14 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.27 16:56:32 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\defogger_reenable
[2012.09.27 16:25:41 | 000,000,738 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2012.09.27 16:19:46 | 000,002,048 | --S- | M] () -- C:\WINXP\bootstat.dat
[2012.09.27 16:18:09 | 000,000,128 | ---- | M] () -- C:\WINXP\DeleteOnReboot.bat
[2012.09.27 16:13:29 | 000,054,156 | -H-- | M] () -- C:\WINXP\QTFont.qfn
[2012.09.27 16:13:16 | 000,243,457 | ---- | M] () -- C:\WINXP\System32\NvApps.xml
[2012.09.27 14:19:50 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbamswissarmy.sys
[2012.09.26 23:05:37 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.26 21:04:57 | 000,002,206 | ---- | M] () -- C:\WINXP\System32\wpa.dbl
[2012.09.18 17:52:01 | 000,001,232 | ---- | M] () -- C:\WINXP\tasks\FacebookUpdateTaskUserS-1-5-21-790525478-1682526488-1801674531-1003UA.job
[2012.09.18 17:52:00 | 000,001,210 | ---- | M] () -- C:\WINXP\tasks\FacebookUpdateTaskUserS-1-5-21-790525478-1682526488-1801674531-1003Core.job
[2012.09.18 14:12:15 | 000,000,880 | ---- | M] () -- C:\WINXP\tasks\Adobe Flash Player Updater.job
[2012.09.17 16:17:59 | 000,001,868 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2012.09.11 17:51:04 | 000,001,535 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WinZip.lnk
[2012.09.11 17:51:04 | 000,001,465 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk
[2012.09.09 13:20:00 | 000,000,915 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\phase-6 Reminder.lnk
[2012.09.09 13:20:00 | 000,000,787 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\phase-6 premium.lnk
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys
[14 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.27 16:56:26 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\defogger_reenable
[2012.09.27 16:25:41 | 000,000,738 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2012.09.27 16:18:08 | 000,000,128 | ---- | C] () -- C:\WINXP\DeleteOnReboot.bat
[2012.09.26 23:05:37 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.18 18:19:14 | 000,001,587 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk
[2012.09.18 18:19:14 | 000,000,764 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Windows Media Player.lnk
[2012.09.17 16:17:59 | 000,001,868 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2012.09.11 17:51:04 | 000,001,535 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WinZip.lnk
[2012.09.11 17:51:01 | 000,001,465 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk
[2012.09.09 13:20:00 | 000,000,915 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\phase-6 Reminder.lnk
[2012.09.09 13:20:00 | 000,000,787 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\phase-6 premium.lnk
[2012.06.19 19:24:53 | 000,004,767 | ---- | C] () -- C:\WINXP\Irremote.ini
[2012.04.14 12:15:19 | 000,000,025 | ---- | C] () -- C:\WINXP\popcinfot.dat
[2012.02.17 14:00:10 | 000,003,072 | ---- | C] () -- C:\WINXP\System32\iacenc.dll
[2011.06.08 20:18:34 | 000,000,664 | ---- | C] () -- C:\WINXP\System32\d3d9caps.dat
[2010.10.14 02:36:44 | 000,179,263 | ---- | C] () -- C:\WINXP\System32\xlive.dll.cat
[2010.10.09 21:01:34 | 000,000,000 | ---- | C] () -- C:\WINXP\EEventManager.INI
[2009.12.15 23:42:32 | 000,005,048 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mtbjfghn.xbe
[2009.07.31 00:09:05 | 000,000,085 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2009.07.30 23:53:38 | 010,440,704 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.mda
 
========== ZeroAccess Check ==========
 
[2009.07.31 00:36:14 | 000,000,227 | RHS- | M] () -- C:\WINXP\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 10:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINXP\system32\wbem\fastprox.dll -- [2009.02.09 12:54:49 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINXP\system32\wbem\wbemess.dll -- [2008.04.14 10:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.06.26 15:47:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\4Sync
[2012.06.23 14:43:58 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2009.07.31 00:13:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro
[2010.10.09 19:19:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON
[2011.01.09 15:29:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2010.08.16 21:05:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound
[2009.12.15 23:09:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2010.05.30 19:59:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2012.09.09 13:22:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Phase6
[2011.04.17 14:59:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files
[2012.04.14 12:14:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2010.06.02 13:15:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Stardock
[2012.03.20 18:39:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Terzio
[2012.06.23 14:44:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010.10.09 19:18:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL
[2012.09.11 17:50:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2012.06.23 14:43:58 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2010.06.02 13:15:02 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{67C33A62-5B1D-43D1-9600-16006F36EB2B}
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 48 bytes -> C:\WINXP:95432AA3CA273D40

< End of report >

--- --- ---

Extras.txt
OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 27.09.2012 15:59:42 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 64,23% Memory free
3,85 Gb Paging File | 3,36 Gb Available in Paging File | 87,25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 0,16 Gb Free Space | 0,32% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 164,25 Gb Free Space | 84,10% Space Free | Partition Type: NTFS
Drive G: | 221,62 Gb Total Space | 114,45 Gb Free Space | 51,65% Space Free | Partition Type: NTFS
 
Computer Name: BIE | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.vbe [@ = VBEFile] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-790525478-1682526488-1801674531-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [edit] -- Reg Error: Key error.
vbefile [open] -- Reg Error: Key error.
vbefile [print] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58671:TCP" = 58671:TCP:*:Enabled:Pando Media Booster
"58671:UDP" = 58671:UDP:*:Enabled:Pando Media Booster
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"58671:TCP" = 58671:TCP:*:Enabled:Pando Media Booster
"58671:UDP" = 58671:UDP:*:Enabled:Pando Media Booster
"25566:TCP" = 25566:TCP:*:Enabled:Bukkit
"25567:TCP" = 25567:TCP:*:Enabled:Minecraft Server
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\*****\Eigene Dateien\icq\ICQ7.0\ICQ.exe" = C:\Dokumente und Einstellungen\*****\Eigene Dateien\icq\ICQ7.0\ICQ.exe:*:Enabled:ICQ7
"C:\Dokumente und Einstellungen\*****\Eigene Dateien\icq\ICQ7.0\aolload.exe" = C:\Dokumente und Einstellungen\*****\Eigene Dateien\icq\ICQ7.0\aolload.exe:*:Enabled:aolload.exe
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"E:\CDS\Nero\Installation\SetupX.exe" = E:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"G:\Spiele neu\HERR DER RINGE\game.dat" = G:\Spiele neu\HERR DER RINGE\game.dat:*:Enabled:Die Schlacht um Mittelerde™ II -- (Electronic Arts Inc.)
"G:\Spiele neu\HEXENKÖNIG\game.dat" = G:\Spiele neu\HEXENKÖNIG\game.dat:*:Enabled:Der Herr der Ringe™, Aufstieg des Hexenkönigs™ -- (Electronic Arts Inc.)
"C:\Programme\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe" = C:\Programme\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander - Forged Alliance
"G:\Spiele neu\forged alliance\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe" = G:\Spiele neu\forged alliance\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:*:Enabled:Supreme Commander - Forged Alliance -- (Gas Powered Games)
"G:\Spiele neu\forged alliance\GPGNet\GPG.Multiplayer.Client.exe" = G:\Spiele neu\forged alliance\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander - Forged Alliance
"C:\Dokumente und Einstellungen\*****\Eigene Dateien\icq\ICQ7.0\ICQ.exe" = C:\Dokumente und Einstellungen\*****\Eigene Dateien\icq\ICQ7.0\ICQ.exe:*:Enabled:ICQ7
"C:\Dokumente und Einstellungen\*****\Eigene Dateien\icq\ICQ7.0\aolload.exe" = C:\Dokumente und Einstellungen\*****\Eigene Dateien\icq\ICQ7.0\aolload.exe:*:Enabled:aolload.exe
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Dokumente und Einstellungen\*****\Eigene Dateien\npsasvr.exe" = C:\Dokumente und Einstellungen\*****\Eigene Dateien\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server
"C:\Dokumente und Einstellungen\*****\Eigene Dateien\npsvsvr.exe" = C:\Dokumente und Einstellungen\*****\Eigene Dateien\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server
"C:\Programme\Stardock Games\Demigod\bin\Demigod.exe" = C:\Programme\Stardock Games\Demigod\bin\Demigod.exe:*:Enabled:Demigod -- (Gas Powered Games)
"C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Temp\wz505a\DCC.exe" = C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Temp\wz505a\DCC.exe:*:Enabled:Dreambox Control Center
"C:\Programme\Epson Software\Event Manager\EEventManager.exe" = C:\Programme\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"G:\Spiele alt\Supreme Commander\bin\SupremeCommander.exe" = G:\Spiele alt\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander -- (Gas Powered Games)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"G:\Spiele neu\call of D\Steam.exe" = G:\Spiele neu\call of D\Steam.exe:*:Disabled:Steam -- (Valve Corporation)
"C:\WINXP\system32\rundll32.exe" = C:\WINXP\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen -- (Microsoft Corporation)
"G:\Spiele neu\call of D\SteamApps\common\call of duty black ops\BlackOps.exe" = G:\Spiele neu\call of D\SteamApps\common\call of duty black ops\BlackOps.exe:*:Enabled:Call of Duty: Black Ops -- ()
"G:\Spiele neu\call of D\SteamApps\common\call of duty black ops\BlackOpsMP.exe" = G:\Spiele neu\call of D\SteamApps\common\call of duty black ops\BlackOpsMP.exe:*:Enabled:Call of Duty: Black Ops - Multiplayer -- ()
"C:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe" = C:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:*:Enabled:Petroglyph -- (Lucasfilm Entertainment Company, Ltd.)
"C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin
"G:\Spiele neu\call of D\SteamApps\chatter43956\team fortress 2\hl2.exe" = G:\Spiele neu\call of D\SteamApps\chatter43956\team fortress 2\hl2.exe:*:Disabled:hl2
"G:\Spiele neu\NapkinRace\NapkinRace.exe" = G:\Spiele neu\NapkinRace\NapkinRace.exe:*:Enabled:NapkinRace -- ()
"C:\WINXP\system32\msiexec.exe" = C:\WINXP\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager -- (SweetIM Technologies Ltd.)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"C:\Programme\TeamViewer\Version7\TeamViewer.exe" = C:\Programme\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"G:\Spiele neu\call of D\SteamApps\common\ava\REACTOR.exe" = G:\Spiele neu\call of D\SteamApps\common\ava\REACTOR.exe:*:Enabled:Alliance of Valiant Arms -- (NHN Corporation)
"C:\Programme\Java\jre7\bin\java.exe" = C:\Programme\Java\jre7\bin\java.exe:*:Disabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Programme\Java\jre7\bin\javaw.exe" = C:\Programme\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"G:\Spiele neu\call of D\SteamApps\common\MicroVolts\Launcher.exe" = G:\Spiele neu\call of D\SteamApps\common\MicroVolts\Launcher.exe:*:Enabled:MicroVolts -- (NQGames)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0166E190-92D7-482A-A220-DE8B7354383A}" = Demigod
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{20AB57C7-FED7-4394-8166-A409DEA20253}" = TubeBox!
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{299F6B9B-0C63-4F97-95AA-8FB1AE96F6E9}" = The Fate Of Hellas
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{31D95937-B237-405D-920C-A3EF4E482395}" = Supreme Commander - Forged Alliance
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38C9BDE0-59DB-4DE0-B4C9-AB2A6258108C}" = Löwenzahn 1
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{4527481F-E36D-408E-9F40-89E2630E2120}" = TubeBox!
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}" = iTunes
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{62733593-6322-4C89-8B50-F714305A4DC6}" = TubeBox!
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6B48554C-9089-4177-A38D-B8FE122F11FC}" = TubeBox!
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7CFC17CE-0A66-46B0-BA57-BF8AB674BF5C}" = Loewenzahn 6
"{7E641E46-81DB-4D1D-906A-48342523051C}" = FlatOut2
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{81D62C32-0984-11D3-86CD-00105AD33021}" = Caere Scan Manager 5.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Search-Results Toolbar
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = Aufstieg des Hexenkönigs™
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009.SP3c
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CB49B376-1136-44B4-83FA-036334B59937}" = OLYMPUS Master 2
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D2}" = WinZip 16.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{f1eea723-1a61-4ce8-a934-5b91597f0813}" = Nero 9
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArcSoft PhotoBase" = ArcSoft PhotoBase
"ArcSoft PhotoStudio 2000" = ArcSoft PhotoStudio 2000
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CloneDVD2" = CloneDVD2
"Demigod" = Demigod
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON SX218 Series" = EPSON SX218 Series Printer Uninstall
"EPSON SX218 Series Manual" = EPSON SX218 Series Handbuch
"FileZilla Client" = FileZilla Client 3.2.7.1
"Free Audio Converter_is1" = Free Audio Converter version 2.0
"Free Studio_is1" = Free Studio version 4.3
"ICQToolbar" = ICQ Toolbar
"iLivid" = iLivid
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapkinRace_is1" = NapkinRace v1.0
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OmniPagePro9.0DeinstKey" = OmniPage Pro 9.0
"phase-6" = phase-6 2.1.2.3a
"PriceGong" = PriceGong 2.6.4
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Softonic" = Softonic toolbar  on IE
"Steam App 102700" = Alliance of Valiant Arms
"Steam App 109400" = MicroVolts
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 440" = Team Fortress 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.9
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 19.09.2012 01:20:44 | Computer Name = BIE | Source = Userenv | ID = 1090
Description = Der Sitzungsstatus des Richtlinienergebnissatzes konnte nicht protokolliert
 werden. Ein Verbindungsversuch mit WMI ist fehlgeschlagen. Für diese Anwendung 
der Richtlinie wird keine Richtlinienergebnissatz-Protokollierung durchgeführt.
 
Error - 20.09.2012 08:29:42 | Computer Name = BIE | Source = Userenv | ID = 1090
Description = Der Sitzungsstatus des Richtlinienergebnissatzes konnte nicht protokolliert
 werden. Ein Verbindungsversuch mit WMI ist fehlgeschlagen. Für diese Anwendung 
der Richtlinie wird keine Richtlinienergebnissatz-Protokollierung durchgeführt.
 
Error - 20.09.2012 08:31:41 | Computer Name = BIE | Source = Userenv | ID = 1090
Description = Der Sitzungsstatus des Richtlinienergebnissatzes konnte nicht protokolliert
 werden. Ein Verbindungsversuch mit WMI ist fehlgeschlagen. Für diese Anwendung 
der Richtlinie wird keine Richtlinienergebnissatz-Protokollierung durchgeführt.
 
Error - 20.09.2012 08:42:48 | Computer Name = BIE | Source = Userenv | ID = 1090
Description = Der Sitzungsstatus des Richtlinienergebnissatzes konnte nicht protokolliert
 werden. Ein Verbindungsversuch mit WMI ist fehlgeschlagen. Für diese Anwendung 
der Richtlinie wird keine Richtlinienergebnissatz-Protokollierung durchgeführt.
 
Error - 20.09.2012 08:43:13 | Computer Name = BIE | Source = ESENT | ID = 490
Description = svchost (1284) Versuch, Datei "C:\WINXP\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 26.09.2012 15:05:07 | Computer Name = BIE | Source = Userenv | ID = 1090
Description = Der Sitzungsstatus des Richtlinienergebnissatzes konnte nicht protokolliert
 werden. Ein Verbindungsversuch mit WMI ist fehlgeschlagen. Für diese Anwendung 
der Richtlinie wird keine Richtlinienergebnissatz-Protokollierung durchgeführt.
 
Error - 26.09.2012 15:56:56 | Computer Name = BIE | Source = Userenv | ID = 1090
Description = Der Sitzungsstatus des Richtlinienergebnissatzes konnte nicht protokolliert
 werden. Ein Verbindungsversuch mit WMI ist fehlgeschlagen. Für diese Anwendung 
der Richtlinie wird keine Richtlinienergebnissatz-Protokollierung durchgeführt.
 
Error - 26.09.2012 16:47:02 | Computer Name = BIE | Source = Userenv | ID = 1090
Description = Der Sitzungsstatus des Richtlinienergebnissatzes konnte nicht protokolliert
 werden. Ein Verbindungsversuch mit WMI ist fehlgeschlagen. Für diese Anwendung 
der Richtlinie wird keine Richtlinienergebnissatz-Protokollierung durchgeführt.
 
Error - 26.09.2012 16:48:02 | Computer Name = BIE | Source = ESENT | ID = 490
Description = svchost (1516) Versuch, Datei "C:\WINXP\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 26.09.2012 16:49:28 | Computer Name = BIE | Source = Userenv | ID = 1090
Description = Der Sitzungsstatus des Richtlinienergebnissatzes konnte nicht protokolliert
 werden. Ein Verbindungsversuch mit WMI ist fehlgeschlagen. Für diese Anwendung 
der Richtlinie wird keine Richtlinienergebnissatz-Protokollierung durchgeführt.
 
[ OSession Events ]
Error - 11.09.2012 15:00:09 | Computer Name = BIE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 72
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 14.09.2012 08:04:52 | Computer Name = BIE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2428
 seconds with 1080 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 26.09.2012 16:53:40 | Computer Name = BIE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "wuauserv"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 26.09.2012 17:00:14 | Computer Name = BIE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "MSIServer"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {000C101C-0000-0000-C000-000000000046}
 
Error - 26.09.2012 17:07:54 | Computer Name = BIE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 27.09.2012 08:19:18 | Computer Name = BIE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 27.09.2012 08:20:09 | Computer Name = BIE | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   avgio  avipbb  ElbyCDIO  Fips  intelppm  sptd  ssmdrv
 
Error - 27.09.2012 08:21:59 | Computer Name = BIE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 27.09.2012 09:58:16 | Computer Name = BIE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 27.09.2012 09:58:20 | Computer Name = BIE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 27.09.2012 09:58:24 | Computer Name = BIE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 27.09.2012 09:58:26 | Computer Name = BIE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
 
< End of report >

--- --- ---

Gmer.txt
GMER Logfile:

Code:

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-27 17:49:43
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-1d WDC_WD5000AADS-00L4B1 rev.05.04C05
Running: y6ke6gun.exe; Driver: C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\pxtdqpow.sys


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Programme\DAEMON Tools Pro\
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0xA6 0x52 0x83 0xCD ...
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0xAB 0x20 0xEF 0x09 ...
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12                         0x8E 0xD9 0x86 0xDA ...
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12                    0xE6 0x95 0xDE 0xFE ...
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Programme\DAEMON Tools Pro\
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0xA6 0x52 0x83 0xCD ...
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0xAB 0x20 0xEF 0x09 ...
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12                         0x8E 0xD9 0x86 0xDA ...
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12                    0xE6 0x95 0xDE 0xFE ...
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Programme\DAEMON Tools Pro\
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0xA6 0x52 0x83 0xCD ...
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0xAB 0x20 0xEF 0x09 ...
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12                         0x8E 0xD9 0x86 0xDA ...
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12                    0xE6 0x95 0xDE 0xFE ...
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Programme\DAEMON Tools Pro\
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0xA6 0x52 0x83 0xCD ...
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0xAB 0x20 0xEF 0x09 ...
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12                         0x8E 0xD9 0x86 0xDA ...
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12                    0xE6 0x95 0xDE 0xFE ...
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                    
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 C:\Programme\DAEMON Tools Pro\
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0xA6 0x52 0x83 0xCD ...
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                           
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0xAB 0x20 0xEF 0x09 ...
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                      
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1                      
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2                      
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12                0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3                      
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12                0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002                           
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12                     0x8E 0xD9 0x86 0xDA ...
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0                      
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12                0xE6 0x95 0xDE 0xFE ...
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1                      
Reg  HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1@hdf12                0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Programme\DAEMON Tools Pro\
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0xA6 0x52 0x83 0xCD ...
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0xAB 0x20 0xEF 0x09 ...
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12                    0x94 0x3A 0x91 0x0C ...
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12                         0x8E 0xD9 0x86 0xDA ...
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12                    0xE6 0x95 0xDE 0xFE ...
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1@hdf12                    0x94 0x3A 0x91 0x0C ...

---- EOF - GMER 1.0.15 ----

--- --- ---

markusg · 27.09.2012, 17:14

hi
warum 2 admin konten, besser wäre es gewesen du hättest ihm nen eingeschrenktes konto zum surfen eingerichtet :-(
1. öffne malwarebytes, berichte, poste alle logs.
2.
öffne emsisoft, quarantäne und poste mal was da drinn ist
3. öffne avira, quarantäne, poste fundmeldungen.
haben emsisoft und avira jeweils aktieve hintergrund wächter aktiev, ist emsisoft also bezahlt? dann muss eins von beiden später runter

platinman · 28.09.2012, 20:42

Vielen Dank für deine Antwort!

Ich wollte zu dieser Zeit ihm es nicht zu umständlich machen, wenn er doch mal etwas installieren möchte oder ähnliches

Antivir ist derzeit ausgeschaltet, habe keinen aktiven Scanner am laufen.

Hier nun die Logs:
(Ich habe noch nichts gelöscht/in Quarantäne verschoben)

Malwarebyte's Antimalware

Zitat:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.26.13

Windows XP Service Pack 3 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 7.0.5730.13
Administrator :: BIE [Administrator]

28.09.2012 18:23:35
mbam-log-2012-09-28 (19-01-44).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 305480
Laufzeit: 21 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoViewContextMenu (PUM.RightClick.Disabled) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions|NoBrowserContextMenu (PUM.RightClick.Disabled) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Dokumente und Einstellungen\*****\Startmenü\Programme\Autostart\ja.lnk (Trojan.Winlock.Gen) -> Keine Aktion durchgeführt.

(Ende)

Und Emisoft Anti-Malware 7.0

Zitat:

Emsisoft Anti-Malware - Version 7.0
Letztes Update: 28.09.2012 19:05:34

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, G:\

Riskware-Erkennung: Aus
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn: 28.09.2012 19:06:52

C:\Dokumente und Einstellungen\*****\Anwendungsdaten\1.exe gefunden: Trace.File.Dorkbot (A)
C:\Dokumente und Einstellungen\*****\Startmenü\Programme\Autostart\ja.lnk gefunden: Trace.File.LockScreen (A)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4e6b494f.qua -> (Quarantine-8) -> WebService/Application.class gefunden: Exploit.Java.CVE-2012-0507.N (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4ddee2fb.qua -> (Quarantine-8) -> ClassPol.class gefunden: Java.Trojan.Exploit.Bytverify.Q (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4e6b494f.qua -> (Quarantine-8) -> WebService/Language.class gefunden: Exploit.Java.CVE-2012-0507.N (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4ddee2fb.qua -> (Quarantine-8) -> padle.class gefunden: Java.Trojan.Exploit.Bytverify.Q (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4fe699a7.qua -> (Quarantine-8) gefunden: Gen:Variant.Application.InstallCore.5 (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4ddee2fb.qua -> (Quarantine-8) -> *****.class gefunden: Java.Trojan.Exploit.Bytverify.Q (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4ddee2fb.qua -> (Quarantine-8) -> CusBen.class gefunden: Java.Trojan.Exploit.Bytverify.Q (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4ff3c529.qua -> (Quarantine-8) gefunden: Gen:Variant.Kazy.64405 (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4ddee2fb.qua -> (Quarantine-8) -> Trollllllle.class gefunden: Java.Trojan.Exploit.Bytverify.Q (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\50029633.qua -> (Quarantine-8) gefunden: Gen:Variant.Application.InstallCore.5 (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4ddee2fb.qua -> (Quarantine-8) -> Clrepor.class gefunden: Java.Trojan.Exploit.Bytverify.Q (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\507ee06d.qua -> (Quarantine-8) -> mcnmpaqqlsrb/bvtvdmkadgfhvdanfqmd.class gefunden: Exploit.Java.CVE.G (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4ddee2fb.qua -> (Quarantine-8) -> Cload.class gefunden: Java.Trojan.Exploit.Bytverify.Q (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\507ee06d.qua -> (Quarantine-8) -> mcnmpaqqlsrb/fyrblayrcvcervwlquwglhyqv.class gefunden: Exploit.Java.CVE.G (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4ddee2fb.qua -> (Quarantine-8) -> novell.class gefunden: Java.Trojan.Exploit.Bytverify.Q (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\507ee06d.qua -> (Quarantine-8) -> mcnmpaqqlsrb/ltkrmpdvkbmasy.class gefunden: Exploit.Java.CVE.G (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\4ddee2fb.qua -> (Quarantine-8) -> huiak.class gefunden: Java.Trojan.Exploit.Bytverify.Q (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\507ee06d.qua -> (Quarantine-8) -> mcnmpaqqlsrb/musfdv.class gefunden: Exploit.Java.CVE.G (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\507ee06d.qua -> (Quarantine-8) -> mcnmpaqqlsrb/rggvthergdpsdhugvfr.class gefunden: Exploit.Java.CVE.G (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\507ee06d.qua -> (Quarantine-8) -> mcnmpaqqlsrb/rtjvguaewmreqbcm.class gefunden: Exploit.Java.CVE.G (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\507ee06d.qua -> (Quarantine-8) -> mcnmpaqqlsrb/vuevarq.class gefunden: Exploit.Java.CVE.G (B)
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\INFECTED\507ee06d.qua -> (Quarantine-8) -> mcnmpaqqlsrb/vwslvkhhbjkwhtnnys.class gefunden: Exploit.Java.CVE.G (B)
C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\z1080j4i.default\Cache\D\A6\9CCABd01 -> (INFECTED_JS) gefunden: PDF:Exploit.PDF-JS.GO (B)
C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Temp\TWbp8XI.exe gefunden: Trojan.Win32.Winlock-C (A)

Gescannt 393745
Gefunden 26

Scan Ende: 28.09.2012 21:36:16
Scan Zeit: 2:29:24

markusg · 28.09.2012, 20:45

aloa

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

platinman · 28.09.2012, 20:57

Combofix Logdatei
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-09-27.03 - Administrator 28.09.2012  21:51:01.1.2 - x86 NETWORK
ausgeführt von:: c:\dokumente und einstellungen\Administrator\Eigene Dateien\Downloads\ComboFix.exe
 * Neuer Wiederherstellungspunkt wurde erstellt
.
 ADS - WINXP: deleted 48 bytes in 1 streams. 
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml1.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml158.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml159.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml15A.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml2.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml3.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml4.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml5.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml6.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml7.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml77.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml78.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml79.tmp
c:\dokumente und einstellungen\All Users\Anwendungsdaten\xml7A.tmp
c:\programme\Program Files
c:\programme\Program Files\Epson Software\Common\Easy Photo Print Plugin\PMB\EPPEP_PMB.exe
c:\programme\Program Files\Epson Software\Common\Easy Photo Print Plugin\PMB\EPPEP_PMB.xml
c:\programme\Program Files\Epson Software\Common\Easy Photo Print Plugin\PMB\EPPEP_PMB_core.xml
c:\programme\Program Files\Epson Software\Common\Easy Photo Print Plugin\PMB\EPPEP_PMB_RelationXML.xml
c:\programme\Program Files\Epson Software\Common\Easy Photo Print Plugin\PMB\Readme.txt
c:\winxp\IsUn0407.exe
c:\winxp\system32\_000007_.tmp.dll
c:\winxp\unin0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-28 bis 2012-09-28  ))))))))))))))))))))))))))))))
.
.
2012-09-27 14:25 . 2012-09-28 19:45	--------	d-----w-	c:\programme\Emsisoft Anti-Malware
2012-09-27 14:18 . 2012-09-27 14:18	128	----a-w-	c:\winxp\DeleteOnReboot.bat
2012-09-27 14:11 . 2012-09-27 14:11	--------	d-----w-	C:\_OTL
2012-09-26 21:05 . 2012-09-26 21:05	--------	d-----w-	c:\programme\Malwarebytes' Anti-Malware
2012-09-26 21:05 . 2012-09-26 21:05	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-09-26 21:05 . 2012-09-07 15:04	22856	----a-w-	c:\winxp\system32\drivers\mbam.sys
2012-09-18 16:19 . 2012-09-27 14:56	--------	d-----w-	c:\dokumente und einstellungen\Administrator
2012-09-17 14:17 . 2012-09-17 14:17	--------	d-----w-	c:\programme\Gemeinsame Dateien\Skype
2012-09-17 14:17 . 2012-09-17 14:18	--------	d-----r-	c:\programme\Skype
2012-09-17 14:17 . 2012-09-17 14:24	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Skype
2012-09-09 11:19 . 2012-09-09 11:22	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Phase6
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 16:13 . 2012-04-25 18:06	426184	----a-w-	c:\winxp\system32\FlashPlayerApp.exe
2012-08-15 16:13 . 2012-02-02 17:09	70344	----a-w-	c:\winxp\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2008-04-14 08:00	78336	----a-w-	c:\winxp\system32\browser.dll
2012-07-05 20:07 . 2009-09-20 09:09	143872	----a-w-	c:\winxp\system32\javacpl.cpl
2012-07-05 20:06 . 2012-07-20 12:09	772544	----a-w-	c:\winxp\system32\npDeployJava1.dll
2012-07-05 20:06 . 2010-05-14 07:25	687544	----a-w-	c:\winxp\system32\deployJava1.dll
2012-07-04 14:05 . 2009-07-30 21:17	139784	----a-w-	c:\winxp\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2009-03-11 11:01	1875200	----a-w-	c:\winxp\system32\win32k.sys
2012-07-03 15:00 . 2008-12-20 20:31	832512	----a-w-	c:\winxp\system32\wininet.dll
2012-07-03 15:00 . 2008-12-20 20:30	1830912	----a-w-	c:\winxp\system32\inetcpl.cpl
2012-07-03 15:00 . 2008-12-10 12:31	78336	----a-w-	c:\winxp\system32\ieencode.dll
2012-07-03 15:00 . 2008-12-10 12:31	17408	----a-w-	c:\winxp\system32\corpol.dll
2012-09-13 17:04 . 2012-09-13 17:04	266720	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\winxp\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\winxp\system32\drivers\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\winxp\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\winxp\system32\drivers\asyncmac.sys
.
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\winxp\system32\dllcache\beep.sys
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\winxp\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\winxp\system32\drivers\kbdclass.sys
.
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\winxp\system32\drivers\ndis.sys
.
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\winxp\system32\drivers\ntfs.sys
.
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\winxp\system32\dllcache\null.sys
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\winxp\system32\drivers\null.sys
.
[-] 2009-01-13 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\winxp\system32\dllcache\tcpip.sys
[-] 2009-01-13 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\winxp\system32\drivers\tcpip.sys
.
[-] 2012-07-06 . B2CC8D85D27BF10C5FAF5B98C335978E . 78336 . . [5.1.2600.6260] . . c:\winxp\system32\browser.dll
[-] 2012-07-06 . B2CC8D85D27BF10C5FAF5B98C335978E . 78336 . . [5.1.2600.6260] . . c:\winxp\system32\dllcache\browser.dll
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\winxp\$NtUninstallKB2705219$\browser.dll
.
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\winxp\system32\lsass.exe
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\winxp\system32\netman.dll
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\netman.dll
.
[-] 2008-04-14 08:00 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\winxp\system32\comres.dll
[-] 2008-04-14 08:00 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\winxp\system32\dllcache\comres.dll
.
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\winxp\system32\qmgr.dll
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\winxp\system32\dllcache\qmgr.dll
.
[-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\winxp\system32\rpcss.dll
[-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\winxp\system32\dllcache\rpcss.dll
[-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\winxp\$NtUninstallKB956572$\rpcss.dll
.
[-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\winxp\system32\services.exe
[-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\winxp\system32\dllcache\services.exe
[-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\winxp\$NtUninstallKB956572$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\winxp\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\winxp\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\winxp\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\winxp\$NtUninstallKB2347290$\spoolsv.exe
.
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\winxp\system32\winlogon.exe
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\winlogon.exe
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\winxp\system32\drivers\ipsec.sys
.
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\winxp\system32\comctl32.dll
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\winxp\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 2B6ADE29F8D00EEFA5FA2250CBE094AD . 1054208 . . [6.0] . . c:\winxp\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\winxp\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\winxp\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2008-04-14 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0] . . c:\winxp\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
.
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\winxp\system32\cryptsvc.dll
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\cryptsvc.dll
.
[-] 2008-12-10 13:31 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\winxp\system32\es.dll
[-] 2008-12-10 13:31 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\winxp\system32\dllcache\es.dll
.
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\winxp\system32\imm32.dll
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\imm32.dll
.
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\winxp\system32\kernel32.dll
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\winxp\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781] . . c:\winxp\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\winxp\$NtUninstallKB959426$\kernel32.dll
.
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\winxp\system32\linkinfo.dll
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\winxp\system32\lpk.dll
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\lpk.dll
.
[-] 2012-07-03 . 0D8BC7FFBA2E93F278D795D451675152 . 3618816 . . [7.00.6000.17112] . . c:\winxp\system32\mshtml.dll
[-] 2012-07-03 . 0D8BC7FFBA2E93F278D795D451675152 . 3618816 . . [7.00.6000.17112] . . c:\winxp\system32\dllcache\mshtml.dll
[-] 2012-07-03 . 18C6B7642C5C4D78DF00C05375CE7429 . 3620864 . . [7.00.6000.21314] . . c:\winxp\$hf_mig$\KB2722913-IE7\SP3QFE\mshtml.dll
[-] 2012-04-23 . 65674C3F0F90BDD6636A39EDCCF5D5B6 . 3618816 . . [7.00.6000.17110] . . c:\winxp\ie7updates\KB2722913-IE7\mshtml.dll
[-] 2012-04-23 . A56B9CF11527708705BBED3A835FE2CF . 3620864 . . [7.00.6000.21312] . . c:\winxp\$hf_mig$\KB2699988-IE7\SP3QFE\mshtml.dll
[-] 2012-03-01 . D0FB9423F94B7C932A3E353863972FD5 . 3616768 . . [7.00.6000.17109] . . c:\winxp\ie7updates\KB2699988-IE7\mshtml.dll
[-] 2012-03-01 . 3E1D28D159CED148726D2E7B6543DC5D . 3619328 . . [7.00.6000.21311] . . c:\winxp\$hf_mig$\KB2675157-IE7\SP3QFE\mshtml.dll
[-] 2011-12-19 . 5F6D9147BB32636511E1D691A4BA64D9 . 3616768 . . [7.00.6000.17108] . . c:\winxp\ie7updates\KB2675157-IE7\mshtml.dll
[-] 2011-12-19 . FF2F416EC804939371B2DF401C67A5FB . 3618816 . . [7.00.6000.21310] . . c:\winxp\$hf_mig$\KB2647516-IE7\SP3QFE\mshtml.dll
[-] 2011-11-04 . A9748CCF8B735D3834F57F0B48A89078 . 3616256 . . [7.00.6000.17107] . . c:\winxp\ie7updates\KB2647516-IE7\mshtml.dll
[-] 2011-11-04 . 429AEF742D0A4CD9C2F2C67A6AC2FB01 . 3618304 . . [7.00.6000.21309] . . c:\winxp\$hf_mig$\KB2618444-IE7\SP3QFE\mshtml.dll
[-] 2011-09-05 . 949BEBED3B69B4577D3B1FDA24D7FB3E . 3615744 . . [7.00.6000.17104] . . c:\winxp\ie7updates\KB2618444-IE7\mshtml.dll
[-] 2011-08-18 . 55C1F4E285A9A3776C060D82EBFCDEB0 . 3617792 . . [7.00.6000.21306] . . c:\winxp\$hf_mig$\KB2586448-IE7\SP3QFE\mshtml.dll
[-] 2011-07-22 . 4D5EA9CACBD06FA00B0EE0173F59156F . 3613696 . . [7.00.6000.17102] . . c:\winxp\ie7updates\KB2586448-IE7\mshtml.dll
[-] 2011-07-22 . 11CD2E4815B15EEDE64CFDCDD494E8C0 . 3615744 . . [7.00.6000.21305] . . c:\winxp\$hf_mig$\KB2559049-IE7\SP3QFE\mshtml.dll
[-] 2011-04-25 . E2F68B1B643A32B6D0C07386ECF8FC26 . 3608576 . . [7.00.6000.17098] . . c:\winxp\ie7updates\KB2559049-IE7\mshtml.dll
[-] 2011-04-25 . F8F9909B85B18C8BD480E3A433C3ADA7 . 3610624 . . [7.00.6000.21300] . . c:\winxp\$hf_mig$\KB2530548-IE7\SP3QFE\mshtml.dll
[-] 2011-02-17 . 7D09283AA1B4AAA7DEB8BB2504CBFB41 . 3609600 . . [7.00.6000.21299] . . c:\winxp\$hf_mig$\KB2497640-IE7\SP3QFE\mshtml.dll
[-] 2011-02-17 . F151C3361111788527C625BF68541FF5 . 3607040 . . [7.00.6000.17097] . . c:\winxp\ie7updates\KB2530548-IE7\mshtml.dll
[-] 2010-12-20 . 6BF883B318B70E8013ED5D2976DF5246 . 3609088 . . [7.00.6000.21297] . . c:\winxp\$hf_mig$\KB2482017-IE7\SP3QFE\mshtml.dll
[-] 2010-12-20 . 104C6D442D68D15633E7866BA8FD6AD8 . 3606528 . . [7.00.6000.17095] . . c:\winxp\ie7updates\KB2497640-IE7\mshtml.dll
[-] 2010-11-06 . DE049C4E531448E846E7C012763D530A . 3604480 . . [7.00.6000.17093] . . c:\winxp\ie7updates\KB2482017-IE7\mshtml.dll
[-] 2010-11-06 . 76BFB01D6DE3AB3C2CA13470DEAB4B93 . 3607040 . . [7.00.6000.21295] . . c:\winxp\$hf_mig$\KB2416400-IE7\SP3QFE\mshtml.dll
[-] 2010-09-09 . BCEE4AF10B40BF085203AA164D8D8193 . 3601920 . . [7.00.6000.17092] . . c:\winxp\ie7updates\KB2416400-IE7\mshtml.dll
[-] 2010-09-09 . A5261D5EFC95731992DC0640FCC49B6C . 3605504 . . [7.00.6000.21294] . . c:\winxp\$hf_mig$\KB2360131-IE7\SP3QFE\mshtml.dll
[-] 2010-06-24 . 118F0D56684A6114713E5B6D6C842133 . 3603968 . . [7.00.6000.21283] . . c:\winxp\$hf_mig$\KB2183461-IE7\SP3QFE\mshtml.dll
[-] 2010-06-24 . E1ED02EE84A8E8B31A344FCB2D626791 . 3600896 . . [7.00.6000.17080] . . c:\winxp\ie7updates\KB2360131-IE7\mshtml.dll
[-] 2010-05-04 . 56B556FFAC4A62C51D0DAF10F6B2B554 . 3600384 . . [7.00.6000.17063] . . c:\winxp\ie7updates\KB2183461-IE7\mshtml.dll
[-] 2010-05-04 . C302A90ED9202465BA99EB4A6534FF54 . 3603456 . . [7.00.6000.21264] . . c:\winxp\$hf_mig$\KB982381-IE7\SP3QFE\mshtml.dll
[-] 2010-03-11 . 49980F3384CFAF1E349A8CABE1C52D1B . 3599872 . . [7.00.6000.17023] . . c:\winxp\ie7updates\KB982381-IE7\mshtml.dll
[-] 2010-03-11 . 933BE33EA6098E87FAF092741166A4E7 . 3602944 . . [7.00.6000.21228] . . c:\winxp\$hf_mig$\KB980182-IE7\SP3QFE\mshtml.dll
[-] 2010-01-05 . EFA849C79A3EBBC028E5ABE1BFC0FA15 . 3599360 . . [7.00.6000.16981] . . c:\winxp\ie7updates\KB980182-IE7\mshtml.dll
[-] 2010-01-05 . FB09490E1D218772550A8A5823826677 . 3602944 . . [7.00.6000.21183] . . c:\winxp\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll
[-] 2009-10-29 . ECE8C5082CD8370BDAC3F6B7004A7A1A . 3598336 . . [7.00.6000.16945] . . c:\winxp\ie7updates\KB978207-IE7\mshtml.dll
[-] 2009-10-29 . 41080B245B3931133878A2B20ED48C1B . 3602432 . . [7.00.6000.21148] . . c:\winxp\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll
[-] 2009-10-21 . AFBD8339073CD05B2BBEB2089E2C9233 . 3598336 . . [7.00.6000.16939] . . c:\winxp\ie7updates\KB976325-IE7\mshtml.dll
[-] 2009-10-21 . 45F5209869362161862057955A323208 . 3602432 . . [7.00.6000.21142] . . c:\winxp\$hf_mig$\KB976749-IE7\SP3QFE\mshtml.dll
[-] 2009-08-29 . 66746BD88F71770815E12E6C6CAEF3EA . 3598336 . . [7.00.6000.16915] . . c:\winxp\ie7updates\KB976749-IE7\mshtml.dll
[-] 2009-08-29 . 3701C2F766865BEF9F5987E8AB95A6DA . 3600384 . . [7.00.6000.21115] . . c:\winxp\$hf_mig$\KB974455-IE7\SP3QFE\mshtml.dll
[-] 2009-07-19 . 7DB04886F1455D9057F54A51E5A7BB32 . 3597824 . . [7.00.6000.16890] . . c:\winxp\ie7updates\KB974455-IE7\mshtml.dll
[-] 2009-07-19 . B553564076B41EBEA822B968D7C71C47 . 3600384 . . [7.00.6000.21089] . . c:\winxp\$hf_mig$\KB972260-IE7\SP3QFE\mshtml.dll
[-] 2009-01-16 . A76EEDA793C9BFC0C1B8C5F3439D8A39 . 3594752 . . [7.00.6000.16809] . . c:\winxp\ie7updates\KB972260-IE7\mshtml.dll
[-] 2009-01-16 . B44AC6A49DA4A5BAA7AFEA0AA6E5B967 . 3596288 . . [7.00.6000.20996] . . c:\winxp\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[-] 2008-12-13 . E0825D1BC0F0C2B5CA434F7E9CCF10AE . 3594752 . . [7.00.6000.20973] . . c:\winxp\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[-] 2008-10-16 . C998B6D5E64E11CE8EA8BB22A51CA570 . 3595264 . . [7.00.6000.20935] . . c:\winxp\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
.
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\winxp\system32\msvcrt.dll
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\winxp\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\winxp\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\winxp\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
.
[-] 2009-01-13 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\winxp\system32\mswsock.dll
[-] 2009-01-13 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\winxp\system32\dllcache\mswsock.dll
.
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\winxp\system32\netlogon.dll
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\winxp\system32\powrprof.dll
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\winxp\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\winxp\system32\scecli.dll
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\winxp\system32\sfc.dll
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\winxp\system32\svchost.exe
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\winxp\system32\tapisrv.dll
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\winxp\system32\user32.dll
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\user32.dll
.
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\winxp\system32\userinit.exe
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\userinit.exe
.
[-] 2012-07-03 . 1C201ECB9209A04CDAA3CB95C1233EF6 . 832512 . . [7.00.6000.17112] . . c:\winxp\system32\wininet.dll
[-] 2012-07-03 . 1C201ECB9209A04CDAA3CB95C1233EF6 . 832512 . . [7.00.6000.17112] . . c:\winxp\system32\dllcache\wininet.dll
[-] 2012-07-03 . B790F7FA8470DB617B29D1A01C39E40E . 841216 . . [7.00.6000.21314] . . c:\winxp\$hf_mig$\KB2722913-IE7\SP3QFE\wininet.dll
[-] 2012-05-15 . B2FB8A88EBFDA2AF550CFFC1F25517AB . 832512 . . [7.00.6000.17111] . . c:\winxp\ie7updates\KB2722913-IE7\wininet.dll
[-] 2012-05-15 . E7EEB502B8C3057D96E1447BC851F565 . 841216 . . [7.00.6000.21313] . . c:\winxp\$hf_mig$\KB2699988-IE7\SP3QFE\wininet.dll
[-] 2012-03-01 . E6F509D60102B0ED953055AD293AB1F8 . 832512 . . [7.00.6000.17109] . . c:\winxp\ie7updates\KB2699988-IE7\wininet.dll
[-] 2012-03-01 . 4DA5AC13C9E635428FB690FA01107397 . 841216 . . [7.00.6000.21311] . . c:\winxp\$hf_mig$\KB2675157-IE7\SP3QFE\wininet.dll
[-] 2011-12-19 . 9D117DA0C01D2AA20A5F75DF188E83C7 . 832512 . . [7.00.6000.17108] . . c:\winxp\ie7updates\KB2675157-IE7\wininet.dll
[-] 2011-12-19 . D7C8B47B787A20C5B9FE88965392AF2F . 841216 . . [7.00.6000.21310] . . c:\winxp\$hf_mig$\KB2647516-IE7\SP3QFE\wininet.dll
[-] 2011-10-31 . 01BDE5984B35C367A3FDCC0EE8ED30E7 . 832512 . . [7.00.6000.17106] . . c:\winxp\ie7updates\KB2647516-IE7\wininet.dll
[-] 2011-10-31 . BB152F931473A871C8CB0F7040147D03 . 841216 . . [7.00.6000.21308] . . c:\winxp\$hf_mig$\KB2618444-IE7\SP3QFE\wininet.dll
[-] 2011-08-17 . AE55A628C1688AA66AE39D2B93BDE312 . 832512 . . [7.00.6000.17103] . . c:\winxp\ie7updates\KB2618444-IE7\wininet.dll
[-] 2011-08-17 . BADFC58ACD58FB83C7FB968FE2571154 . 841216 . . [7.00.6000.21306] . . c:\winxp\$hf_mig$\KB2586448-IE7\SP3QFE\wininet.dll
[-] 2011-06-21 . 0697B0F3FD198C5AF0876449789EB1D3 . 832512 . . [7.00.6000.17099] . . c:\winxp\ie7updates\KB2586448-IE7\wininet.dll
[-] 2011-06-21 . CA3F86FD98DBEF99E8CBB5C5EC533E4E . 841216 . . [7.00.6000.21302] . . c:\winxp\$hf_mig$\KB2559049-IE7\SP3QFE\wininet.dll
[-] 2011-04-25 . 36F92E2E8B0E6EBB02CC9EEEA2983C1E . 832512 . . [7.00.6000.17098] . . c:\winxp\ie7updates\KB2559049-IE7\wininet.dll
[-] 2011-04-25 . C843BCAFB1C22AF2399FD5AA92257D4D . 841216 . . [7.00.6000.21300] . . c:\winxp\$hf_mig$\KB2530548-IE7\SP3QFE\wininet.dll
[-] 2011-02-17 . 60A31B042CB6600EEB4357AFF19D345C . 841216 . . [7.00.6000.21298] . . c:\winxp\$hf_mig$\KB2497640-IE7\SP3QFE\wininet.dll
[-] 2011-02-17 . B699449B3CB14E5D553688814D19FF56 . 832512 . . [7.00.6000.17096] . . c:\winxp\ie7updates\KB2530548-IE7\wininet.dll
[-] 2010-12-20 . BD4C6C6694C20480599E75813C230EFC . 841216 . . [7.00.6000.21297] . . c:\winxp\$hf_mig$\KB2482017-IE7\SP3QFE\wininet.dll
[-] 2010-12-20 . A2D15AB60F75AA102ED5234CA80688AD . 832512 . . [7.00.6000.17095] . . c:\winxp\ie7updates\KB2497640-IE7\wininet.dll
[-] 2010-11-06 . A1A23A6C6DCA6B567106552475A65B79 . 832512 . . [7.00.6000.17093] . . c:\winxp\ie7updates\KB2482017-IE7\wininet.dll
[-] 2010-11-06 . 512A074E47388E9252B1ADE326317CE9 . 841216 . . [7.00.6000.21295] . . c:\winxp\$hf_mig$\KB2416400-IE7\SP3QFE\wininet.dll
[-] 2010-09-09 . 6BCB6C8396D75FA1676B65790EA17E4B . 832512 . . [7.00.6000.17091] . . c:\winxp\ie7updates\KB2416400-IE7\wininet.dll
[-] 2010-09-09 . 859559B2F2B9B437DD279AC7EA68BE40 . 841216 . . [7.00.6000.21293] . . c:\winxp\$hf_mig$\KB2360131-IE7\SP3QFE\wininet.dll
[-] 2010-06-24 . A85BA5BA928351CC7117123D53123384 . 841216 . . [7.00.6000.21283] . . c:\winxp\$hf_mig$\KB2183461-IE7\SP3QFE\wininet.dll
[-] 2010-06-24 . F35DCEC860FDB1F17DE7D543D182B169 . 832512 . . [7.00.6000.17080] . . c:\winxp\ie7updates\KB2360131-IE7\wininet.dll
[-] 2010-05-04 . 0AFFC00B24F30716688CF08ECFE377E9 . 832512 . . [7.00.6000.17055] . . c:\winxp\ie7updates\KB2183461-IE7\wininet.dll
[-] 2010-05-04 . 6A2F855F0D2A09216656153636080D1E . 841216 . . [7.00.6000.21256] . . c:\winxp\$hf_mig$\KB982381-IE7\SP3QFE\wininet.dll
[-] 2010-03-11 . 667D6FFC648739EB24931E9B2BC685D1 . 832512 . . [7.00.6000.17023] . . c:\winxp\ie7updates\KB982381-IE7\wininet.dll
[-] 2010-03-11 . A20419E3612073BB2B5707EDA26173E6 . 841216 . . [7.00.6000.21228] . . c:\winxp\$hf_mig$\KB980182-IE7\SP3QFE\wininet.dll
[-] 2010-01-05 . B0F874F81444643FCDA267033D630113 . 832512 . . [7.00.6000.16981] . . c:\winxp\ie7updates\KB980182-IE7\wininet.dll
[-] 2010-01-05 . C14A55B0286B5C2A910AEA3CE1DB7D76 . 841216 . . [7.00.6000.21183] . . c:\winxp\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
[-] 2009-10-29 . A20B2C09CCE24D136F0519323A3F7072 . 832512 . . [7.00.6000.16945] . . c:\winxp\ie7updates\KB978207-IE7\wininet.dll
[-] 2009-10-29 . 9B5D0E4E82FFC178D82206D93D89C71C . 841216 . . [7.00.6000.21148] . . c:\winxp\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
[-] 2009-08-29 . CB74316772D625807EF16F6701F2A25E . 832512 . . [7.00.6000.16915] . . c:\winxp\ie7updates\KB976325-IE7\wininet.dll
[-] 2009-08-29 . BA0DE4DD7959D0638EAD5B400294C416 . 840704 . . [7.00.6000.21115] . . c:\winxp\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll
[-] 2009-06-29 . 93552887262FEE6DD5D98E452FCD495A . 828928 . . [7.00.6000.21073] . . c:\winxp\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll
[-] 2009-06-29 . 90590032B6E9EF719F5E78FCD2AD2CBC . 827392 . . [7.00.6000.16876] . . c:\winxp\ie7updates\KB974455-IE7\wininet.dll
[-] 2008-12-20 . 2B5AE9ACD86E1B8B86D62E153DE130AB . 827904 . . [7.00.6000.20978] . . c:\winxp\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . C3D4047626F8CC8EC7DD7558FA5CC2E2 . 826368 . . [7.00.6000.16791] . . c:\winxp\ie7updates\KB972260-IE7\wininet.dll
[-] 2008-10-16 . 5A1F997EC096EF26F3A3880347F5F9D8 . 827904 . . [7.00.6000.20935] . . c:\winxp\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
.
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\winxp\system32\ws2_32.dll
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\winxp\system32\ws2help.dll
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\winxp\explorer.exe
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\winxp\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\winxp\regedit.exe
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\regedit.exe
.
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\winxp\system32\ole32.dll
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\winxp\system32\dllcache\ole32.dll
[-] 2011-11-01 . D684C601EC79D9543D50EB2DB124FE78 . 1289216 . . [5.1.2600.6168] . . c:\winxp\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[-] 2010-07-16 . B28AF7976F2D8109C0DC2CF2460BEDC2 . 1288192 . . [5.1.2600.6010] . . c:\winxp\$NtUninstallKB2624667$\ole32.dll
[-] 2010-07-16 . B3D7633CF83B09042A49810A7A72ADED . 1289216 . . [5.1.2600.6010] . . c:\winxp\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\winxp\$NtUninstallKB979687$\ole32.dll
.
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\winxp\system32\usp10.dll
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\winxp\system32\dllcache\usp10.dll
[-] 2010-04-16 . EB2AD9C7DADE6C63F5F933881BA2A430 . 406016 . . [1.0420.2600.5969] . . c:\winxp\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512] . . c:\winxp\$NtUninstallKB981322$\usp10.dll
.
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\winxp\system32\ksuser.dll
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\winxp\system32\dllcache\ksuser.dll
[-] 2002-12-11 23:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\winxp\Driver Cache\i386\ksuser.dll
[-] 2002-12-11 23:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\winxp\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll
.
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\winxp\system32\ctfmon.exe
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\ctfmon.exe
.
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\winxp\system32\shsvcs.dll
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\winxp\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 927666F4228E3FBBC3D1171581DC8BDC . 135680 . . [6.00.2900.5853] . . c:\winxp\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\winxp\$NtUninstallKB971029$\shsvcs.dll
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\winxp\system32\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\winxp\system32\wscntfy.exe
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\winxp\system32\xmlprov.dll
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\xmlprov.dll
.
[-] 2010-12-09 . 0314B25236E38383DACD4527C40156E8 . 743936 . . [5.1.2600.6055] . . c:\winxp\system32\ntdll.dll
[-] 2010-12-09 . 0314B25236E38383DACD4527C40156E8 . 743936 . . [5.1.2600.6055] . . c:\winxp\system32\dllcache\ntdll.dll
[-] 2009-02-09 . 06DA2C9091606174BFC6F46037AAFFF8 . 740864 . . [5.1.2600.5755] . . c:\winxp\$NtUninstallKB2393802$\ntdll.dll
[-] 2008-04-14 . 95092EFBE367A108ECDD5D6E439754C3 . 731648 . . [5.1.2600.5512] . . c:\winxp\$NtUninstallKB956572$\ntdll.dll
.
[-] 2008-04-14 . 275CAC40038A2643833B5F48FB474857 . 177152 . . [5.1.2600.5512] . . c:\winxp\system32\MSCTFIME.IME
[-] 2008-04-14 . 275CAC40038A2643833B5F48FB474857 . 177152 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\msctfime.ime
.
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\winxp\system32\eventlog.dll
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\eventlog.dll
.
[-] 2008-12-10 . 451D0981F4CCA5697307AF90D799BDC3 . 1571840 . . [5.1.2600.5512] . . c:\winxp\system32\sfcfiles.dll
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\winxp\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\winxp\system32\regsvc.dll
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\winxp\system32\schedsvc.dll
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\winxp\system32\ssdpsrv.dll
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\winxp\system32\termsrv.dll
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\winxp\system32\hnetcfg.dll
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\winxp\system32\appmgmts.dll
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\appmgmts.dll
.
[-] 2008-04-14 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\winxp\system32\drivers\acpiec.sys
.
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\winxp\system32\dllcache\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\winxp\system32\drivers\aec.sys
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\winxp\system32\drivers\ip6fw.sys
.
[-] 2010-09-18 07:18 . 4891FCDAE77486BFB56999AA217651FA . 953856 . . [4.1.6151] . . c:\winxp\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\winxp\system32\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\winxp\system32\dllcache\mfc40u.dll
[-] 2008-04-14 08:00 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\winxp\$NtUninstallKB2387149$\mfc40u.dll
.
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\winxp\system32\msgsvc.dll
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\msgsvc.dll
.
[-] 2008-12-10 12:34 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\winxp\system32\mspmsnsv.dll
[-] 2008-12-10 12:34 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\winxp\system32\dllcache\mspmsnsv.dll
.
[-] 2012-05-05 . 339D9DA45F631C9D9D7132D9F6957943 . 2071424 . . [5.1.2600.6223] . . c:\winxp\Driver Cache\i386\ntkrnlpa.exe
[-] 2012-05-05 . 339D9DA45F631C9D9D7132D9F6957943 . 2071424 . . [5.1.2600.6223] . . c:\winxp\system32\dllcache\ntkrnlpa.exe
[-] 2012-05-05 . 799F89B5B0EC9F50FACB86EF0980D7D4 . 2029056 . . [5.1.2600.6223] . . c:\winxp\system32\ntkrnlpa.exe
[-] 2012-04-11 . 46B3BCE46E8B653923336902B3E37CD9 . 2029056 . . [5.1.2600.6206] . . c:\winxp\$NtUninstallKB2707511$\ntkrnlpa.exe
[-] 2011-10-26 . C590EFC3F1321806DE6E35010AF3C3A3 . 2029568 . . [5.1.2600.6165] . . c:\winxp\$NtUninstallKB2676562$\ntkrnlpa.exe
[-] 2010-12-09 . 9122439BCD2C33005D2B8517951072BA . 2029568 . . [5.1.2600.6055] . . c:\winxp\$NtUninstallKB2633171$\ntkrnlpa.exe
[-] 2010-04-28 . 00D76FB3F37B6F518AD4B35870EEDA11 . 2027008 . . [5.1.2600.5973] . . c:\winxp\$NtUninstallKB2393802$\ntkrnlpa.exe
[-] 2010-02-16 . B67C606F81D5CBABB726E9BA72155A12 . 2027008 . . [5.1.2600.5938] . . c:\winxp\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2009-12-09 . 18960B823BC2D7BBA2572474F33A4A32 . 2026496 . . [5.1.2600.5913] . . c:\winxp\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-08-04 . 62B72D48C8258D549368A6E1C588C04F . 2026496 . . [5.1.2600.5857] . . c:\winxp\$NtUninstallKB977165$\ntkrnlpa.exe
[-] 2009-02-09 . 1706F0E8187D00374AB511255DF57A8A . 2026496 . . [5.1.2600.5755] . . c:\winxp\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2008-12-10 . 898647EBE4276EB8032FCE2F2684D336 . 2026496 . . [5.1.2600.5657] . . c:\winxp\$NtUninstallKB956572$\ntkrnlpa.exe
.
[-] 2008-04-14 08:00 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\winxp\system32\ntmssvc.dll
[-] 2008-04-14 08:00 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\winxp\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\winxp\system32\upnphost.dll
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\winxp\system32\dsound.dll
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\winxp\system32\dllcache\dsound.dll
[-] 2004-07-09 03:27 . 033A45AB696EEF481707C2808C806E1A . 381952 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\winxp\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
.
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\winxp\system32\d3d9.dll
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\winxp\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\winxp\system32\ddraw.dll
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\winxp\system32\dllcache\ddraw.dll
[-] 2004-07-09 03:27 . 90114704C17A581DA1BAE029F20932BE . 292864 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\winxp\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
.
[-] 2008-04-14 08:00 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\winxp\system32\olepro32.dll
[-] 2008-04-14 08:00 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\winxp\system32\perfctrs.dll
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\winxp\system32\version.dll
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\version.dll
.
[-] 2012-05-05 . C11516E90F6D8C45329A070429392A04 . 2194944 . . [5.1.2600.6223] . . c:\winxp\Driver Cache\i386\ntoskrnl.exe
[-] 2012-05-05 . C11516E90F6D8C45329A070429392A04 . 2194944 . . [5.1.2600.6223] . . c:\winxp\system32\dllcache\ntoskrnl.exe
[-] 2012-05-05 . 3639591A520E01C9B5BD5CFE8425E3F7 . 2150912 . . [5.1.2600.6223] . . c:\winxp\system32\ntoskrnl.exe
[-] 2012-04-11 . 0BD774633FC348DBBA523C491147C8FF . 2150912 . . [5.1.2600.6206] . . c:\winxp\$NtUninstallKB2707511$\ntoskrnl.exe
[-] 2011-10-26 . 97E1B7646C8C97911182C41A3938C91E . 2151424 . . [5.1.2600.6165] . . c:\winxp\$NtUninstallKB2676562$\ntoskrnl.exe
[-] 2010-12-09 . 4A6397DFC9478287F7E90E74A2D01D83 . 2151424 . . [5.1.2600.6055] . . c:\winxp\$NtUninstallKB2633171$\ntoskrnl.exe
[-] 2010-04-28 . D8373D889A3CB2CEFF6C379B5CE06F20 . 2148864 . . [5.1.2600.5973] . . c:\winxp\$NtUninstallKB2393802$\ntoskrnl.exe
[-] 2010-02-16 . 6069B947757F1C94D658B82E1C04A4AA . 2148864 . . [5.1.2600.5938] . . c:\winxp\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2009-12-09 . 34A490C64787146BEB3E2F83D0D1BF68 . 2147840 . . [5.1.2600.5913] . . c:\winxp\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-08-04 . 93A4F3DB55BB347B434E9D3310F701AD . 2147840 . . [5.1.2600.5857] . . c:\winxp\$NtUninstallKB977165$\ntoskrnl.exe
[-] 2009-02-09 . DDE9C672CA6CF1046C1D99031B8B7BDF . 2147840 . . [5.1.2600.5755] . . c:\winxp\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2008-12-10 . 0F4406A09190AEED362C9141281130E2 . 2147840 . . [5.1.2600.5657] . . c:\winxp\$NtUninstallKB956572$\ntoskrnl.exe
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\winxp\system32\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\winxp\system32\w32time.dll
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\winxp\system32\wiaservc.dll
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\winxp\system32\midimap.dll
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\winxp\system32\rasadhlp.dll
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\rasadhlp.dll
.
[-] 2008-04-14 . 02AF8A799D173C2D0C71F399C03AC9E1 . 19456 . . [5.1.2600.5512] . . c:\winxp\system32\wshtcpip.dll
[-] 2008-04-14 . 02AF8A799D173C2D0C71F399C03AC9E1 . 19456 . . [5.1.2600.5512] . . c:\winxp\system32\dllcache\wshtcpip.dll
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-07-02 18665472]
"nwiz"="c:\programme\NVIDIA Corporation\nView\nwiz.exe" [2009-07-08 1657376]
"NvCplDaemon"="c:\winxp\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\winxp\system32\NvMcTray.dll" [2009-07-14 86016]
"LiveMonitor"="c:\programme\MSI\Live Update 3\LMonitor.exe" [2008-03-14 498176]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2008-03-28 413696]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"EEventManager"="c:\programme\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"GrooveMonitor"="c:\programme\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"DWQueuedReporting"="c:\progra~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-01-17 252296]
"LogMeIn Hamachi Ui"="g:\spiele neu\Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
"emsisoft anti-malware"="c:\programme\Emsisoft Anti-Malware\a2guard.exe" [2012-09-19 3363240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"DeleteOnReboot"="c:\winxp\DeleteOnReboot.bat" [2012-09-27 128]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
McAfee Security Scan Plus.lnk - c:\programme\McAfee Security Scan\3.0.229\SSScheduler.exe [2011-9-20 272528]
phase-6 Reminder.lnk - c:\dokumente und einstellungen\Administrator\Eigene Dateien\phase 6\phase-6\reminder\reminder.exe [N/A]
WinZip Quick Pick.lnk - g:\spiele neu\WZQKPICK32.EXE [2012-4-27 603536]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\SiSoftware\\SiSoftware Sandra Lite 2009.SP3c\\RpcAgentSrv.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programme\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programme\\VideoLAN\\VLC\\vlc.exe"=
"g:\\Spiele neu\\HERR DER RINGE\\game.dat"=
"g:\\Spiele neu\\HEXENKÖNIG\\game.dat"=
"g:\\Spiele neu\\forged alliance\\Supreme Commander - Forged Alliance\\bin\\ForgedAlliance.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Stardock Games\\Demigod\\bin\\Demigod.exe"=
"c:\\Programme\\Epson Software\\Event Manager\\EEventManager.exe"=
"g:\\Spiele alt\\Supreme Commander\\bin\\SupremeCommander.exe"=
"c:\\Programme\\ICQ7.2\\ICQ.exe"=
"c:\\Programme\\ICQ7.2\\aolload.exe"=
"c:\\Programme\\Pando Networks\\Media Booster\\PMB.exe"=
"g:\\Spiele neu\\call of D\\Steam.exe"=
"g:\\Spiele neu\\call of D\\SteamApps\\common\\call of duty black ops\\BlackOps.exe"=
"g:\\Spiele neu\\call of D\\SteamApps\\common\\call of duty black ops\\BlackOpsMP.exe"=
"c:\\Programme\\LucasArts\\Star Wars Empire at War\\GameData\\sweaw.exe"=
"g:\\Spiele neu\\NapkinRace\\NapkinRace.exe"=
"c:\\WINXP\\system32\\msiexec.exe"=
"c:\\Programme\\SiSoftware\\SiSoftware Sandra Lite 2009.SP3c\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Programme\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"c:\\Programme\\Java\\jre6\\bin\\javaw.exe"=
"g:\\Spiele neu\\call of D\\SteamApps\\common\\ava\\REACTOR.exe"=
"c:\\Programme\\Java\\jre7\\bin\\java.exe"=
"c:\\Programme\\Java\\jre7\\bin\\javaw.exe"=
"g:\\Spiele neu\\call of D\\SteamApps\\common\\MicroVolts\\Launcher.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58671:TCP"= 58671:TCP:Pando Media Booster
"58671:UDP"= 58671:UDP:Pando Media Booster
"25566:TCP"= 25566:TCP:Bukkit
"25567:TCP"= 25567:TCP:Minecraft Server
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R2 a2AntiMalware;Emsisoft Anti-Malware 6.6 - Service;c:\programme\Emsisoft Anti-Malware\a2service.exe [x]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [x]
R2 FsUsbExService;FsUsbExService;c:\winxp\system32\FsUsbExService.Exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;g:\spiele neu\Hamachi\hamachi-2.exe [x]
R2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [x]
R3 a2acc;a2acc;c:\programme\EMSISOFT ANTI-MALWARE\a2accx86.sys [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\winxp\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 Ambfilt;Ambfilt;c:\winxp\system32\drivers\Ambfilt.sys [x]
R3 DualCoreCenter;DualCoreCenter;c:\programme\MSI\DualCoreCenter\NTGLM7X.sys [x]
R3 FLASHSYS;FLASHSYS;c:\winxp\System32\Drivers\FLASHSYS.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\winxp\system32\FsUsbExDisk.SYS [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\programme\McAfee Security Scan\3.0.229\McCHSvc.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice_tmp.exe [x]
R3 RushTopDevice2;RushTopDevice2;c:\programme\MSI\DualCoreCenter\RushTop.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\winxp\system32\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\winxp\system32\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\winxp\system32\DRIVERS\ss_bmdm.sys [x]
R3 WEBNTACCESS;WEBNTACCESS;c:\winxp\system32\NTACCESS.SYS [x]
R3 XDva398;XDva398;c:\winxp\system32\XDva398.sys [x]
R3 XDva399;XDva399;c:\winxp\system32\XDva399.sys [x]
R4 sptd;sptd;c:\winxp\System32\Drivers\sptd.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-18 c:\winxp\Tasks\Adobe Flash Player Updater.job
- c:\winxp\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-25 16:13]
.
2011-11-03 c:\winxp\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = 
mStart Page = hxxp://www.google.com
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 83.169.184.225 83.169.184.161 192.168.1.1
FF - ProfilePath - c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\buysoypq.default\
.
.
------- Dateityp-Verknüpfung -------
.
.txt=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{95525BD9-6136-4A26-8263-9CEE295D442D} - c:\programme\4Shared Toolbar\4sharedExt32.dll
ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - c:\programme\4Sync\ShellExt.dll
ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - c:\programme\4Sync\ShellExt.dll
ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - c:\programme\4Sync\ShellExt.dll
ShellIconOverlayIdentifiers-{CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} - c:\programme\4Sync\ShellExt.dll
HKLM-Run-NBKeyScan - c:\programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
HKLM-Run-NPSStartup - (no file)
AddRemove-ArcSoft PhotoBase - c:\winxp\IsUn0407.exe
AddRemove-ArcSoft PhotoStudio 2000 - c:\winxp\IsUn0407.exe
AddRemove-Uninstall_is1 - c:\programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe
AddRemove-{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406} - c:\dokumente und einstellungen\All Users\Anwendungsdaten\{B49A644A-1076-4A3D-B124-DAA7862F2318}\iLividSetupV1.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-09-28 21:53
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-28  21:55:44
ComboFix-quarantined-files.txt  2012-09-28 19:55
.
Vor Suchlauf: 761.851.904 Bytes frei
Nach Suchlauf: 1.005.338.624 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINXP
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINXP="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 50AEA0706920804D0DB1CDE9BF0AE1F3

--- --- ---

markusg · 29.09.2012, 18:55

download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

platinman · 30.09.2012, 19:48

TDSS Killer Log:

Zitat:

20:45:59.0984 0468 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:46:00.0250 0468 ============================================================
20:46:00.0250 0468 Current date / time: 2012/09/30 20:46:00.0250
20:46:00.0250 0468 SystemInfo:
20:46:00.0250 0468
20:46:00.0250 0468 OS Version: 5.1.2600 ServicePack: 3.0
20:46:00.0250 0468 Product type: Workstation
20:46:00.0250 0468 ComputerName: BIE
20:46:00.0250 0468 UserName: Administrator
20:46:00.0250 0468 Windows directory: C:\WINXP
20:46:00.0250 0468 System windows directory: C:\WINXP
20:46:00.0250 0468 Processor architecture: Intel x86
20:46:00.0250 0468 Number of processors: 2
20:46:00.0250 0468 Page size: 0x1000
20:46:00.0250 0468 Boot type: Safe boot with network
20:46:00.0250 0468 ============================================================
20:46:01.0218 0468 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:46:01.0218 0468 ============================================================
20:46:01.0218 0468 \Device\Harddisk0\DR0:
20:46:01.0218 0468 MBR partitions:
20:46:01.0218 0468 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
20:46:01.0218 0468 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0x1869E559
20:46:01.0234 0468 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E845F3D, BlocksNum 0x1BB3AE43
20:46:01.0234 0468 ============================================================
20:46:01.0265 0468 C: <-> \Device\Harddisk0\DR0\Partition1
20:46:01.0328 0468 G: <-> \Device\Harddisk0\DR0\Partition3
20:46:01.0359 0468 D: <-> \Device\Harddisk0\DR0\Partition2
20:46:01.0359 0468 ============================================================
20:46:01.0359 0468 Initialize success
20:46:01.0359 0468 ============================================================
20:46:30.0406 1820 ============================================================
20:46:30.0406 1820 Scan started
20:46:30.0406 1820 Mode: Manual; SigCheck; TDLFS;
20:46:30.0406 1820 ============================================================
20:46:31.0125 1820 ================ Scan system memory ========================
20:46:31.0125 1820 System memory - ok
20:46:31.0125 1820 ================ Scan services =============================
20:46:31.0250 1820 [ A8A4E18857CDFD8D9AB81E2C9EAF89B5 ] a2acc C:\PROGRAMME\EMSISOFT ANTI-MALWARE\a2accx86.sys
20:46:31.0343 1820 a2acc - ok
20:46:31.0406 1820 [ EF54559757DFB88CADACC095B83173DE ] a2AntiMalware C:\Programme\Emsisoft Anti-Malware\a2service.exe
20:46:31.0484 1820 a2AntiMalware - ok
20:46:31.0593 1820 Abiosdsk - ok
20:46:31.0593 1820 abp480n5 - ok
20:46:31.0640 1820 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINXP\system32\DRIVERS\ACPI.sys
20:46:31.0703 1820 ACPI ( UnsignedFile.Multi.Generic ) - warning
20:46:31.0703 1820 ACPI - detected UnsignedFile.Multi.Generic (1)
20:46:31.0734 1820 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINXP\system32\drivers\ACPIEC.sys
20:46:31.0750 1820 ACPIEC ( UnsignedFile.Multi.Generic ) - warning
20:46:31.0750 1820 ACPIEC - detected UnsignedFile.Multi.Generic (1)
20:46:31.0812 1820 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:46:31.0828 1820 AdobeFlashPlayerUpdateSvc - ok
20:46:31.0828 1820 adpu160m - ok
20:46:31.0875 1820 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINXP\system32\drivers\aec.sys
20:46:31.0890 1820 aec ( UnsignedFile.Multi.Generic ) - warning
20:46:31.0890 1820 aec - detected UnsignedFile.Multi.Generic (1)
20:46:31.0921 1820 [ F6B7B1ECD7B41736BDB6FF4B092BCB79 ] AFD C:\WINXP\System32\drivers\afd.sys
20:46:31.0921 1820 AFD ( UnsignedFile.Multi.Generic ) - warning
20:46:31.0921 1820 AFD - detected UnsignedFile.Multi.Generic (1)
20:46:31.0921 1820 Aha154x - ok
20:46:31.0937 1820 aic78u2 - ok
20:46:31.0953 1820 aic78xx - ok
20:46:32.0000 1820 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINXP\system32\alrsvc.dll
20:46:32.0000 1820 Alerter ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0000 1820 Alerter - detected UnsignedFile.Multi.Generic (1)
20:46:32.0031 1820 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINXP\System32\alg.exe
20:46:32.0031 1820 ALG ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0031 1820 ALG - detected UnsignedFile.Multi.Generic (1)
20:46:32.0031 1820 AliIde - ok
20:46:32.0078 1820 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt C:\WINXP\system32\drivers\Ambfilt.sys
20:46:32.0109 1820 Ambfilt ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0109 1820 Ambfilt - detected UnsignedFile.Multi.Generic (1)
20:46:32.0125 1820 amsint - ok
20:46:32.0187 1820 [ 9015BC03F62940527EC92D45EE89E46F ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
20:46:32.0187 1820 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0187 1820 AntiVirSchedulerService - detected UnsignedFile.Multi.Generic (1)
20:46:32.0218 1820 [ B8720A787C1223492E6F319465E996CE ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:46:32.0218 1820 AntiVirService ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0218 1820 AntiVirService - detected UnsignedFile.Multi.Generic (1)
20:46:32.0296 1820 [ 1961CB10BB48EB4D97E37DB6373E9E63 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
20:46:32.0296 1820 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0296 1820 Apple Mobile Device - detected UnsignedFile.Multi.Generic (1)
20:46:32.0312 1820 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINXP\System32\appmgmts.dll
20:46:32.0312 1820 AppMgmt ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0312 1820 AppMgmt - detected UnsignedFile.Multi.Generic (1)
20:46:32.0328 1820 asc - ok
20:46:32.0343 1820 asc3350p - ok
20:46:32.0359 1820 asc3550 - ok
20:46:32.0453 1820 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:46:32.0453 1820 aspnet_state - ok
20:46:32.0484 1820 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINXP\system32\DRIVERS\asyncmac.sys
20:46:32.0484 1820 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0484 1820 AsyncMac - detected UnsignedFile.Multi.Generic (1)
20:46:32.0515 1820 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINXP\system32\DRIVERS\atapi.sys
20:46:32.0515 1820 atapi ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0515 1820 atapi - detected UnsignedFile.Multi.Generic (1)
20:46:32.0531 1820 Atdisk - ok
20:46:32.0546 1820 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINXP\system32\DRIVERS\atmarpc.sys
20:46:32.0546 1820 Atmarpc ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0546 1820 Atmarpc - detected UnsignedFile.Multi.Generic (1)
20:46:32.0578 1820 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINXP\System32\audiosrv.dll
20:46:32.0578 1820 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0578 1820 AudioSrv - detected UnsignedFile.Multi.Generic (1)
20:46:32.0609 1820 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINXP\system32\DRIVERS\audstub.sys
20:46:32.0609 1820 audstub ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0609 1820 audstub - detected UnsignedFile.Multi.Generic (1)
20:46:32.0625 1820 [ 0B497C79824F8E1BF22FA6AACD3DE3A0 ] avgio C:\Programme\Avira\AntiVir Desktop\avgio.sys
20:46:32.0640 1820 avgio - ok
20:46:32.0656 1820 [ 14FE36D8F2C6A2435275338D061A0B66 ] avgntflt C:\WINXP\system32\DRIVERS\avgntflt.sys
20:46:32.0656 1820 avgntflt - ok
20:46:32.0671 1820 [ 6D52060B59E7D79CD2A044B6ADD1F1EF ] avipbb C:\WINXP\system32\DRIVERS\avipbb.sys
20:46:32.0687 1820 avipbb - ok
20:46:32.0718 1820 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINXP\system32\drivers\Beep.sys
20:46:32.0718 1820 Beep ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0718 1820 Beep - detected UnsignedFile.Multi.Generic (1)
20:46:32.0750 1820 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINXP\system32\qmgr.dll
20:46:32.0750 1820 BITS ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0750 1820 BITS - detected UnsignedFile.Multi.Generic (1)
20:46:32.0781 1820 [ B2CC8D85D27BF10C5FAF5B98C335978E ] Browser C:\WINXP\System32\browser.dll
20:46:32.0781 1820 Browser ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0781 1820 Browser - detected UnsignedFile.Multi.Generic (1)
20:46:32.0859 1820 catchme - ok
20:46:32.0875 1820 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINXP\system32\drivers\cbidf2k.sys
20:46:32.0875 1820 cbidf2k ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0875 1820 cbidf2k - detected UnsignedFile.Multi.Generic (1)
20:46:32.0875 1820 cd20xrnt - ok
20:46:32.0890 1820 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINXP\system32\drivers\Cdaudio.sys
20:46:32.0906 1820 Cdaudio ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0906 1820 Cdaudio - detected UnsignedFile.Multi.Generic (1)
20:46:32.0906 1820 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINXP\system32\drivers\Cdfs.sys
20:46:32.0921 1820 Cdfs ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0921 1820 Cdfs - detected UnsignedFile.Multi.Generic (1)
20:46:32.0937 1820 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINXP\system32\DRIVERS\cdrom.sys
20:46:32.0953 1820 Cdrom ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0953 1820 Cdrom - detected UnsignedFile.Multi.Generic (1)
20:46:32.0953 1820 Changer - ok
20:46:32.0984 1820 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINXP\system32\cisvc.exe
20:46:32.0984 1820 CiSvc ( UnsignedFile.Multi.Generic ) - warning
20:46:32.0984 1820 CiSvc - detected UnsignedFile.Multi.Generic (1)
20:46:33.0000 1820 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINXP\system32\clipsrv.exe
20:46:33.0000 1820 ClipSrv ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0000 1820 ClipSrv - detected UnsignedFile.Multi.Generic (1)
20:46:33.0046 1820 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:46:33.0046 1820 clr_optimization_v2.0.50727_32 - ok
20:46:33.0062 1820 CmdIde - ok
20:46:33.0078 1820 COMSysApp - ok
20:46:33.0109 1820 Cpqarray - ok
20:46:33.0125 1820 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINXP\System32\cryptsvc.dll
20:46:33.0125 1820 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0125 1820 CryptSvc - detected UnsignedFile.Multi.Generic (1)
20:46:33.0140 1820 dac2w2k - ok
20:46:33.0140 1820 dac960nt - ok
20:46:33.0187 1820 [ D3D765E8455A961AE567B408F767D4F9 ] DcomLaunch C:\WINXP\system32\rpcss.dll
20:46:33.0203 1820 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0203 1820 DcomLaunch - detected UnsignedFile.Multi.Generic (1)
20:46:33.0203 1820 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINXP\System32\dhcpcsvc.dll
20:46:33.0218 1820 Dhcp ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0218 1820 Dhcp - detected UnsignedFile.Multi.Generic (1)
20:46:33.0218 1820 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINXP\system32\DRIVERS\disk.sys
20:46:33.0234 1820 Disk ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0234 1820 Disk - detected UnsignedFile.Multi.Generic (1)
20:46:33.0234 1820 dmadmin - ok
20:46:33.0296 1820 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINXP\system32\drivers\dmboot.sys
20:46:33.0296 1820 dmboot ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0296 1820 dmboot - detected UnsignedFile.Multi.Generic (1)
20:46:33.0312 1820 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINXP\system32\drivers\dmio.sys
20:46:33.0312 1820 dmio ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0312 1820 dmio - detected UnsignedFile.Multi.Generic (1)
20:46:33.0328 1820 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINXP\system32\drivers\dmload.sys
20:46:33.0328 1820 dmload ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0328 1820 dmload - detected UnsignedFile.Multi.Generic (1)
20:46:33.0359 1820 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINXP\System32\dmserver.dll
20:46:33.0359 1820 dmserver ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0359 1820 dmserver - detected UnsignedFile.Multi.Generic (1)
20:46:33.0375 1820 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINXP\system32\drivers\DMusic.sys
20:46:33.0390 1820 DMusic ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0390 1820 DMusic - detected UnsignedFile.Multi.Generic (1)
20:46:33.0406 1820 [ 4548494812BA3B416D489E0C6AF8D643 ] Dnscache C:\WINXP\System32\dnsrslvr.dll
20:46:33.0421 1820 Dnscache ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0421 1820 Dnscache - detected UnsignedFile.Multi.Generic (1)
20:46:33.0437 1820 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINXP\System32\dot3svc.dll
20:46:33.0437 1820 Dot3svc ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0437 1820 Dot3svc - detected UnsignedFile.Multi.Generic (1)
20:46:33.0437 1820 dpti2o - ok
20:46:33.0453 1820 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINXP\system32\drivers\drmkaud.sys
20:46:33.0453 1820 drmkaud ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0453 1820 drmkaud - detected UnsignedFile.Multi.Generic (1)
20:46:33.0500 1820 DualCoreCenter - ok
20:46:33.0515 1820 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINXP\System32\eapsvc.dll
20:46:33.0531 1820 EapHost ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0531 1820 EapHost - detected UnsignedFile.Multi.Generic (1)
20:46:33.0546 1820 [ 178CC9403816C082D22A1D47FA1F9C85 ] ElbyCDIO C:\WINXP\system32\Drivers\ElbyCDIO.sys
20:46:33.0546 1820 ElbyCDIO - ok
20:46:33.0562 1820 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINXP\System32\ersvc.dll
20:46:33.0562 1820 ERSvc ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0562 1820 ERSvc - detected UnsignedFile.Multi.Generic (1)
20:46:33.0593 1820 [ F0A7D59AF279326528715B206669B86C ] Eventlog C:\WINXP\system32\services.exe
20:46:33.0593 1820 Eventlog ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0593 1820 Eventlog - detected UnsignedFile.Multi.Generic (1)
20:46:33.0625 1820 [ ADA7241C16F3F42C7F210539FAD5F3AA ] EventSystem C:\WINXP\system32\es.dll
20:46:33.0625 1820 EventSystem ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0625 1820 EventSystem - detected UnsignedFile.Multi.Generic (1)
20:46:33.0640 1820 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINXP\system32\drivers\Fastfat.sys
20:46:33.0640 1820 Fastfat ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0640 1820 Fastfat - detected UnsignedFile.Multi.Generic (1)
20:46:33.0671 1820 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINXP\System32\shsvcs.dll
20:46:33.0687 1820 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0687 1820 FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
20:46:33.0687 1820 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINXP\system32\drivers\Fdc.sys
20:46:33.0687 1820 Fdc ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0687 1820 Fdc - detected UnsignedFile.Multi.Generic (1)
20:46:33.0734 1820 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINXP\system32\drivers\Fips.sys
20:46:33.0734 1820 Fips ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0734 1820 Fips - detected UnsignedFile.Multi.Generic (1)
20:46:33.0750 1820 [ D3D9311624EDD435F42CDA7EAA0A6AED ] FLASHSYS C:\WINXP\System32\Drivers\FLASHSYS.sys
20:46:33.0750 1820 FLASHSYS ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0750 1820 FLASHSYS - detected UnsignedFile.Multi.Generic (1)
20:46:33.0765 1820 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINXP\system32\drivers\Flpydisk.sys
20:46:33.0781 1820 Flpydisk ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0781 1820 Flpydisk - detected UnsignedFile.Multi.Generic (1)
20:46:33.0812 1820 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINXP\system32\DRIVERS\fltMgr.sys
20:46:33.0812 1820 FltMgr ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0812 1820 FltMgr - detected UnsignedFile.Multi.Generic (1)
20:46:33.0859 1820 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINXP\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:46:33.0875 1820 FontCache3.0.0.0 - ok
20:46:33.0906 1820 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\WINXP\system32\FsUsbExDisk.SYS
20:46:33.0906 1820 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0906 1820 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
20:46:33.0937 1820 [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService C:\WINXP\system32\FsUsbExService.Exe
20:46:33.0953 1820 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0953 1820 FsUsbExService - detected UnsignedFile.Multi.Generic (1)
20:46:33.0984 1820 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINXP\system32\drivers\Fs_Rec.sys
20:46:33.0984 1820 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
20:46:33.0984 1820 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
20:46:33.0984 1820 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINXP\system32\DRIVERS\ftdisk.sys
20:46:34.0000 1820 Ftdisk ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0000 1820 Ftdisk - detected UnsignedFile.Multi.Generic (1)
20:46:34.0015 1820 [ 5DC17164F66380CBFEFD895C18467773 ] GEARAspiWDM C:\WINXP\system32\Drivers\GEARAspiWDM.sys
20:46:34.0015 1820 GEARAspiWDM - ok
20:46:34.0031 1820 GMSIPCI - ok
20:46:34.0062 1820 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINXP\system32\DRIVERS\msgpc.sys
20:46:34.0062 1820 Gpc ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0062 1820 Gpc - detected UnsignedFile.Multi.Generic (1)
20:46:34.0093 1820 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINXP\system32\DRIVERS\hamachi.sys
20:46:34.0093 1820 hamachi - ok
20:46:34.0265 1820 [ DA1B48FDE74125128D0D846A3701D344 ] Hamachi2Svc G:\Spiele neu\Hamachi\hamachi-2.exe
20:46:34.0296 1820 Hamachi2Svc - ok
20:46:34.0343 1820 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINXP\system32\DRIVERS\HDAudBus.sys
20:46:34.0343 1820 HDAudBus ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0343 1820 HDAudBus - detected UnsignedFile.Multi.Generic (1)
20:46:34.0359 1820 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:46:34.0375 1820 helpsvc ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0375 1820 helpsvc - detected UnsignedFile.Multi.Generic (1)
20:46:34.0406 1820 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINXP\System32\hidserv.dll
20:46:34.0406 1820 HidServ ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0406 1820 HidServ - detected UnsignedFile.Multi.Generic (1)
20:46:34.0406 1820 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINXP\system32\DRIVERS\hidusb.sys
20:46:34.0421 1820 hidusb ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0421 1820 hidusb - detected UnsignedFile.Multi.Generic (1)
20:46:34.0453 1820 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINXP\System32\kmsvc.dll
20:46:34.0453 1820 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0453 1820 hkmsvc - detected UnsignedFile.Multi.Generic (1)
20:46:34.0468 1820 hpn - ok
20:46:34.0515 1820 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINXP\system32\Drivers\HTTP.sys
20:46:34.0531 1820 HTTP ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0531 1820 HTTP - detected UnsignedFile.Multi.Generic (1)
20:46:34.0546 1820 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINXP\System32\w3ssl.dll
20:46:34.0546 1820 HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0546 1820 HTTPFilter - detected UnsignedFile.Multi.Generic (1)
20:46:34.0562 1820 i2omgmt - ok
20:46:34.0578 1820 i2omp - ok
20:46:34.0625 1820 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINXP\system32\DRIVERS\i8042prt.sys
20:46:34.0625 1820 i8042prt ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0625 1820 i8042prt - detected UnsignedFile.Multi.Generic (1)
20:46:34.0671 1820 [ B1A28FA1AFDE10B95FF9354B15701D70 ] ICQ Service C:\Programme\ICQ6Toolbar\ICQ Service.exe
20:46:34.0671 1820 ICQ Service - ok
20:46:34.0734 1820 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:46:34.0765 1820 idsvc - ok
20:46:34.0828 1820 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINXP\system32\DRIVERS\imapi.sys
20:46:34.0828 1820 Imapi ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0828 1820 Imapi - detected UnsignedFile.Multi.Generic (1)
20:46:34.0859 1820 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINXP\system32\imapi.exe
20:46:34.0859 1820 ImapiService ( UnsignedFile.Multi.Generic ) - warning
20:46:34.0859 1820 ImapiService - detected UnsignedFile.Multi.Generic (1)
20:46:34.0875 1820 ini910u - ok
20:46:35.0000 1820 [ AA5EEFCDB0869D45560FAB917316645A ] IntcAzAudAddService C:\WINXP\system32\drivers\RtkHDAud.sys
20:46:35.0125 1820 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0125 1820 IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
20:46:35.0125 1820 IntelIde - ok
20:46:35.0156 1820 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINXP\system32\DRIVERS\intelppm.sys
20:46:35.0156 1820 intelppm ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0156 1820 intelppm - detected UnsignedFile.Multi.Generic (1)
20:46:35.0171 1820 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINXP\system32\DRIVERS\Ip6Fw.sys
20:46:35.0171 1820 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0171 1820 Ip6Fw - detected UnsignedFile.Multi.Generic (1)
20:46:35.0218 1820 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINXP\system32\DRIVERS\ipfltdrv.sys
20:46:35.0218 1820 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0218 1820 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
20:46:35.0234 1820 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINXP\system32\DRIVERS\ipinip.sys
20:46:35.0234 1820 IpInIp ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0234 1820 IpInIp - detected UnsignedFile.Multi.Generic (1)
20:46:35.0250 1820 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINXP\system32\DRIVERS\ipnat.sys
20:46:35.0265 1820 IpNat ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0265 1820 IpNat - detected UnsignedFile.Multi.Generic (1)
20:46:35.0296 1820 [ 1CB96E83FD76EB5580451CEF29E24303 ] iPod Service C:\Programme\iPod\bin\iPodService.exe
20:46:35.0312 1820 iPod Service - ok
20:46:35.0328 1820 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINXP\system32\DRIVERS\ipsec.sys
20:46:35.0328 1820 IPSec ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0328 1820 IPSec - detected UnsignedFile.Multi.Generic (1)
20:46:35.0359 1820 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINXP\system32\DRIVERS\irenum.sys
20:46:35.0359 1820 IRENUM ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0359 1820 IRENUM - detected UnsignedFile.Multi.Generic (1)
20:46:35.0390 1820 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINXP\system32\DRIVERS\isapnp.sys
20:46:35.0390 1820 isapnp ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0390 1820 isapnp - detected UnsignedFile.Multi.Generic (1)
20:46:35.0437 1820 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
20:46:35.0437 1820 JavaQuickStarterService - ok
20:46:35.0468 1820 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINXP\system32\DRIVERS\kbdclass.sys
20:46:35.0468 1820 Kbdclass ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0468 1820 Kbdclass - detected UnsignedFile.Multi.Generic (1)
20:46:35.0484 1820 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINXP\system32\DRIVERS\kbdhid.sys
20:46:35.0484 1820 kbdhid ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0484 1820 kbdhid - detected UnsignedFile.Multi.Generic (1)
20:46:35.0500 1820 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINXP\system32\drivers\kmixer.sys
20:46:35.0515 1820 kmixer ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0515 1820 kmixer - detected UnsignedFile.Multi.Generic (1)
20:46:35.0531 1820 [ C6EBF1D6AD71DF30DB49B8D3287E1368 ] KSecDD C:\WINXP\system32\drivers\KSecDD.sys
20:46:35.0531 1820 KSecDD ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0531 1820 KSecDD - detected UnsignedFile.Multi.Generic (1)
20:46:35.0562 1820 [ 41202C42C8D1A4465AB121F806E93F24 ] LanmanServer C:\WINXP\System32\srvsvc.dll
20:46:35.0578 1820 LanmanServer ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0578 1820 LanmanServer - detected UnsignedFile.Multi.Generic (1)
20:46:35.0609 1820 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINXP\System32\wkssvc.dll
20:46:35.0609 1820 lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0609 1820 lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
20:46:35.0609 1820 lbrtfdc - ok
20:46:35.0671 1820 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINXP\System32\lmhsvc.dll
20:46:35.0687 1820 LmHosts ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0687 1820 LmHosts - detected UnsignedFile.Multi.Generic (1)
20:46:35.0734 1820 [ 9AB4171D5F43F172E10CDF6C6D8E4785 ] McComponentHostService C:\Programme\McAfee Security Scan\3.0.229\McCHSvc.exe
20:46:35.0750 1820 McComponentHostService - ok
20:46:35.0765 1820 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINXP\System32\msgsvc.dll
20:46:35.0765 1820 Messenger ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0765 1820 Messenger - detected UnsignedFile.Multi.Generic (1)
20:46:35.0812 1820 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
20:46:35.0828 1820 Microsoft Office Groove Audit Service - ok
20:46:35.0843 1820 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINXP\system32\drivers\mnmdd.sys
20:46:35.0843 1820 mnmdd ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0843 1820 mnmdd - detected UnsignedFile.Multi.Generic (1)
20:46:35.0875 1820 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINXP\system32\mnmsrvc.exe
20:46:35.0875 1820 mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0875 1820 mnmsrvc - detected UnsignedFile.Multi.Generic (1)
20:46:35.0921 1820 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINXP\system32\drivers\Modem.sys
20:46:35.0921 1820 Modem ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0921 1820 Modem - detected UnsignedFile.Multi.Generic (1)
20:46:35.0953 1820 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt C:\WINXP\system32\drivers\Monfilt.sys
20:46:35.0984 1820 Monfilt ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0984 1820 Monfilt - detected UnsignedFile.Multi.Generic (1)
20:46:35.0984 1820 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINXP\system32\DRIVERS\mouclass.sys
20:46:35.0984 1820 Mouclass ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0984 1820 Mouclass - detected UnsignedFile.Multi.Generic (1)
20:46:36.0000 1820 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINXP\system32\DRIVERS\mouhid.sys
20:46:36.0000 1820 mouhid ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0000 1820 mouhid - detected UnsignedFile.Multi.Generic (1)
20:46:36.0015 1820 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINXP\system32\drivers\MountMgr.sys
20:46:36.0015 1820 MountMgr ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0015 1820 MountMgr - detected UnsignedFile.Multi.Generic (1)
20:46:36.0062 1820 MozillaMaintenance - ok
20:46:36.0078 1820 mraid35x - ok
20:46:36.0093 1820 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINXP\system32\DRIVERS\mrxdav.sys
20:46:36.0093 1820 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0093 1820 MRxDAV - detected UnsignedFile.Multi.Generic (1)
20:46:36.0125 1820 [ FB2FCCC70F7174C7BF64F48E96D3ADF4 ] MRxSmb C:\WINXP\system32\DRIVERS\mrxsmb.sys
20:46:36.0125 1820 MRxSmb ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0125 1820 MRxSmb - detected UnsignedFile.Multi.Generic (1)
20:46:36.0171 1820 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINXP\system32\msdtc.exe
20:46:36.0171 1820 MSDTC ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0171 1820 MSDTC - detected UnsignedFile.Multi.Generic (1)
20:46:36.0187 1820 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINXP\system32\drivers\Msfs.sys
20:46:36.0187 1820 Msfs ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0187 1820 Msfs - detected UnsignedFile.Multi.Generic (1)
20:46:36.0203 1820 MSIServer - ok
20:46:36.0250 1820 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINXP\system32\drivers\MSKSSRV.sys
20:46:36.0250 1820 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0250 1820 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
20:46:36.0281 1820 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINXP\system32\drivers\MSPCLOCK.sys
20:46:36.0281 1820 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0281 1820 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
20:46:36.0296 1820 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINXP\system32\drivers\MSPQM.sys
20:46:36.0296 1820 MSPQM ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0296 1820 MSPQM - detected UnsignedFile.Multi.Generic (1)
20:46:36.0312 1820 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINXP\system32\DRIVERS\mssmbios.sys
20:46:36.0312 1820 mssmbios ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0312 1820 mssmbios - detected UnsignedFile.Multi.Generic (1)
20:46:36.0359 1820 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINXP\system32\drivers\Mup.sys
20:46:36.0359 1820 Mup ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0359 1820 Mup - detected UnsignedFile.Multi.Generic (1)
20:46:36.0375 1820 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINXP\System32\qagentrt.dll
20:46:36.0375 1820 napagent ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0375 1820 napagent - detected UnsignedFile.Multi.Generic (1)
20:46:36.0390 1820 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINXP\system32\drivers\NDIS.sys
20:46:36.0390 1820 NDIS ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0390 1820 NDIS - detected UnsignedFile.Multi.Generic (1)
20:46:36.0437 1820 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINXP\system32\DRIVERS\ndistapi.sys
20:46:36.0453 1820 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0453 1820 NdisTapi - detected UnsignedFile.Multi.Generic (1)
20:46:36.0453 1820 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINXP\system32\DRIVERS\ndisuio.sys
20:46:36.0468 1820 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0468 1820 Ndisuio - detected UnsignedFile.Multi.Generic (1)
20:46:36.0468 1820 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINXP\system32\DRIVERS\ndiswan.sys
20:46:36.0484 1820 NdisWan ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0484 1820 NdisWan - detected UnsignedFile.Multi.Generic (1)
20:46:36.0500 1820 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINXP\system32\drivers\NDProxy.sys
20:46:36.0500 1820 NDProxy ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0500 1820 NDProxy - detected UnsignedFile.Multi.Generic (1)
20:46:36.0593 1820 [ 27FE4B70C12A2C67A58D799B9A4E8D81 ] Nero BackItUp Scheduler 4.0 C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
20:46:36.0625 1820 Nero BackItUp Scheduler 4.0 - ok
20:46:36.0625 1820 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINXP\system32\DRIVERS\netbios.sys
20:46:36.0625 1820 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0625 1820 NetBIOS - detected UnsignedFile.Multi.Generic (1)
20:46:36.0640 1820 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINXP\system32\DRIVERS\netbt.sys
20:46:36.0656 1820 NetBT ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0656 1820 NetBT - detected UnsignedFile.Multi.Generic (1)
20:46:36.0671 1820 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINXP\system32\netdde.exe
20:46:36.0687 1820 NetDDE ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0687 1820 NetDDE - detected UnsignedFile.Multi.Generic (1)
20:46:36.0687 1820 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINXP\system32\netdde.exe
20:46:36.0703 1820 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0703 1820 NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
20:46:36.0703 1820 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINXP\system32\lsass.exe
20:46:36.0703 1820 Netlogon ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0703 1820 Netlogon - detected UnsignedFile.Multi.Generic (1)
20:46:36.0734 1820 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINXP\System32\netman.dll
20:46:36.0734 1820 Netman ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0734 1820 Netman - detected UnsignedFile.Multi.Generic (1)
20:46:36.0765 1820 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:46:36.0765 1820 NetTcpPortSharing - ok
20:46:36.0781 1820 [ 4AA50627B01C0E9C6B4C6BD3AF648F12 ] Nla C:\WINXP\System32\mswsock.dll
20:46:36.0796 1820 Nla ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0796 1820 Nla - detected UnsignedFile.Multi.Generic (1)
20:46:36.0796 1820 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINXP\system32\drivers\Npfs.sys
20:46:36.0796 1820 Npfs ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0796 1820 Npfs - detected UnsignedFile.Multi.Generic (1)
20:46:36.0812 1820 NTACCESS - ok
20:46:36.0843 1820 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINXP\system32\drivers\Ntfs.sys
20:46:36.0859 1820 Ntfs ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0859 1820 Ntfs - detected UnsignedFile.Multi.Generic (1)
20:46:36.0859 1820 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINXP\system32\lsass.exe
20:46:36.0859 1820 NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0859 1820 NtLmSsp - detected UnsignedFile.Multi.Generic (1)
20:46:36.0890 1820 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINXP\system32\ntmssvc.dll
20:46:36.0906 1820 NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0906 1820 NtmsSvc - detected UnsignedFile.Multi.Generic (1)
20:46:36.0937 1820 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINXP\system32\drivers\Null.sys
20:46:36.0937 1820 Null ( UnsignedFile.Multi.Generic ) - warning
20:46:36.0937 1820 Null - detected UnsignedFile.Multi.Generic (1)
20:46:37.0078 1820 [ F85E109844787668CE8AAB54EF14362A ] nv C:\WINXP\system32\DRIVERS\nv4_mini.sys
20:46:37.0234 1820 nv ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0234 1820 nv - detected UnsignedFile.Multi.Generic (1)
20:46:37.0265 1820 [ CC9275DB74AD57AC0C3EE823F9922298 ] nvsvc C:\WINXP\system32\nvsvc32.exe
20:46:37.0281 1820 nvsvc ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0281 1820 nvsvc - detected UnsignedFile.Multi.Generic (1)
20:46:37.0296 1820 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINXP\system32\DRIVERS\nwlnkflt.sys
20:46:37.0312 1820 NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0312 1820 NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
20:46:37.0328 1820 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINXP\system32\DRIVERS\nwlnkfwd.sys
20:46:37.0328 1820 NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0328 1820 NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
20:46:37.0375 1820 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
20:46:37.0390 1820 odserv - ok
20:46:37.0437 1820 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
20:46:37.0437 1820 ose - ok
20:46:37.0468 1820 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINXP\system32\DRIVERS\parport.sys
20:46:37.0468 1820 Parport ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0468 1820 Parport - detected UnsignedFile.Multi.Generic (1)
20:46:37.0468 1820 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINXP\system32\drivers\PartMgr.sys
20:46:37.0468 1820 PartMgr ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0468 1820 PartMgr - detected UnsignedFile.Multi.Generic (1)
20:46:37.0484 1820 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINXP\system32\drivers\ParVdm.sys
20:46:37.0484 1820 ParVdm ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0484 1820 ParVdm - detected UnsignedFile.Multi.Generic (1)
20:46:37.0515 1820 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINXP\system32\DRIVERS\pccsmcfd.sys
20:46:37.0531 1820 pccsmcfd ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0531 1820 pccsmcfd - detected UnsignedFile.Multi.Generic (1)
20:46:37.0531 1820 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINXP\system32\DRIVERS\pci.sys
20:46:37.0531 1820 PCI ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0531 1820 PCI - detected UnsignedFile.Multi.Generic (1)
20:46:37.0546 1820 PCIDump - ok
20:46:37.0593 1820 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINXP\system32\DRIVERS\pciide.sys
20:46:37.0609 1820 PCIIde ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0609 1820 PCIIde - detected UnsignedFile.Multi.Generic (1)
20:46:37.0640 1820 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINXP\system32\drivers\Pcmcia.sys
20:46:37.0656 1820 Pcmcia ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0656 1820 Pcmcia - detected UnsignedFile.Multi.Generic (1)
20:46:37.0656 1820 PDCOMP - ok
20:46:37.0671 1820 PDFRAME - ok
20:46:37.0687 1820 PDRELI - ok
20:46:37.0703 1820 PDRFRAME - ok
20:46:37.0718 1820 perc2 - ok
20:46:37.0734 1820 perc2hib - ok
20:46:37.0781 1820 PLFlash DeviceIoControl Service - ok
20:46:37.0796 1820 [ F0A7D59AF279326528715B206669B86C ] PlugPlay C:\WINXP\system32\services.exe
20:46:37.0812 1820 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0812 1820 PlugPlay - detected UnsignedFile.Multi.Generic (1)
20:46:37.0812 1820 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINXP\system32\lsass.exe
20:46:37.0812 1820 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0812 1820 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
20:46:37.0828 1820 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINXP\system32\DRIVERS\raspptp.sys
20:46:37.0843 1820 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0843 1820 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
20:46:37.0843 1820 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINXP\system32\lsass.exe
20:46:37.0843 1820 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0843 1820 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
20:46:37.0859 1820 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINXP\system32\DRIVERS\psched.sys
20:46:37.0859 1820 PSched ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0859 1820 PSched - detected UnsignedFile.Multi.Generic (1)
20:46:37.0875 1820 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINXP\system32\DRIVERS\ptilink.sys
20:46:37.0875 1820 Ptilink ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0875 1820 Ptilink - detected UnsignedFile.Multi.Generic (1)
20:46:37.0890 1820 ql1080 - ok
20:46:37.0906 1820 Ql10wnt - ok
20:46:37.0921 1820 ql12160 - ok
20:46:37.0937 1820 ql1240 - ok
20:46:37.0953 1820 ql1280 - ok
20:46:37.0968 1820 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINXP\system32\DRIVERS\rasacd.sys
20:46:37.0968 1820 RasAcd ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0968 1820 RasAcd - detected UnsignedFile.Multi.Generic (1)
20:46:37.0984 1820 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINXP\System32\rasauto.dll
20:46:38.0000 1820 RasAuto ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0000 1820 RasAuto - detected UnsignedFile.Multi.Generic (1)
20:46:38.0000 1820 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINXP\system32\DRIVERS\rasl2tp.sys
20:46:38.0000 1820 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0000 1820 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
20:46:38.0031 1820 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINXP\System32\rasmans.dll
20:46:38.0031 1820 RasMan ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0031 1820 RasMan - detected UnsignedFile.Multi.Generic (1)
20:46:38.0031 1820 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINXP\system32\DRIVERS\raspppoe.sys
20:46:38.0046 1820 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0046 1820 RasPppoe - detected UnsignedFile.Multi.Generic (1)
20:46:38.0046 1820 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINXP\system32\DRIVERS\raspti.sys
20:46:38.0062 1820 Raspti ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0062 1820 Raspti - detected UnsignedFile.Multi.Generic (1)
20:46:38.0078 1820 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINXP\system32\DRIVERS\rdbss.sys
20:46:38.0078 1820 Rdbss ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0078 1820 Rdbss - detected UnsignedFile.Multi.Generic (1)
20:46:38.0078 1820 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINXP\system32\DRIVERS\RDPCDD.sys
20:46:38.0093 1820 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0093 1820 RDPCDD - detected UnsignedFile.Multi.Generic (1)
20:46:38.0125 1820 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINXP\system32\DRIVERS\rdpdr.sys
20:46:38.0125 1820 rdpdr ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0125 1820 rdpdr - detected UnsignedFile.Multi.Generic (1)
20:46:38.0156 1820 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINXP\system32\drivers\RDPWD.sys
20:46:38.0171 1820 RDPWD ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0171 1820 RDPWD - detected UnsignedFile.Multi.Generic (1)
20:46:38.0187 1820 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINXP\system32\sessmgr.exe
20:46:38.0187 1820 RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0187 1820 RDSessMgr - detected UnsignedFile.Multi.Generic (1)
20:46:38.0203 1820 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINXP\system32\DRIVERS\redbook.sys
20:46:38.0203 1820 redbook ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0203 1820 redbook - detected UnsignedFile.Multi.Generic (1)
20:46:38.0234 1820 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINXP\System32\mprdim.dll
20:46:38.0234 1820 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0234 1820 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
20:46:38.0250 1820 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINXP\system32\regsvc.dll
20:46:38.0265 1820 RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0265 1820 RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
20:46:38.0281 1820 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINXP\system32\locator.exe
20:46:38.0281 1820 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0281 1820 RpcLocator - detected UnsignedFile.Multi.Generic (1)
20:46:38.0296 1820 [ D3D765E8455A961AE567B408F767D4F9 ] RpcSs C:\WINXP\System32\rpcss.dll
20:46:38.0312 1820 RpcSs ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0312 1820 RpcSs - detected UnsignedFile.Multi.Generic (1)
20:46:38.0328 1820 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINXP\system32\rsvp.exe
20:46:38.0328 1820 RSVP ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0328 1820 RSVP - detected UnsignedFile.Multi.Generic (1)
20:46:38.0359 1820 [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp C:\WINXP\system32\DRIVERS\Rtenicxp.sys
20:46:38.0359 1820 RTLE8023xp ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0359 1820 RTLE8023xp - detected UnsignedFile.Multi.Generic (1)
20:46:38.0375 1820 RushTopDevice2 - ok
20:46:38.0390 1820 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINXP\system32\lsass.exe
20:46:38.0390 1820 SamSs ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0390 1820 SamSs - detected UnsignedFile.Multi.Generic (1)
20:46:38.0437 1820 [ 361094945053C2C04312EF2E5F14EEAF ] SANDRA C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\Sandra.sys
20:46:38.0437 1820 SANDRA - ok
20:46:38.0453 1820 [ 201C4CA2BEB6152B0238DEA13F9EE85D ] SandraAgentSrv C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
20:46:38.0468 1820 SandraAgentSrv - ok
20:46:38.0484 1820 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINXP\System32\SCardSvr.exe
20:46:38.0484 1820 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0484 1820 SCardSvr - detected UnsignedFile.Multi.Generic (1)
20:46:38.0515 1820 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINXP\system32\schedsvc.dll
20:46:38.0515 1820 Schedule ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0515 1820 Schedule - detected UnsignedFile.Multi.Generic (1)
20:46:38.0531 1820 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINXP\system32\DRIVERS\secdrv.sys
20:46:38.0531 1820 Secdrv ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0531 1820 Secdrv - detected UnsignedFile.Multi.Generic (1)
20:46:38.0546 1820 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINXP\System32\seclogon.dll
20:46:38.0562 1820 seclogon ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0562 1820 seclogon - detected UnsignedFile.Multi.Generic (1)
20:46:38.0578 1820 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINXP\system32\sens.dll
20:46:38.0578 1820 SENS ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0578 1820 SENS - detected UnsignedFile.Multi.Generic (1)
20:46:38.0593 1820 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINXP\system32\DRIVERS\serenum.sys
20:46:38.0593 1820 serenum ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0593 1820 serenum - detected UnsignedFile.Multi.Generic (1)
20:46:38.0609 1820 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINXP\system32\DRIVERS\serial.sys
20:46:38.0609 1820 Serial ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0609 1820 Serial - detected UnsignedFile.Multi.Generic (1)
20:46:38.0656 1820 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Programme\PC Connectivity Solution\ServiceLayer.exe
20:46:38.0671 1820 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0671 1820 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
20:46:38.0703 1820 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINXP\system32\drivers\Sfloppy.sys
20:46:38.0703 1820 Sfloppy ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0703 1820 Sfloppy - detected UnsignedFile.Multi.Generic (1)
20:46:38.0718 1820 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINXP\System32\ipnathlp.dll
20:46:38.0734 1820 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0734 1820 SharedAccess - detected UnsignedFile.Multi.Generic (1)
20:46:38.0750 1820 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINXP\System32\shsvcs.dll
20:46:38.0750 1820 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
20:46:38.0750 1820 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
20:46:38.0750 1820 Simbad - ok
20:46:39.0000 1820 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:46:39.0062 1820 Skype C2C Service - ok
20:46:39.0109 1820 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
20:46:39.0125 1820 SkypeUpdate - ok
20:46:39.0140 1820 Sparrow - ok
20:46:39.0187 1820 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINXP\system32\drivers\splitter.sys
20:46:39.0187 1820 splitter ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0187 1820 splitter - detected UnsignedFile.Multi.Generic (1)
20:46:39.0218 1820 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINXP\system32\spoolsv.exe
20:46:39.0218 1820 Spooler ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0218 1820 Spooler - detected UnsignedFile.Multi.Generic (1)
20:46:39.0234 1820 sptd - ok
20:46:39.0281 1820 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINXP\system32\DRIVERS\sr.sys
20:46:39.0281 1820 sr ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0281 1820 sr - detected UnsignedFile.Multi.Generic (1)
20:46:39.0312 1820 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINXP\system32\srsvc.dll
20:46:39.0328 1820 srservice ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0328 1820 srservice - detected UnsignedFile.Multi.Generic (1)
20:46:39.0343 1820 [ 9B390283569EA58D43D2586032B892F5 ] Srv C:\WINXP\system32\DRIVERS\srv.sys
20:46:39.0343 1820 Srv ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0343 1820 Srv - detected UnsignedFile.Multi.Generic (1)
20:46:39.0359 1820 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINXP\System32\ssdpsrv.dll
20:46:39.0375 1820 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0375 1820 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
20:46:39.0406 1820 [ 5EC550B8952882EE856B862CF648522D ] ssmdrv C:\WINXP\system32\DRIVERS\ssmdrv.sys
20:46:39.0406 1820 ssmdrv - ok
20:46:39.0437 1820 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\WINXP\system32\DRIVERS\ss_bbus.sys
20:46:39.0453 1820 ss_bbus - ok
20:46:39.0468 1820 [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl C:\WINXP\system32\DRIVERS\ss_bmdfl.sys
20:46:39.0484 1820 ss_bmdfl - ok
20:46:39.0500 1820 [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm C:\WINXP\system32\DRIVERS\ss_bmdm.sys
20:46:39.0515 1820 ss_bmdm - ok
20:46:39.0546 1820 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINXP\system32\wiaservc.dll
20:46:39.0546 1820 stisvc ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0546 1820 stisvc - detected UnsignedFile.Multi.Generic (1)
20:46:39.0578 1820 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINXP\system32\DRIVERS\swenum.sys
20:46:39.0593 1820 swenum ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0593 1820 swenum - detected UnsignedFile.Multi.Generic (1)
20:46:39.0593 1820 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINXP\system32\drivers\swmidi.sys
20:46:39.0609 1820 swmidi ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0609 1820 swmidi - detected UnsignedFile.Multi.Generic (1)
20:46:39.0609 1820 SwPrv - ok
20:46:39.0625 1820 symc810 - ok
20:46:39.0640 1820 symc8xx - ok
20:46:39.0656 1820 sym_hi - ok
20:46:39.0671 1820 sym_u3 - ok
20:46:39.0687 1820 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINXP\system32\drivers\sysaudio.sys
20:46:39.0703 1820 sysaudio ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0703 1820 sysaudio - detected UnsignedFile.Multi.Generic (1)
20:46:39.0718 1820 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINXP\system32\smlogsvc.exe
20:46:39.0734 1820 SysmonLog ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0734 1820 SysmonLog - detected UnsignedFile.Multi.Generic (1)
20:46:39.0750 1820 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINXP\System32\tapisrv.dll
20:46:39.0750 1820 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0750 1820 TapiSrv - detected UnsignedFile.Multi.Generic (1)
20:46:39.0796 1820 [ AD978A1B783B5719720CFF204B666C8E ] Tcpip C:\WINXP\system32\DRIVERS\tcpip.sys
20:46:39.0796 1820 Tcpip ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0796 1820 Tcpip - detected UnsignedFile.Multi.Generic (1)
20:46:39.0828 1820 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINXP\system32\drivers\TDPIPE.sys
20:46:39.0828 1820 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0828 1820 TDPIPE - detected UnsignedFile.Multi.Generic (1)
20:46:39.0843 1820 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINXP\system32\drivers\TDTCP.sys
20:46:39.0859 1820 TDTCP ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0859 1820 TDTCP - detected UnsignedFile.Multi.Generic (1)
20:46:39.0859 1820 [ 88155247177638048422893737429D9E ] TermDD C:\WINXP\system32\DRIVERS\termdd.sys
20:46:39.0875 1820 TermDD ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0875 1820 TermDD - detected UnsignedFile.Multi.Generic (1)
20:46:39.0890 1820 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINXP\System32\termsrv.dll
20:46:39.0890 1820 TermService ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0890 1820 TermService - detected UnsignedFile.Multi.Generic (1)
20:46:39.0906 1820 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINXP\System32\shsvcs.dll
20:46:39.0906 1820 Themes ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0906 1820 Themes - detected UnsignedFile.Multi.Generic (1)
20:46:39.0937 1820 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINXP\system32\tlntsvr.exe
20:46:39.0937 1820 TlntSvr ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0937 1820 TlntSvr - detected UnsignedFile.Multi.Generic (1)
20:46:39.0937 1820 TosIde - ok
20:46:39.0984 1820 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINXP\system32\trkwks.dll
20:46:40.0000 1820 TrkWks ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0000 1820 TrkWks - detected UnsignedFile.Multi.Generic (1)
20:46:40.0031 1820 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINXP\system32\drivers\Udfs.sys
20:46:40.0031 1820 Udfs ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0031 1820 Udfs - detected UnsignedFile.Multi.Generic (1)
20:46:40.0031 1820 ultra - ok
20:46:40.0078 1820 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINXP\system32\DRIVERS\update.sys
20:46:40.0093 1820 Update ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0093 1820 Update - detected UnsignedFile.Multi.Generic (1)
20:46:40.0109 1820 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINXP\System32\upnphost.dll
20:46:40.0109 1820 upnphost ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0109 1820 upnphost - detected UnsignedFile.Multi.Generic (1)
20:46:40.0125 1820 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINXP\System32\ups.exe
20:46:40.0125 1820 UPS ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0125 1820 UPS - detected UnsignedFile.Multi.Generic (1)
20:46:40.0156 1820 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINXP\system32\DRIVERS\usbccgp.sys
20:46:40.0156 1820 usbccgp ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0156 1820 usbccgp - detected UnsignedFile.Multi.Generic (1)
20:46:40.0171 1820 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINXP\system32\DRIVERS\usbehci.sys
20:46:40.0187 1820 usbehci ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0187 1820 usbehci - detected UnsignedFile.Multi.Generic (1)
20:46:40.0203 1820 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINXP\system32\DRIVERS\usbhub.sys
20:46:40.0203 1820 usbhub ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0203 1820 usbhub - detected UnsignedFile.Multi.Generic (1)
20:46:40.0250 1820 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINXP\system32\DRIVERS\usbprint.sys
20:46:40.0250 1820 usbprint ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0250 1820 usbprint - detected UnsignedFile.Multi.Generic (1)
20:46:40.0265 1820 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINXP\system32\DRIVERS\usbscan.sys
20:46:40.0265 1820 usbscan ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0265 1820 usbscan - detected UnsignedFile.Multi.Generic (1)
20:46:40.0281 1820 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINXP\system32\DRIVERS\USBSTOR.SYS
20:46:40.0281 1820 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0281 1820 USBSTOR - detected UnsignedFile.Multi.Generic (1)
20:46:40.0312 1820 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINXP\system32\DRIVERS\usbuhci.sys
20:46:40.0312 1820 usbuhci ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0312 1820 usbuhci - detected UnsignedFile.Multi.Generic (1)
20:46:40.0343 1820 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINXP\System32\drivers\vga.sys
20:46:40.0343 1820 VgaSave ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0343 1820 VgaSave - detected UnsignedFile.Multi.Generic (1)
20:46:40.0359 1820 ViaIde - ok
20:46:40.0406 1820 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINXP\system32\drivers\VolSnap.sys
20:46:40.0406 1820 VolSnap ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0406 1820 VolSnap - detected UnsignedFile.Multi.Generic (1)
20:46:40.0421 1820 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINXP\System32\vssvc.exe
20:46:40.0421 1820 VSS ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0421 1820 VSS - detected UnsignedFile.Multi.Generic (1)
20:46:40.0453 1820 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINXP\system32\w32time.dll
20:46:40.0453 1820 W32Time ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0453 1820 W32Time - detected UnsignedFile.Multi.Generic (1)
20:46:40.0484 1820 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINXP\system32\DRIVERS\wanarp.sys
20:46:40.0484 1820 Wanarp ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0484 1820 Wanarp - detected UnsignedFile.Multi.Generic (1)
20:46:40.0484 1820 WDICA - ok
20:46:40.0515 1820 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINXP\system32\drivers\wdmaud.sys
20:46:40.0515 1820 wdmaud ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0515 1820 wdmaud - detected UnsignedFile.Multi.Generic (1)
20:46:40.0531 1820 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINXP\System32\webclnt.dll
20:46:40.0531 1820 WebClient ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0531 1820 WebClient - detected UnsignedFile.Multi.Generic (1)
20:46:40.0546 1820 [ 1DC273A5F666D68907632F75EE7917DD ] WEBNTACCESS C:\WINXP\system32\NTACCESS.SYS
20:46:40.0546 1820 WEBNTACCESS ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0546 1820 WEBNTACCESS - detected UnsignedFile.Multi.Generic (1)
20:46:40.0593 1820 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINXP\system32\wbem\WMIsvc.dll
20:46:40.0593 1820 winmgmt ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0593 1820 winmgmt - detected UnsignedFile.Multi.Generic (1)
20:46:40.0703 1820 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:46:40.0734 1820 wlidsvc - ok
20:46:40.0781 1820 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINXP\system32\mspmsnsv.dll
20:46:40.0781 1820 WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0781 1820 WmdmPmSN - detected UnsignedFile.Multi.Generic (1)
20:46:40.0796 1820 [ 57FA31A965D8FC3172641A93618FBE9E ] Wmi C:\WINXP\System32\advapi32.dll
20:46:40.0812 1820 Wmi ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0812 1820 Wmi - detected UnsignedFile.Multi.Generic (1)
20:46:40.0859 1820 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINXP\system32\wbem\wmiapsrv.exe
20:46:40.0859 1820 WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0859 1820 WmiApSrv - detected UnsignedFile.Multi.Generic (1)
20:46:40.0906 1820 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
20:46:40.0921 1820 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0921 1820 WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
20:46:40.0953 1820 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINXP\System32\drivers\ws2ifsl.sys
20:46:40.0953 1820 WS2IFSL ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0953 1820 WS2IFSL - detected UnsignedFile.Multi.Generic (1)
20:46:40.0968 1820 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINXP\system32\wscsvc.dll
20:46:40.0984 1820 wscsvc ( UnsignedFile.Multi.Generic ) - warning
20:46:40.0984 1820 wscsvc - detected UnsignedFile.Multi.Generic (1)
20:46:41.0000 1820 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINXP\system32\wuauserv.dll
20:46:41.0015 1820 wuauserv ( UnsignedFile.Multi.Generic ) - warning
20:46:41.0015 1820 wuauserv - detected UnsignedFile.Multi.Generic (1)
20:46:41.0015 1820 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINXP\system32\DRIVERS\WudfPf.sys
20:46:41.0031 1820 WudfPf ( UnsignedFile.Multi.Generic ) - warning
20:46:41.0031 1820 WudfPf - detected UnsignedFile.Multi.Generic (1)
20:46:41.0031 1820 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINXP\system32\DRIVERS\wudfrd.sys
20:46:41.0031 1820 WudfRd ( UnsignedFile.Multi.Generic ) - warning
20:46:41.0031 1820 WudfRd - detected UnsignedFile.Multi.Generic (1)
20:46:41.0046 1820 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINXP\System32\WUDFSvc.dll
20:46:41.0062 1820 WudfSvc ( UnsignedFile.Multi.Generic ) - warning
20:46:41.0062 1820 WudfSvc - detected UnsignedFile.Multi.Generic (1)
20:46:41.0078 1820 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINXP\System32\wzcsvc.dll
20:46:41.0078 1820 WZCSVC ( UnsignedFile.Multi.Generic ) - warning
20:46:41.0078 1820 WZCSVC - detected UnsignedFile.Multi.Generic (1)
20:46:41.0093 1820 XDva398 - ok
20:46:41.0109 1820 XDva399 - ok
20:46:41.0156 1820 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINXP\System32\xmlprov.dll
20:46:41.0156 1820 xmlprov ( UnsignedFile.Multi.Generic ) - warning
20:46:41.0156 1820 xmlprov - detected UnsignedFile.Multi.Generic (1)
20:46:41.0171 1820 ================ Scan global ===============================
20:46:41.0187 1820 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINXP\system32\basesrv.dll
20:46:41.0218 1820 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINXP\system32\winsrv.dll
20:46:41.0218 1820 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINXP\system32\winsrv.dll
20:46:41.0234 1820 [ F0A7D59AF279326528715B206669B86C ] C:\WINXP\system32\services.exe
20:46:41.0234 1820 [Global] - ok
20:46:41.0234 1820 ================ Scan MBR ==================================
20:46:41.0265 1820 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
20:46:41.0515 1820 \Device\Harddisk0\DR0 - ok
20:46:41.0515 1820 ================ Scan VBR ==================================
20:46:41.0515 1820 [ 644D4CFDF254C1161AE952EA98749B2E ] \Device\Harddisk0\DR0\Partition1
20:46:41.0515 1820 \Device\Harddisk0\DR0\Partition1 - ok
20:46:41.0531 1820 [ 1CF5618055684AEB21D16889AA2363EA ] \Device\Harddisk0\DR0\Partition2
20:46:41.0531 1820 \Device\Harddisk0\DR0\Partition2 - ok
20:46:41.0562 1820 [ 3C5EDFCFCE137D60987C2BF30688DF54 ] \Device\Harddisk0\DR0\Partition3
20:46:41.0562 1820 \Device\Harddisk0\DR0\Partition3 - ok
20:46:41.0562 1820 ============================================================
20:46:41.0562 1820 Scan finished
20:46:41.0562 1820 ============================================================
20:46:41.0687 1664 Detected object count: 213
20:46:41.0687 1664 Actual detected object count: 213
20:46:49.0328 1664 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0328 1664 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0328 1664 ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0328 1664 ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0343 1664 aec ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0343 1664 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0343 1664 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0343 1664 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0359 1664 Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0359 1664 Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0359 1664 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0359 1664 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0359 1664 Ambfilt ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0359 1664 Ambfilt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0375 1664 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0375 1664 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0375 1664 AntiVirService ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0375 1664 AntiVirService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0390 1664 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0390 1664 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0390 1664 AppMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0390 1664 AppMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0406 1664 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0406 1664 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0406 1664 atapi ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0406 1664 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0421 1664 Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0421 1664 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0421 1664 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0421 1664 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0421 1664 audstub ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0421 1664 audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0437 1664 Beep ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0437 1664 Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0437 1664 BITS ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0437 1664 BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0453 1664 Browser ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0453 1664 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0453 1664 cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0453 1664 cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0468 1664 Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0468 1664 Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0468 1664 Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0468 1664 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0484 1664 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0484 1664 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0484 1664 CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0484 1664 CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0484 1664 ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0484 1664 ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0500 1664 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0500 1664 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0500 1664 DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0500 1664 DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0515 1664 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0515 1664 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0515 1664 Disk ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0515 1664 Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0531 1664 dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0531 1664 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0531 1664 dmio ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0531 1664 dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0546 1664 dmload ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0546 1664 dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0546 1664 dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0546 1664 dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0546 1664 DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0546 1664 DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0562 1664 Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0562 1664 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0562 1664 Dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0562 1664 Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0578 1664 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0578 1664 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0578 1664 EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0578 1664 EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0578 1664 ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0578 1664 ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0593 1664 Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0593 1664 Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0593 1664 EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0593 1664 EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0609 1664 Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0609 1664 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0609 1664 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0609 1664 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0625 1664 Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0625 1664 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0625 1664 Fips ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0625 1664 Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0640 1664 FLASHSYS ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0640 1664 FLASHSYS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0640 1664 Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0640 1664 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0656 1664 FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0656 1664 FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0656 1664 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0656 1664 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0656 1664 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0656 1664 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0671 1664 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0671 1664 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0671 1664 Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0671 1664 Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0687 1664 Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0687 1664 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0687 1664 HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0687 1664 HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0703 1664 helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0703 1664 helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0703 1664 HidServ ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0703 1664 HidServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0718 1664 hidusb ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0718 1664 hidusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0718 1664 hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0718 1664 hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0734 1664 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0734 1664 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0734 1664 HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0734 1664 HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0750 1664 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0750 1664 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0750 1664 Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0750 1664 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0765 1664 ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0765 1664 ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0765 1664 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0765 1664 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0781 1664 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0781 1664 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0781 1664 Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0781 1664 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0796 1664 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0796 1664 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0796 1664 IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0796 1664 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0812 1664 IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0812 1664 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0812 1664 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0812 1664 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0812 1664 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0812 1664 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0828 1664 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0828 1664 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0828 1664 Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0828 1664 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0828 1664 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0828 1664 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0843 1664 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0843 1664 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0843 1664 KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0843 1664 KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0859 1664 LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0859 1664 LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0859 1664 lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0859 1664 lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0875 1664 LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0875 1664 LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0875 1664 Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0875 1664 Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0875 1664 mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0875 1664 mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0890 1664 mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0890 1664 mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0890 1664 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0890 1664 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0906 1664 Monfilt ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0906 1664 Monfilt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0906 1664 Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0906 1664 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0921 1664 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0921 1664 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0921 1664 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0921 1664 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0937 1664 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0937 1664 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0937 1664 MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0937 1664 MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0953 1664 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0953 1664 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0953 1664 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0953 1664 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0953 1664 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0953 1664 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0968 1664 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0968 1664 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0968 1664 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0968 1664 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0984 1664 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0984 1664 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:49.0984 1664 Mup ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:49.0984 1664 Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0000 1664 napagent ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0000 1664 napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0000 1664 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0000 1664 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0015 1664 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0015 1664 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0015 1664 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0015 1664 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0015 1664 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0015 1664 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0031 1664 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0031 1664 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0031 1664 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0031 1664 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0046 1664 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0046 1664 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0046 1664 NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0046 1664 NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0062 1664 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0062 1664 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0062 1664 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0062 1664 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0078 1664 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0078 1664 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0078 1664 Nla ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0078 1664 Nla ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0078 1664 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0078 1664 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0093 1664 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0093 1664 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0093 1664 NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0093 1664 NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0093 1664 NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0093 1664 NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0109 1664 Null ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0109 1664 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0109 1664 nv ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0109 1664 nv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0125 1664 nvsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0125 1664 nvsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0125 1664 NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0125 1664 NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0140 1664 NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0140 1664 NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0140 1664 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0140 1664 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0156 1664 PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0156 1664 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0156 1664 ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0156 1664 ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0156 1664 pccsmcfd ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0156 1664 pccsmcfd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0171 1664 PCI ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0171 1664 PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0171 1664 PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0171 1664 PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0187 1664 Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0187 1664 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0187 1664 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0187 1664 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0203 1664 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0203 1664 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0203 1664 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0203 1664 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0218 1664 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0218 1664 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0218 1664 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0218 1664 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0218 1664 Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0218 1664 Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0234 1664 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0234 1664 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0234 1664 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0234 1664 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0250 1664 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0250 1664 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0250 1664 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0250 1664 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0265 1664 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0265 1664 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0265 1664 Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0265 1664 Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0281 1664 Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0281 1664 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0281 1664 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0281 1664 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0281 1664 rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0281 1664 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0296 1664 RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0296 1664 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0296 1664 RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0296 1664 RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0312 1664 redbook ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0312 1664 redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0312 1664 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0312 1664 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0328 1664 RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0328 1664 RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0328 1664 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0328 1664 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0328 1664 RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0328 1664 RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0343 1664 RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0343 1664 RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0343 1664 RTLE8023xp ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0343 1664 RTLE8023xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0359 1664 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0359 1664 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0359 1664 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0359 1664 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0359 1664 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0359 1664 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0375 1664 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0375 1664 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0375 1664 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0375 1664 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0390 1664 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0390 1664 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0390 1664 serenum ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0390 1664 serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0406 1664 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0406 1664 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0406 1664 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0406 1664 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0421 1664 Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0421 1664 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0421 1664 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0421 1664 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0421 1664 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0421 1664 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0437 1664 splitter ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0437 1664 splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0437 1664 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0437 1664 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0453 1664 sr ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0453 1664 sr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0453 1664 srservice ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0453 1664 srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0468 1664 Srv ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0468 1664 Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0468 1664 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0468 1664 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0484 1664 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0484 1664 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0484 1664 swenum ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0484 1664 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0484 1664 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0484 1664 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0500 1664 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0500 1664 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0500 1664 SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0500 1664 SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0515 1664 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0515 1664 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0515 1664 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0515 1664 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0531 1664 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0531 1664 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0531 1664 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0531 1664 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0546 1664 TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0546 1664 TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0546 1664 TermService ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0546 1664 TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0546 1664 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0546 1664 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0562 1664 TlntSvr ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0562 1664 TlntSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0562 1664 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0562 1664 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0578 1664 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0578 1664 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0578 1664 Update ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0578 1664 Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0578 1664 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0578 1664 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0593 1664 UPS ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0593 1664 UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0593 1664 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0593 1664 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0609 1664 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0609 1664 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0609 1664 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0609 1664 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0625 1664 usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0625 1664 usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0625 1664 usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0625 1664 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0625 1664 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0625 1664 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0640 1664 usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0640 1664 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0640 1664 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0640 1664 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0656 1664 VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0656 1664 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0656 1664 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0656 1664 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0671 1664 W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0671 1664 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0671 1664 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0671 1664 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0687 1664 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0687 1664 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0687 1664 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0687 1664 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0687 1664 WEBNTACCESS ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0687 1664 WEBNTACCESS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0703 1664 winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0703 1664 winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0703 1664 WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0703 1664 WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0718 1664 Wmi ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0718 1664 Wmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0718 1664 WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0718 1664 WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0734 1664 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0734 1664 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0734 1664 WS2IFSL ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0734 1664 WS2IFSL ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0750 1664 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0750 1664 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0750 1664 wuauserv ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0750 1664 wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0750 1664 WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0750 1664 WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0765 1664 WudfRd ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0765 1664 WudfRd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0765 1664 WudfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0765 1664 WudfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0781 1664 WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0781 1664 WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:50.0781 1664 xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:50.0781 1664 xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 03.10.2012, 18:01

sorry für die wartezeit, war sehr beschäftigt

lade den CCleaner standard:
CCleaner Download - CCleaner 3.23.1823
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

platinman · 04.10.2012, 12:10

Schon ok

Bin froh wenn mir jemand hilft, auch wenn ich in der Zeit wahrscheinlich besser dran gewesen wäre, einfach komplett platt zu machen. Problem is halt, dass ich keine Daten absichern konnte bisher.
Habe auch noch nicht weiter ausprobiert ob ich mit dem normalen Account wieder ins Windows komme. Also ob ich normal starten kann.

Wie viel Arbeit haben wir denn noch vor uns? Sind noch Trojaner und so drauf?

Hier die Liste:

Zitat:

Adobe Flash Player 11 Plugin Adobe Systems Incorporated 16.09.2012 11.3.300.271 notwendig
Adobe Flash Player ActiveX Adobe Systems Incorporated 16.09.2012 9.0.124.0 notwendig
Adobe Reader X (10.1.2) - Deutsch Adobe Systems Incorporated 28.01.2012 122,00MB 10.1.2 notwendig
Alliance of Valiant Arms 20.07.2012 notwendig
Apple Mobile Device Support Apple Inc. 24.03.2010 34,03MB 1.1.4.7 unnötig
Apple Software Update Apple Inc. 24.03.2010 2,15MB 2.0.2.92 unnötig
Aufstieg des Hexenkönigs™ 12.02.2010 notwendig
Avira AntiVir Personal - Free Antivirus Avira GmbH 14.09.2012 notwendig
Call of Duty: Black Ops Treyarch 20.07.2012 notwendig
Call of Duty: Black Ops - Multiplayer Treyarch 20.07.2012 notwendig
CCleaner Piriform 24.09.2012 3.23 notwendig
CloneDVD2 Elaborate Bytes 31.07.2009 notwendig
Demigod Stardock Entertainment, Inc. 02.06.2010 notwendig
Die Schlacht um Mittelerde™ II 05.07.2010 notwendig
Emsisoft Anti-Malware Emsisoft GmbH 27.09.2012 7.0 unnötig
Epson Easy Photo Print 2 SEIKO EPSON CORPORATION 09.10.2010 2.2.0.0 notwendig
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) SEIKO EPSON CORPORATION 09.10.2010 1.00.0000 notwendig
Epson Event Manager SEIKO EPSON CORPORATION 09.10.2010 38,77MB 2.40.0001 notwendig
EPSON Scan Seiko Epson Corporation 09.10.2010 notwendig
EPSON SX218 Series Handbuch 30.09.2012 notwendig
EPSON SX218 Series Printer Uninstall SEIKO EPSON Corporation 28.11.2010 notwendig
FileZilla Client 3.2.7.1 10.09.2010 3.2.7.1 notwendig
Free Audio Converter version 2.0 DVDVideoSoft Limited. 17.08.2010 notwendig
Free Studio version 4.3 DVDVideoSoft Limited. 28.02.2010 unnötig
Google Chrome Google Inc. 04.10.2012 22.0.1229.79 unnötig
ICQ Toolbar ICQ 09.01.2011 3.0.0 unnötig
ICQ7.2 ICQ 09.01.2011 7.2 notwendig
iLivid unnötig
Internet Explorer Toolbar 4.6 by SweetPacks SweetIM Technologies Ltd. 19.06.2012 4,27MB 4.6.0003 unnötig
iTunes Apple Inc. 24.03.2010 73,35MB 7.6.2.9 notwendig
Java(TM) 6 Update 20 Sun Microsystems, Inc. 20.09.2009 91,02MB 6.0.200 notwendig
Java(TM) 7 Update 5 Oracle 20.07.2012 99,33MB 7.0.50 notwendig
JavaFX 2.1.1 Oracle Corporation 20.07.2012 20,88MB 2.1.1 notwendig
LogMeIn Hamachi LogMeIn, Inc. 01.09.2012 2.1.0.215 notwendig
Malwarebytes Anti-Malware Version 1.65.0.1400 Malwarebytes Corporation 26.09.2012 1.65.0.1400 unnötig
McAfee Security Scan Plus McAfee, Inc. 27.06.2012 3.0.229.1 unnötig
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU Microsoft Corporation 06.02.2012 6,18MB 2.1.21022 notwendig
Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 14.06.2012 184,00MB 2.2.30729 notwendig
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU Microsoft Corporation 06.02.2012 16,81MB 3.1.21022 notwendig
Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 24.06.2010 208,00MB 3.2.30729 notwendig
Microsoft .NET Framework 3.5 Language Pack - DEU Microsoft Corporation 06.02.2012 notwendig
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 28.05.2012 notwendig
Microsoft Games for Windows - LIVE Microsoft Corporation 13.01.2011 6,01MB 3.4.54.0 unnötig
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 13.01.2011 32,73MB 3.4.18.0 unnötig
Microsoft Office Enterprise 2007 Microsoft Corporation 13.09.2012 12.0.6425.1000 notwendig
Microsoft Office File Validation Add-In Microsoft Corporation 23.10.2011 11,21MB 14.0.5130.5003 notwendig
Microsoft Office Live Add-in 1.5 Microsoft Corporation 22.04.2012 0,49MB 2.0.4024.1 notwendig
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 05.05.2010 0,11MB 8.0.50727.4053 notwendig
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 09.10.2010 5,25MB 8.0.59193 notwendig
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 16.08.2009 0,15MB 9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 03.08.2009 10,28MB 9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 04.02.2010 10,19MB 9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 25.06.2011 10,20MB 9.0.30729.6161 notwendig
Microsoft Visual J# 2.0 Redistributable Package Microsoft Corporation 17.02.2010 notwendig
MicroVolts 20.07.2012 unbekannt
Mozilla Firefox 15.0.1 (x86 de) Mozilla 18.09.2012 15.0.1 notwendig
Mozilla Maintenance Service Mozilla 14.09.2012 15.0.1 notwendig
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 02.08.2009 2,67MB 4.20.9870.0 notwendig
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 26.11.2009 2,77MB 4.20.9876.0 notwendig
MSXML 4.0 SP2 Parser and SDK Microsoft Corporation 03.05.2010 0,04MB 4.20.9818.0 notwendig
NapkinRace v1.0 steinware 09.04.2012 unbekannt
Nero 9 Nero AG 19.06.2012 notwendig
NVIDIA Drivers NVIDIA Corporation 28.09.2012 1.4 notwendig
NVIDIA nView Desktop Manager NVIDIA Corporation 30.07.2009 125.14 notwendig
NVIDIA PhysX NVIDIA Corporation 31.07.2009 121,00MB 9.09.0428 notwendig
OLYMPUS Master 2 OLYMPUS IMAGING CORP. 03.05.2010 0,19MB 1.0.2 unbekannt
OmniPage Pro 9.0 15.12.2009 unbekannt
Pando Media Booster Pando Networks Inc. 17.04.2011 2.3.5.6 unbekannt
PC Connectivity Solution Nokia 30.05.2010 9,25MB 8.15.0.0 unbekannt
phase-6 2.1.2.3a phase-6 09.09.2012 2.1.2.3a unbekannt
QuickTime Apple Inc. 24.03.2010 78,69MB 7.4.5.67 notwendig
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 31.07.2009 5.10.0.5888 notwendig
SAMSUNG Mobile Composite Device Software 30.05.2010 notwendig
Samsung Mobile Modem Device Software 30.05.2010 notwendig
SAMSUNG Mobile Modem Driver Set 30.05.2010 notwendig
Samsung Mobile phone USB driver Software 30.05.2010 notwendig
SAMSUNG Mobile USB Modem 1.0 Software 30.05.2010
SAMSUNG Mobile USB Modem Software 30.05.2010 notwendig
Samsung New PC Studio Samsung Electronics Co., Ltd. 30.05.2010 1.00.0000 notwendig
Samsung New PC Studio USB Driver Installer Samsung Electronics Co., Ltd. 30.05.2010 1.00.0000 notwendig
SAMSUNG USB Mobile Device Software 30.05.2010 notwendig
SamsungConnectivityCableDriver Samsung 30.05.2010 0,62MB 6.83.6.2.1 notwendig
SiSoftware Sandra Lite 2009.SP3c SiSoftware 31.07.2009 15.99.2009.5 unnötig
Skype Click to Call Skype Technologies S.A. 17.09.2012 16,62MB 6.2.10687 unnötig
Skype™ 5.10 Skype Technologies S.A. 17.09.2012 19,45MB 5.10.116 notwendig
Star Wars Empire at War LucasArts 07.01.2012 1.0 notwendig
Supreme Commander Gas Powered Games 09.10.2010 1.00.0000 notwendig
Supreme Commander - Forged Alliance Gas Powered Games 18.02.2010 1.00.0000 notwendig
SweetIM for Messenger 3.7 SweetIM Technologies Ltd. 19.06.2012 4,93MB 3.7.0005 unbekannt
Team Fortress 2 Valve 20.07.2012 notwendig
TeamSpeak 3 Client TeamSpeak Systems GmbH 20.07.2012 3.0.8 notwendig
TeamViewer 7 TeamViewer 27.06.2012 7.0.12979 notwendig
TubeBox! Jens Lorek 17.08.2010 13,15MB 3.3.11 unbekannt
Update für Windows XP (KB943729) Microsoft Corporation 30.07.2009 notwendig
Update Manager for SweetPacks 1.0 unnötig
VLC media player 0.9.9 VideoLAN Team 07.08.2011 0.9.9 notwendig
Windows Live ID Sign-in Assistant Microsoft Corporation 13.01.2011 4,69MB 6.500.3165.0 unbekannt
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) Nokia 30.05.2010 10/12/2007 6.85.4.0 notwendig
WinZip 16.5 WinZip Computing, S.L. 11.09.2012 58,85MB 16.5.10095 notwendig
Xvid 1.2.2 final uninstall Xvid team (Koepi) 15.08.2009 1.2 notwendig

markusg · 04.10.2012, 14:01

teste obdu in den normalen modus kommst.

platinman · 04.10.2012, 14:11

Leider immernoch das Problem mit dem weißen Bildschirm.

markusg · 04.10.2012, 14:40

hmm, na gut da du ja gesagt hst, du wolltest zeit sparen machen wir neu
1. Datenrettung:

deaktiviere Autorun: http://www.trojaner-board.de/83238-a...sschalten.html
dann sichere Daten auf nen externen datenträger: http://www.trojaner-board.de/82533-d...ted-magic.html
Bilder, Dokumente, Musik Videos (persönliches) http://www.trojaner-board.de/71715-k...iendungen.html

2. Formatieren, Windows neu instalieren:

nutzt du eine Windows CD: http://www.trojaner-board.de/51262-a...sicherung.html
recovery cd oder recovery partition.
falls dies ein fertig pc ist, nenne hersteller + typ.
Keine Windows 7 DVD? http://www.trojaner-board.de/100776-...-download.html

3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.

platinman · 04.10.2012, 19:11

ok, dann werden wir es so machen.
werde mich heute abend dann mal hinsetzten und schonmal einen teil absichern.

vielen dank bis dato, ich melde mich dann wenn das system neu aufgesetzt ist.

Mein Problem:
Wie komme ich an die Daten des anderen Benutzers heran?

Er bringt mir nur die Meldung, dass ich auf die Dateien keine Zugriffsberechtigung habe. Somit kann ich sie aber auch schlecht absichern.

markusg · 05.10.2012, 16:44

versteh jetzt nicht welchen benutzer du meinst, bist du noch beim daten sichern? das sollst du ja über ubuntu machen und da benötigst du eig keine speziellen berechtigungen und kommst an alle daten

platinman · 07.10.2012, 12:59

Achso, sorry! Bei mir ist der Link (trotz das ich angemeldet war) nicht aufgegangen.
Habe es aber hinbekommen die wichtigen Daten zu speichern (über abgesicherten Modus) und habe jetzt Windows neu aufgesetzt.

Habe den USB-Stick mit dem Panda USB Scanner überprüft und da passt alles, also kann ich die Daten wieder zurückspielen?

Welche weiteren Punkte (außer die unter Punkt 3 erwähnten, gibt es jetzt noch zu erledigen?

04.10.2012, 14:01	#10
markusg /// Malware-holic	Mehrere Trojaner, Malware usw. aufgesammelt teste obdu in den normalen modus kommst. __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

Mehrere Trojaner, Malware usw. aufgesammelt

Plagegeister aller Art und deren Bekämpfung: Mehrere Trojaner, Malware usw. aufgesammelt