|
Plagegeister aller Art und deren Bekämpfung: Virus- Windows -XPWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
20.11.2012, 23:44 | #1 |
| Virus- Windows -XP Hallo, hab mir einen Virus eingefangen. Der Bildschirm bleibt weiß. Ich kann das Laptop nicht im abgesichtern Modus starten. Besitze ein Laptop mit Windows XP-System. Hab das Laptop mit der Reatogo-X-PE CD gebootet, hab Run Scan gedrückt. OTLPE hat eine OTL.txt Datei und eine Extra.txt erstellt. Ich hänge die beiden Dateien mal in den Anhang und hoffe auf weitere Anweisungen. Grüße. |
21.11.2012, 12:19 | #2 |
/// Malwareteam | Virus- Windows -XPMein Name ist Marius und ich werde dir bei deinem Problem helfen. Eines vorneweg: Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellste und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass dein Rechner clean ist. Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
Vista und Win7 User Alle Tools mit Rechtsklick --> "als Administrator ausführen" starten. Schritt 1: Fix mit OTLPE
Starte den Rechner im normalen Modus! Schritt 2: aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Schritt 3: Scan mit TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
24.11.2012, 16:57 | #3 |
| Virus- Windows -XP vielen,vielen Dank fuer deine Hilfe!!!
__________________Im Anhang die Datei |
26.11.2012, 07:36 | #4 |
/// Malwareteam | Virus- Windows -XP Fehlt noch das Log von TDSS-Killer
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
26.11.2012, 10:41 | #5 |
| Virus- Windows -XP Kann ich leider nicht anhängen, da die Datei zu groß ist :-( |
26.11.2012, 15:16 | #6 |
/// Malwareteam | Virus- Windows -XP Poste es in code-tags, das ist das Rautensymbol oben im Antwortfenster. [code]Hier das TDSS-Killer log[/code] Resultat: Code:
ATTFilter Hier das TDSS-Killer log
__________________ --> Virus- Windows -XP |
28.11.2012, 19:51 | #7 |
| Virus- Windows -XPCode:
ATTFilter 09:43:08.0187 2716 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 09:43:08.0625 2716 ============================================================ 09:43:08.0625 2716 Current date / time: 2012/11/24 09:43:08.0625 09:43:08.0625 2716 SystemInfo: 09:43:08.0625 2716 09:43:08.0625 2716 OS Version: 5.1.2600 ServicePack: 3.0 09:43:08.0625 2716 Product type: Workstation 09:43:08.0625 2716 ComputerName: WINXP-6005ED2CF 09:43:08.0656 2716 UserName: WinXP 09:43:08.0656 2716 Windows directory: C:\WINDOWS 09:43:08.0656 2716 System windows directory: C:\WINDOWS 09:43:08.0656 2716 Processor architecture: Intel x86 09:43:08.0656 2716 Number of processors: 2 09:43:08.0656 2716 Page size: 0x1000 09:43:08.0656 2716 Boot type: Normal boot 09:43:08.0656 2716 ============================================================ 09:43:11.0796 2716 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 09:43:11.0796 2716 ============================================================ 09:43:11.0796 2716 \Device\Harddisk0\DR0: 09:43:11.0796 2716 MBR partitions: 09:43:11.0796 2716 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1 09:43:11.0796 2716 ============================================================ 09:43:11.0875 2716 C: <-> \Device\Harddisk0\DR0\Partition1 09:43:11.0875 2716 ============================================================ 09:43:11.0875 2716 Initialize success 09:43:11.0875 2716 ============================================================ 09:43:15.0578 3352 ============================================================ 09:43:15.0578 3352 Scan started 09:43:15.0578 3352 Mode: Manual; 09:43:15.0578 3352 ============================================================ 09:43:18.0343 3352 ================ Scan system memory ======================== 09:43:18.0343 3352 System memory - ok 09:43:18.0343 3352 ================ Scan services ============================= 09:43:20.0156 3352 Abiosdsk - ok 09:43:20.0171 3352 abp480n5 - ok 09:43:20.0234 3352 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 09:43:20.0265 3352 ACPI - ok 09:43:20.0312 3352 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 09:43:20.0343 3352 ACPIEC - ok 09:43:20.0343 3352 adpu160m - ok 09:43:20.0406 3352 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 09:43:20.0437 3352 aec - ok 09:43:20.0515 3352 [ 7E775010EF291DA96AD17CA4B17137D7 ] AFD C:\WINDOWS\System32\drivers\afd.sys 09:43:20.0546 3352 AFD - ok 09:43:20.0562 3352 Aha154x - ok 09:43:20.0562 3352 aic78u2 - ok 09:43:20.0578 3352 aic78xx - ok 09:43:20.0640 3352 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 09:43:20.0640 3352 Alerter - ok 09:43:20.0687 3352 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 09:43:20.0718 3352 ALG - ok 09:43:20.0718 3352 AliIde - ok 09:43:20.0734 3352 amsint - ok 09:43:20.0750 3352 AppMgmt - ok 09:43:20.0796 3352 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 09:43:20.0812 3352 Arp1394 - ok 09:43:20.0812 3352 asc - ok 09:43:20.0828 3352 asc3350p - ok 09:43:20.0828 3352 asc3550 - ok 09:43:20.0890 3352 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 09:43:20.0906 3352 AsyncMac - ok 09:43:20.0968 3352 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 09:43:20.0968 3352 atapi - ok 09:43:20.0984 3352 Atdisk - ok 09:43:21.0078 3352 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 09:43:21.0093 3352 Atmarpc - ok 09:43:21.0187 3352 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 09:43:21.0203 3352 AudioSrv - ok 09:43:21.0312 3352 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 09:43:21.0359 3352 audstub - ok 09:43:24.0437 3352 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Programme\AVG\AVG2012\avgidsagent.exe 09:43:29.0968 3352 AVGIDSAgent - ok 09:43:30.0062 3352 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys 09:43:30.0078 3352 AVGIDSDriver - ok 09:43:30.0093 3352 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys 09:43:30.0109 3352 AVGIDSFilter - ok 09:43:30.0156 3352 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys 09:43:30.0171 3352 AVGIDSHX - ok 09:43:30.0203 3352 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys 09:43:30.0218 3352 AVGIDSShim - ok 09:43:30.0343 3352 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys 09:43:30.0390 3352 Avgldx86 - ok 09:43:30.0421 3352 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 09:43:30.0421 3352 Avgmfx86 - ok 09:43:30.0437 3352 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 09:43:30.0437 3352 Avgrkx86 - ok 09:43:30.0546 3352 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys 09:43:30.0625 3352 Avgtdix - ok 09:43:30.0687 3352 [ F809FCB3E7656E3B1CE0FF288689A853 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys 09:43:30.0687 3352 Suspicious file (Forged): C:\WINDOWS\system32\drivers\avgtpx86.sys. Real md5: F809FCB3E7656E3B1CE0FF288689A853, Fake md5: 4A0F19D926392115FE29EDF9CBB48BDC 09:43:30.0687 3352 avgtp ( ForgedFile.Multi.Generic ) - warning 09:43:30.0687 3352 avgtp - detected ForgedFile.Multi.Generic (1) 09:43:30.0765 3352 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Programme\AVG\AVG2012\avgwdsvc.exe 09:43:31.0718 3352 avgwd - ok 09:43:31.0812 3352 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys 09:43:31.0906 3352 b57w2k - ok 09:43:32.0687 3352 [ E9EA635B8432D68F0005B3F6CEBAB837 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 09:43:33.0578 3352 BCM43XX - ok 09:43:39.0828 3352 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 09:43:39.0859 3352 Beep - ok 09:43:41.0671 3352 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 09:43:42.0515 3352 BITS - ok 09:43:43.0828 3352 [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser C:\WINDOWS\System32\browser.dll 09:43:43.0906 3352 Browser - ok 09:43:44.0359 3352 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 09:43:44.0375 3352 cbidf2k - ok 09:43:46.0562 3352 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 09:43:46.0578 3352 CCDECODE - ok 09:43:46.0578 3352 cd20xrnt - ok 09:43:46.0687 3352 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 09:43:46.0718 3352 Cdaudio - ok 09:44:13.0062 3352 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 09:44:13.0140 3352 Cdfs - ok 09:44:19.0718 3352 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 09:44:19.0843 3352 Cdrom - ok 09:44:19.0843 3352 Changer - ok 09:44:20.0296 3352 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 09:44:20.0484 3352 CiSvc - ok 09:44:21.0078 3352 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 09:44:21.0203 3352 ClipSrv - ok 09:44:26.0968 3352 [ 7FA87325900183197BC9710D1CE4C9FA ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:44:27.0156 3352 clr_optimization_v2.0.50727_32 - ok 09:44:27.0406 3352 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 09:44:27.0421 3352 CmBatt - ok 09:44:27.0421 3352 CmdIde - ok 09:44:27.0687 3352 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 09:44:27.0718 3352 Compbatt - ok 09:44:27.0718 3352 COMSysApp - ok 09:44:27.0734 3352 Cpqarray - ok 09:44:27.0875 3352 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 09:44:27.0906 3352 CryptSvc - ok 09:44:27.0906 3352 dac2w2k - ok 09:44:27.0921 3352 dac960nt - ok 09:44:28.0359 3352 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 09:44:28.0687 3352 DcomLaunch - ok 09:44:28.0906 3352 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 09:44:28.0921 3352 Dhcp - ok 09:44:29.0031 3352 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 09:44:29.0078 3352 Disk - ok 09:44:29.0187 3352 [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys 09:44:29.0218 3352 DKbFltr - ok 09:44:29.0218 3352 dmadmin - ok 09:44:29.0750 3352 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 09:44:30.0406 3352 dmboot - ok 09:44:30.0484 3352 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 09:44:30.0515 3352 dmio - ok 09:44:30.0531 3352 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 09:44:30.0546 3352 dmload - ok 09:44:30.0593 3352 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 09:44:30.0609 3352 dmserver - ok 09:44:30.0671 3352 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 09:44:30.0671 3352 DMusic - ok 09:44:30.0734 3352 [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 09:44:30.0750 3352 Dnscache - ok 09:44:30.0875 3352 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 09:44:30.0890 3352 Dot3svc - ok 09:44:30.0906 3352 dpti2o - ok 09:44:30.0968 3352 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 09:44:31.0000 3352 drmkaud - ok 09:44:31.0046 3352 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 09:44:31.0078 3352 EapHost - ok 09:44:31.0156 3352 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 09:44:31.0171 3352 ERSvc - ok 09:44:31.0468 3352 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 09:44:31.0484 3352 Eventlog - ok 09:44:31.0562 3352 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 09:44:31.0625 3352 EventSystem - ok 09:44:31.0718 3352 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 09:44:31.0750 3352 Fastfat - ok 09:44:31.0875 3352 [ 40602EBFBE06AA075C8E4560743F6883 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 09:44:32.0000 3352 FastUserSwitchingCompatibility - ok 09:44:32.0046 3352 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 09:44:32.0078 3352 Fdc - ok 09:44:32.0109 3352 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 09:44:32.0140 3352 Fips - ok 09:44:32.0171 3352 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 09:44:32.0171 3352 Flpydisk - ok 09:44:32.0296 3352 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys 09:44:32.0328 3352 FltMgr - ok 09:44:32.0703 3352 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 09:44:32.0765 3352 FontCache3.0.0.0 - ok 09:44:32.0937 3352 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 09:44:32.0953 3352 Fs_Rec - ok 09:44:33.0093 3352 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 09:44:33.0109 3352 Ftdisk - ok 09:44:33.0218 3352 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 09:44:33.0234 3352 Gpc - ok 09:44:33.0312 3352 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 09:44:33.0359 3352 HDAudBus - ok 09:44:33.0500 3352 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 09:44:33.0531 3352 helpsvc - ok 09:44:33.0531 3352 HidServ - ok 09:44:33.0578 3352 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 09:44:33.0609 3352 HidUsb - ok 09:44:33.0656 3352 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 09:44:33.0671 3352 hkmsvc - ok 09:44:33.0671 3352 hpn - ok 09:44:33.0812 3352 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys 09:44:33.0859 3352 HSFHWAZL - ok 09:44:34.0343 3352 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 09:44:35.0109 3352 HSF_DPV - ok 09:44:35.0296 3352 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 09:44:35.0375 3352 HTTP - ok 09:44:35.0421 3352 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 09:44:35.0437 3352 HTTPFilter - ok 09:44:35.0453 3352 i2omgmt - ok 09:44:35.0453 3352 i2omp - ok 09:44:35.0531 3352 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 09:44:35.0562 3352 i8042prt - ok 09:44:38.0812 3352 [ 28423512370705AEDA6A652FEDB25468 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 09:44:43.0562 3352 ialm - ok 09:44:43.0593 3352 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 09:44:43.0625 3352 Imapi - ok 09:44:43.0703 3352 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 09:44:43.0781 3352 ImapiService - ok 09:44:43.0796 3352 ini910u - ok 09:44:46.0125 3352 [ B45A576AD280DD4F605F58B24CDAAFE1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 09:44:49.0062 3352 IntcAzAudAddService - ok 09:44:49.0078 3352 IntelIde - ok 09:44:49.0125 3352 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 09:44:49.0140 3352 intelppm - ok 09:44:49.0203 3352 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 09:44:49.0218 3352 Ip6Fw - ok 09:44:49.0250 3352 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 09:44:49.0265 3352 IpFilterDriver - ok 09:44:49.0296 3352 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 09:44:49.0296 3352 IpInIp - ok 09:44:49.0343 3352 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 09:44:49.0343 3352 IpNat - ok 09:44:49.0453 3352 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 09:44:49.0468 3352 IPSec - ok 09:44:49.0531 3352 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys 09:44:49.0546 3352 irda - ok 09:44:49.0609 3352 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 09:44:49.0625 3352 IRENUM - ok 09:44:49.0796 3352 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll 09:44:49.0812 3352 Irmon - ok 09:44:50.0031 3352 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 09:44:50.0062 3352 isapnp - ok 09:44:51.0859 3352 [ 9AE07549A0D691A103FAF8946554BDB7 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe 09:44:52.0781 3352 JavaQuickStarterService - ok 09:44:52.0921 3352 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 09:44:52.0953 3352 Kbdclass - ok 09:44:52.0984 3352 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 09:44:53.0031 3352 kmixer - ok 09:44:53.0125 3352 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 09:44:53.0171 3352 KSecDD - ok 09:44:53.0265 3352 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll 09:44:53.0328 3352 LanmanServer - ok 09:44:53.0421 3352 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 09:44:53.0515 3352 lanmanworkstation - ok 09:44:53.0531 3352 lbrtfdc - ok 09:44:53.0578 3352 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 09:44:53.0609 3352 LmHosts - ok 09:44:53.0765 3352 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe 09:44:55.0593 3352 McComponentHostService - ok 09:45:00.0640 3352 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 09:45:00.0687 3352 mdmxsdk - ok 09:45:01.0359 3352 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 09:45:01.0375 3352 Messenger - ok 09:45:03.0750 3352 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 09:45:03.0859 3352 mnmdd - ok 09:45:04.0062 3352 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 09:45:04.0078 3352 mnmsrvc - ok 09:45:04.0109 3352 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 09:45:04.0109 3352 Modem - ok 09:45:04.0156 3352 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 09:45:04.0156 3352 Mouclass - ok 09:45:04.0203 3352 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 09:45:04.0234 3352 mouhid - ok 09:45:04.0265 3352 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 09:45:04.0281 3352 MountMgr - ok 09:45:04.0281 3352 mraid35x - ok 09:45:04.0468 3352 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 09:45:04.0546 3352 MRxDAV - ok 09:45:04.0781 3352 [ F3AEFB11ABC521122B67095044169E98 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 09:45:05.0250 3352 MRxSmb - ok 09:45:05.0343 3352 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 09:45:05.0359 3352 MSDTC - ok 09:45:05.0421 3352 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 09:45:05.0421 3352 Msfs - ok 09:45:05.0437 3352 MSIServer - ok 09:45:05.0484 3352 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 09:45:05.0500 3352 MSKSSRV - ok 09:45:05.0578 3352 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 09:45:05.0578 3352 MSPCLOCK - ok 09:45:05.0968 3352 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 09:45:06.0000 3352 MSPQM - ok 09:45:06.0500 3352 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 09:45:06.0515 3352 mssmbios - ok 09:45:06.0531 3352 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 09:45:06.0546 3352 MSTEE - ok 09:45:06.0562 3352 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 09:45:06.0609 3352 Mup - ok 09:45:06.0625 3352 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 09:45:06.0640 3352 NABTSFEC - ok 09:45:06.0671 3352 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 09:45:06.0703 3352 napagent - ok 09:45:07.0281 3352 [ 0D01287D85B3715FA8270E8EC919B7F7 ] NBService C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe 09:45:09.0171 3352 NBService - ok 09:45:09.0218 3352 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 09:45:09.0218 3352 NDIS - ok 09:45:09.0265 3352 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 09:45:09.0281 3352 NdisIP - ok 09:45:09.0312 3352 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 09:45:09.0328 3352 NdisTapi - ok 09:45:09.0375 3352 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 09:45:09.0390 3352 Ndisuio - ok 09:45:09.0406 3352 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 09:45:09.0453 3352 NdisWan - ok 09:45:10.0171 3352 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 09:45:10.0203 3352 NDProxy - ok 09:45:10.0265 3352 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 09:45:10.0281 3352 NetBIOS - ok 09:45:10.0312 3352 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 09:45:10.0359 3352 NetBT - ok 09:45:10.0390 3352 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 09:45:10.0421 3352 NetDDE - ok 09:45:10.0437 3352 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 09:45:10.0437 3352 NetDDEdsdm - ok 09:45:10.0531 3352 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 09:45:10.0531 3352 Netlogon - ok 09:45:10.0546 3352 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 09:45:10.0562 3352 Netman - ok 09:45:10.0578 3352 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 09:45:10.0578 3352 NIC1394 - ok 09:45:10.0625 3352 [ ACD8BD448A74F344D46FCAF21BAB92AF ] Nla C:\WINDOWS\System32\mswsock.dll 09:45:10.0734 3352 Nla - ok 09:45:11.0312 3352 [ C4EBBBD7165BE535F0BFD06B80601D91 ] NMIndexingService C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe 09:45:13.0843 3352 NMIndexingService - ok 09:45:14.0375 3352 [ C82F4CC10AD315B6D6BCB14D0A7CAD66 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys 09:45:14.0390 3352 nmwcd - ok 09:45:14.0437 3352 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 09:45:14.0437 3352 Npfs - ok 09:45:14.0500 3352 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys 09:45:14.0515 3352 NSCIRDA - ok 09:45:14.0656 3352 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 09:45:15.0046 3352 Ntfs - ok 09:45:15.0093 3352 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 09:45:15.0109 3352 NtLmSsp - ok 09:45:15.0234 3352 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 09:45:15.0484 3352 NtmsSvc - ok 09:45:15.0515 3352 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 09:45:15.0546 3352 Null - ok 09:45:15.0609 3352 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 09:45:15.0640 3352 NwlnkFlt - ok 09:45:15.0687 3352 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 09:45:15.0703 3352 NwlnkFwd - ok 09:45:15.0734 3352 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 09:45:15.0765 3352 ohci1394 - ok 09:45:15.0875 3352 [ 3F24EAEB165328E00D687BF3B60A448A ] PAC207 C:\WINDOWS\system32\DRIVERS\pfc027.sys 09:45:16.0031 3352 PAC207 - ok 09:45:16.0078 3352 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys 09:45:16.0109 3352 Parport - ok 09:45:16.0140 3352 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 09:45:16.0156 3352 PartMgr - ok 09:45:16.0218 3352 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 09:45:16.0234 3352 ParVdm - ok 09:45:16.0375 3352 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 09:45:16.0390 3352 PCI - ok 09:45:16.0406 3352 PCIDump - ok 09:45:16.0453 3352 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 09:45:16.0468 3352 PCIIde - ok 09:45:16.0750 3352 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 09:45:16.0796 3352 Pcmcia - ok 09:45:16.0796 3352 PDCOMP - ok 09:45:16.0812 3352 PDFRAME - ok 09:45:16.0812 3352 PDRELI - ok 09:45:16.0828 3352 PDRFRAME - ok 09:45:16.0843 3352 perc2 - ok 09:45:16.0859 3352 perc2hib - ok 09:45:16.0906 3352 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 09:45:16.0906 3352 PlugPlay - ok 09:45:16.0937 3352 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 09:45:16.0953 3352 PolicyAgent - ok 09:45:16.0984 3352 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 09:45:17.0000 3352 PptpMiniport - ok 09:45:17.0015 3352 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 09:45:17.0015 3352 ProtectedStorage - ok 09:45:17.0125 3352 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 09:45:17.0140 3352 PSched - ok 09:45:17.0171 3352 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 09:45:17.0187 3352 Ptilink - ok 09:45:17.0296 3352 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 09:45:17.0328 3352 PxHelp20 - ok 09:45:17.0328 3352 ql1080 - ok 09:45:17.0343 3352 Ql10wnt - ok 09:45:17.0343 3352 ql12160 - ok 09:45:17.0359 3352 ql1240 - ok 09:45:17.0375 3352 ql1280 - ok 09:45:17.0421 3352 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 09:45:17.0437 3352 RasAcd - ok 09:45:17.0484 3352 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 09:45:17.0500 3352 RasAuto - ok 09:45:17.0531 3352 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys 09:45:17.0562 3352 Rasirda - ok 09:45:17.0609 3352 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 09:45:17.0625 3352 Rasl2tp - ok 09:45:17.0703 3352 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 09:45:17.0750 3352 RasMan - ok 09:45:17.0796 3352 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 09:45:17.0828 3352 RasPppoe - ok 09:45:17.0875 3352 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 09:45:17.0906 3352 Raspti - ok 09:45:18.0375 3352 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 09:45:18.0437 3352 Rdbss - ok 09:45:18.0875 3352 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 09:45:18.0890 3352 RDPCDD - ok 09:45:19.0781 3352 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 09:45:19.0828 3352 RDPWD - ok 09:45:19.0906 3352 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 09:45:19.0906 3352 RDSessMgr - ok 09:45:19.0968 3352 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 09:45:19.0968 3352 redbook - ok 09:45:20.0046 3352 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 09:45:20.0062 3352 RemoteAccess - ok 09:45:20.0312 3352 [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo C:\Programme\CyberLink\Shared Files\RichVideo.exe 09:45:27.0328 3352 RichVideo - ok 09:45:28.0296 3352 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 09:45:28.0406 3352 RpcLocator - ok 09:45:29.0453 3352 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll 09:45:29.0453 3352 RpcSs - ok 09:45:29.0890 3352 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 09:45:29.0937 3352 RSVP - ok 09:45:30.0000 3352 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 09:45:30.0000 3352 SamSs - ok 09:45:30.0593 3352 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 09:45:30.0640 3352 SCardSvr - ok 09:45:31.0390 3352 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 09:45:31.0546 3352 Schedule - ok 09:45:40.0734 3352 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys 09:45:40.0781 3352 sdbus - ok 09:45:41.0921 3352 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 09:45:41.0937 3352 Secdrv - ok 09:45:43.0546 3352 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 09:45:43.0578 3352 seclogon - ok 09:45:44.0296 3352 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 09:45:44.0312 3352 SENS - ok 09:45:44.0765 3352 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys 09:45:44.0781 3352 Serial - ok 09:45:46.0125 3352 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys 09:45:46.0156 3352 sffdisk - ok 09:45:46.0218 3352 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys 09:45:46.0265 3352 sffp_sd - ok 09:45:46.0593 3352 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 09:45:46.0625 3352 Sfloppy - ok 09:45:46.0734 3352 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 09:45:46.0937 3352 SharedAccess - ok 09:45:47.0046 3352 [ 40602EBFBE06AA075C8E4560743F6883 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 09:45:47.0046 3352 ShellHWDetection - ok 09:45:47.0046 3352 Simbad - ok 09:45:47.0562 3352 [ 68EA68D03BF58389FE6AD2B38FAD798C ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 09:45:48.0078 3352 SkypeUpdate - ok 09:45:48.0296 3352 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 09:45:48.0343 3352 SLIP - ok 09:45:48.0343 3352 Sparrow - ok 09:45:48.0546 3352 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 09:45:48.0562 3352 splitter - ok 09:45:48.0671 3352 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 09:45:48.0734 3352 Spooler - ok 09:45:48.0859 3352 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 09:45:48.0921 3352 sr - ok 09:45:49.0171 3352 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 09:45:49.0250 3352 srservice - ok 09:45:51.0218 3352 [ 0F6AEFAD3641A657E18081F52D0C15AF ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 09:45:51.0281 3352 Srv - ok 09:45:51.0765 3352 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 09:45:51.0812 3352 SSDPSRV - ok 09:45:52.0375 3352 [ ED78DFAD8EFCDFBC89500492C4D14645 ] STI Simulator C:\WINDOWS\System32\PAStiSvc.exe 09:45:52.0375 3352 STI Simulator - ok 09:45:52.0578 3352 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 09:45:52.0671 3352 stisvc - ok 09:45:52.0703 3352 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 09:45:52.0718 3352 streamip - ok 09:45:52.0750 3352 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 09:45:52.0765 3352 swenum - ok 09:45:52.0796 3352 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 09:45:52.0828 3352 swmidi - ok 09:45:52.0828 3352 SwPrv - ok 09:45:52.0843 3352 symc810 - ok 09:45:52.0843 3352 symc8xx - ok 09:45:52.0859 3352 sym_hi - ok 09:45:52.0859 3352 sym_u3 - ok 09:45:53.0812 3352 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 09:45:53.0828 3352 sysaudio - ok 09:45:54.0000 3352 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 09:45:54.0031 3352 SysmonLog - ok 09:45:54.0140 3352 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 09:45:54.0375 3352 TapiSrv - ok 09:45:55.0609 3352 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 09:45:55.0875 3352 Tcpip - ok 09:45:55.0921 3352 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 09:45:56.0000 3352 TDPIPE - ok 09:45:56.0031 3352 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 09:45:56.0046 3352 TDTCP - ok 09:45:56.0421 3352 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 09:45:56.0437 3352 TermDD - ok 09:45:56.0875 3352 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 09:45:57.0015 3352 TermService - ok 09:45:57.0265 3352 [ 40602EBFBE06AA075C8E4560743F6883 ] Themes C:\WINDOWS\System32\shsvcs.dll 09:45:57.0281 3352 Themes - ok 09:45:57.0390 3352 [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys 09:45:57.0640 3352 tifm21 - ok 09:45:57.0640 3352 TosIde - ok 09:45:57.0828 3352 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 09:45:57.0890 3352 TrkWks - ok 09:45:58.0078 3352 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 09:45:58.0171 3352 Udfs - ok 09:45:58.0203 3352 UIUSys - ok 09:45:58.0218 3352 ultra - ok 09:45:58.0453 3352 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 09:45:58.0671 3352 Update - ok 09:45:58.0718 3352 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 09:45:58.0734 3352 upnphost - ok 09:45:58.0765 3352 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 09:45:58.0796 3352 UPS - ok 09:45:58.0859 3352 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 09:45:58.0875 3352 usbehci - ok 09:45:58.0921 3352 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 09:45:58.0953 3352 usbhub - ok 09:45:58.0984 3352 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 09:45:59.0031 3352 usbscan - ok 09:45:59.0093 3352 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 09:45:59.0109 3352 USBSTOR - ok 09:45:59.0156 3352 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 09:45:59.0187 3352 usbuhci - ok 09:45:59.0218 3352 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 09:45:59.0250 3352 VgaSave - ok 09:45:59.0250 3352 ViaIde - ok 09:45:59.0328 3352 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 09:45:59.0359 3352 VolSnap - ok 09:45:59.0546 3352 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 09:45:59.0703 3352 VSS - ok 09:46:00.0625 3352 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe 09:46:07.0390 3352 vToolbarUpdater13.2.0 - ok 09:46:09.0484 3352 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 09:46:09.0671 3352 W32Time - ok 09:46:09.0734 3352 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 09:46:09.0781 3352 Wanarp - ok 09:46:10.0125 3352 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 09:46:10.0500 3352 Wdf01000 - ok 09:46:10.0515 3352 WDICA - ok 09:46:10.0750 3352 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 09:46:10.0750 3352 wdmaud - ok 09:46:10.0781 3352 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 09:46:10.0781 3352 WebClient - ok 09:46:11.0187 3352 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 09:46:11.0546 3352 winachsf - ok 09:46:11.0875 3352 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 09:46:14.0500 3352 winmgmt - ok 09:46:21.0843 3352 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 09:46:21.0875 3352 WmdmPmSN - ok 09:46:22.0593 3352 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 09:46:22.0609 3352 WmiAcpi - ok 09:46:22.0671 3352 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 09:46:25.0390 3352 WmiApSrv - ok 09:46:29.0140 3352 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 09:46:31.0703 3352 WMPNetworkSvc - ok 09:46:31.0750 3352 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys 09:46:31.0750 3352 WpdUsb - ok 09:46:31.0796 3352 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 09:46:31.0828 3352 wscsvc - ok 09:46:31.0875 3352 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 09:46:31.0875 3352 WSTCODEC - ok 09:46:31.0953 3352 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 09:46:31.0968 3352 wuauserv - ok 09:46:32.0046 3352 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 09:46:32.0062 3352 WudfPf - ok 09:46:32.0156 3352 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 09:46:32.0187 3352 WudfRd - ok 09:46:32.0203 3352 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 09:46:32.0218 3352 WudfSvc - ok 09:46:32.0796 3352 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 09:46:33.0218 3352 WZCSVC - ok 09:46:33.0453 3352 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 09:46:33.0546 3352 xmlprov - ok 09:46:33.0562 3352 ================ Scan global =============================== 09:46:33.0703 3352 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 09:46:33.0812 3352 [ E9B93B97B1A2965144361F4FD8BD2BEF ] C:\WINDOWS\system32\winsrv.dll 09:46:35.0218 3352 [ E9B93B97B1A2965144361F4FD8BD2BEF ] C:\WINDOWS\system32\winsrv.dll 09:46:36.0312 3352 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 09:46:36.0312 3352 [Global] - ok 09:46:36.0312 3352 ================ Scan MBR ================================== 09:46:36.0359 3352 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 09:46:49.0671 3352 \Device\Harddisk0\DR0 - ok 09:46:49.0671 3352 ================ Scan VBR ================================== 09:46:49.0703 3352 [ F98956A5DE3C95D4C26C756CA1365B25 ] \Device\Harddisk0\DR0\Partition1 09:46:49.0765 3352 \Device\Harddisk0\DR0\Partition1 - ok 09:46:49.0765 3352 ============================================================ 09:46:49.0765 3352 Scan finished 09:46:49.0765 3352 ============================================================ 09:46:49.0781 1844 Detected object count: 1 09:46:49.0781 1844 Actual detected object count: 1 09:47:26.0218 1844 avgtp ( ForgedFile.Multi.Generic ) - skipped by user 09:47:26.0218 1844 avgtp ( ForgedFile.Multi.Generic ) - User select action: Skip 09:47:31.0281 1928 ============================================================ 09:47:31.0281 1928 Scan started 09:47:31.0281 1928 Mode: Manual; 09:47:31.0281 1928 ============================================================ 09:47:41.0328 1928 ================ Scan system memory ======================== 09:47:41.0328 1928 System memory - ok 09:47:41.0328 1928 ================ Scan services ============================= 09:48:07.0328 1928 Abiosdsk - ok 09:48:07.0328 1928 abp480n5 - ok 09:48:08.0671 1928 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 09:48:08.0875 1928 ACPI - ok 09:48:19.0203 1928 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 09:48:19.0281 1928 ACPIEC - ok 09:48:19.0281 1928 adpu160m - ok 09:48:21.0125 1928 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 09:48:21.0296 1928 aec - ok 09:48:21.0734 1928 [ 7E775010EF291DA96AD17CA4B17137D7 ] AFD C:\WINDOWS\System32\drivers\afd.sys 09:48:21.0875 1928 AFD - ok 09:48:21.0890 1928 Aha154x - ok 09:48:21.0890 1928 aic78u2 - ok 09:48:21.0890 1928 aic78xx - ok 09:48:21.0953 1928 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 09:48:21.0984 1928 Alerter - ok 09:48:22.0234 1928 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 09:48:22.0265 1928 ALG - ok 09:48:22.0281 1928 AliIde - ok 09:48:22.0281 1928 amsint - ok 09:48:22.0296 1928 AppMgmt - ok 09:48:22.0500 1928 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 09:48:22.0531 1928 Arp1394 - ok 09:48:22.0546 1928 asc - ok 09:48:22.0546 1928 asc3350p - ok 09:48:22.0562 1928 asc3550 - ok 09:48:22.0765 1928 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 09:48:22.0781 1928 AsyncMac - ok 09:48:22.0859 1928 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 09:48:22.0890 1928 atapi - ok 09:48:22.0906 1928 Atdisk - ok 09:48:22.0968 1928 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 09:48:22.0968 1928 Atmarpc - ok 09:48:22.0984 1928 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 09:48:23.0031 1928 AudioSrv - ok 09:48:23.0281 1928 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 09:48:23.0296 1928 audstub - ok 09:48:39.0734 1928 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Programme\AVG\AVG2012\avgidsagent.exe 09:48:39.0781 1928 AVGIDSAgent - ok 09:48:39.0828 1928 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys 09:48:39.0875 1928 AVGIDSDriver - ok 09:48:40.0015 1928 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys 09:48:40.0046 1928 AVGIDSFilter - ok 09:48:40.0156 1928 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys 09:48:40.0187 1928 AVGIDSHX - ok 09:48:40.0265 1928 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys 09:48:40.0281 1928 AVGIDSShim - ok 09:48:40.0437 1928 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys 09:48:40.0562 1928 Avgldx86 - ok 09:48:40.0750 1928 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 09:48:40.0765 1928 Avgmfx86 - ok 09:48:40.0828 1928 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 09:48:40.0859 1928 Avgrkx86 - ok 09:48:41.0156 1928 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys 09:48:41.0187 1928 Avgtdix - ok 09:48:41.0250 1928 [ F809FCB3E7656E3B1CE0FF288689A853 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys 09:48:41.0250 1928 Suspicious file (Forged): C:\WINDOWS\system32\drivers\avgtpx86.sys. Real md5: F809FCB3E7656E3B1CE0FF288689A853, Fake md5: 4A0F19D926392115FE29EDF9CBB48BDC 09:48:41.0250 1928 avgtp ( ForgedFile.Multi.Generic ) - warning 09:48:41.0250 1928 avgtp - detected ForgedFile.Multi.Generic (1) 09:48:41.0328 1928 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Programme\AVG\AVG2012\avgwdsvc.exe 09:48:41.0343 1928 avgwd - ok 09:48:41.0406 1928 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys 09:48:41.0437 1928 b57w2k - ok 09:48:41.0968 1928 [ E9EA635B8432D68F0005B3F6CEBAB837 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 09:48:42.0609 1928 BCM43XX - ok 09:48:43.0390 1928 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 09:48:43.0390 1928 Beep - ok 09:48:43.0656 1928 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 09:48:43.0812 1928 BITS - ok 09:48:44.0593 1928 [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser C:\WINDOWS\System32\browser.dll 09:48:44.0609 1928 Browser - ok 09:48:46.0656 1928 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 09:48:46.0687 1928 cbidf2k - ok 09:48:48.0656 1928 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 09:48:48.0687 1928 CCDECODE - ok 09:48:48.0687 1928 cd20xrnt - ok 09:48:48.0765 1928 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 09:48:48.0781 1928 Cdaudio - ok 09:48:48.0890 1928 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 09:48:48.0906 1928 Cdfs - ok 09:48:49.0046 1928 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 09:48:49.0062 1928 Cdrom - ok 09:48:49.0078 1928 Changer - ok 09:48:50.0078 1928 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 09:48:50.0109 1928 CiSvc - ok 09:48:50.0343 1928 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 09:48:50.0359 1928 ClipSrv - ok 09:48:59.0562 1928 [ 7FA87325900183197BC9710D1CE4C9FA ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:48:59.0625 1928 clr_optimization_v2.0.50727_32 - ok 09:48:59.0718 1928 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 09:48:59.0734 1928 CmBatt - ok 09:48:59.0750 1928 CmdIde - ok 09:48:59.0781 1928 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 09:48:59.0781 1928 Compbatt - ok 09:48:59.0781 1928 COMSysApp - ok 09:48:59.0796 1928 Cpqarray - ok 09:48:59.0859 1928 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 09:48:59.0875 1928 CryptSvc - ok 09:48:59.0875 1928 dac2w2k - ok 09:48:59.0875 1928 dac960nt - ok 09:49:00.0359 1928 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 09:49:00.0687 1928 DcomLaunch - ok 09:49:00.0843 1928 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 09:49:00.0890 1928 Dhcp - ok 09:49:01.0062 1928 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 09:49:01.0093 1928 Disk - ok 09:49:01.0140 1928 [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys 09:49:01.0171 1928 DKbFltr - ok 09:49:01.0187 1928 dmadmin - ok 09:49:01.0609 1928 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 09:49:02.0250 1928 dmboot - ok 09:49:02.0562 1928 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 09:49:02.0718 1928 dmio - ok 09:49:02.0906 1928 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 09:49:02.0921 1928 dmload - ok 09:49:03.0015 1928 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 09:49:03.0031 1928 dmserver - ok 09:49:03.0578 1928 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 09:49:03.0609 1928 DMusic - ok 09:49:03.0703 1928 [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 09:49:03.0750 1928 Dnscache - ok 09:49:03.0921 1928 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 09:49:03.0937 1928 Dot3svc - ok 09:49:03.0937 1928 dpti2o - ok 09:49:04.0031 1928 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 09:49:04.0046 1928 drmkaud - ok 09:49:04.0140 1928 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 09:49:04.0156 1928 EapHost - ok 09:49:04.0218 1928 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 09:49:04.0218 1928 ERSvc - ok 09:49:04.0312 1928 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 09:49:04.0343 1928 Eventlog - ok 09:49:04.0406 1928 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 09:49:04.0421 1928 EventSystem - ok 09:49:04.0531 1928 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 09:49:04.0656 1928 Fastfat - ok 09:49:04.0781 1928 [ 40602EBFBE06AA075C8E4560743F6883 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 09:49:04.0796 1928 FastUserSwitchingCompatibility - ok 09:49:04.0828 1928 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 09:49:04.0828 1928 Fdc - ok 09:49:04.0843 1928 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 09:49:04.0843 1928 Fips - ok 09:49:04.0875 1928 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 09:49:04.0875 1928 Flpydisk - ok 09:49:04.0921 1928 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys 09:49:04.0921 1928 FltMgr - ok 09:49:05.0031 1928 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 09:49:05.0062 1928 FontCache3.0.0.0 - ok 09:49:05.0062 1928 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 09:49:05.0062 1928 Fs_Rec - ok 09:49:05.0109 1928 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 09:49:05.0109 1928 Ftdisk - ok 09:49:05.0171 1928 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 09:49:05.0171 1928 Gpc - ok 09:49:05.0218 1928 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 09:49:05.0250 1928 HDAudBus - ok 09:49:05.0296 1928 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 09:49:05.0296 1928 helpsvc - ok 09:49:05.0312 1928 HidServ - ok 09:49:05.0375 1928 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 09:49:05.0375 1928 HidUsb - ok 09:49:05.0406 1928 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 09:49:05.0406 1928 hkmsvc - ok 09:49:05.0421 1928 hpn - ok 09:49:05.0531 1928 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys 09:49:05.0562 1928 HSFHWAZL - ok 09:49:05.0640 1928 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 09:49:06.0359 1928 HSF_DPV - ok 09:49:06.0421 1928 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 09:49:06.0453 1928 HTTP - ok 09:49:06.0484 1928 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 09:49:06.0500 1928 HTTPFilter - ok 09:49:06.0500 1928 i2omgmt - ok 09:49:06.0515 1928 i2omp - ok 09:49:06.0578 1928 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 09:49:06.0593 1928 i8042prt - ok 09:49:07.0375 1928 [ 28423512370705AEDA6A652FEDB25468 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 09:49:08.0109 1928 ialm - ok 09:49:08.0156 1928 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 09:49:08.0156 1928 Imapi - ok 09:49:08.0250 1928 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 09:49:08.0390 1928 ImapiService - ok 09:49:08.0406 1928 ini910u - ok 09:49:08.0812 1928 [ B45A576AD280DD4F605F58B24CDAAFE1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 09:49:10.0484 1928 IntcAzAudAddService - ok 09:49:10.0484 1928 IntelIde - ok 09:49:10.0546 1928 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 09:49:10.0562 1928 intelppm - ok 09:49:10.0593 1928 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 09:49:10.0593 1928 Ip6Fw - ok 09:49:10.0671 1928 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 09:49:10.0671 1928 IpFilterDriver - ok 09:49:10.0671 1928 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 09:49:10.0687 1928 IpInIp - ok 09:49:10.0718 1928 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 09:49:10.0718 1928 IpNat - ok 09:49:10.0765 1928 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 09:49:10.0765 1928 IPSec - ok 09:49:10.0812 1928 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys 09:49:10.0812 1928 irda - ok 09:49:10.0968 1928 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 09:49:10.0984 1928 IRENUM - ok 09:49:11.0000 1928 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll 09:49:11.0015 1928 Irmon - ok 09:49:11.0078 1928 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 09:49:11.0093 1928 isapnp - ok 09:49:11.0375 1928 [ 9AE07549A0D691A103FAF8946554BDB7 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe 09:49:11.0375 1928 JavaQuickStarterService - ok 09:49:11.0453 1928 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 09:49:11.0484 1928 Kbdclass - ok 09:49:11.0625 1928 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 09:49:11.0750 1928 kmixer - ok 09:49:11.0828 1928 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 09:49:11.0859 1928 KSecDD - ok 09:49:11.0906 1928 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll 09:49:11.0921 1928 LanmanServer - ok 09:49:12.0000 1928 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 09:49:12.0125 1928 lanmanworkstation - ok 09:49:12.0125 1928 lbrtfdc - ok 09:49:12.0171 1928 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 09:49:12.0187 1928 LmHosts - ok 09:49:12.0265 1928 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe 09:49:12.0281 1928 McComponentHostService - ok 09:49:12.0343 1928 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 09:49:12.0390 1928 mdmxsdk - ok 09:49:12.0468 1928 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 09:49:12.0500 1928 Messenger - ok 09:49:12.0546 1928 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 09:49:12.0546 1928 mnmdd - ok 09:49:13.0140 1928 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 09:49:13.0156 1928 mnmsrvc - ok 09:49:13.0171 1928 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 09:49:13.0171 1928 Modem - ok 09:49:13.0187 1928 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 09:49:13.0187 1928 Mouclass - ok 09:49:13.0234 1928 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 09:49:13.0234 1928 mouhid - ok 09:49:13.0265 1928 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 09:49:13.0265 1928 MountMgr - ok 09:49:13.0265 1928 mraid35x - ok 09:49:13.0281 1928 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 09:49:13.0281 1928 MRxDAV - ok 09:49:13.0359 1928 [ F3AEFB11ABC521122B67095044169E98 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 09:49:13.0375 1928 MRxSmb - ok 09:49:13.0437 1928 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 09:49:13.0437 1928 MSDTC - ok 09:49:13.0468 1928 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 09:49:13.0468 1928 Msfs - ok 09:49:13.0468 1928 MSIServer - ok 09:49:13.0515 1928 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 09:49:13.0531 1928 MSKSSRV - ok 09:49:13.0578 1928 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 09:49:13.0593 1928 MSPCLOCK - ok 09:49:13.0593 1928 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 09:49:13.0609 1928 MSPQM - ok 09:49:13.0640 1928 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 09:49:13.0640 1928 mssmbios - ok 09:49:13.0718 1928 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 09:49:13.0718 1928 MSTEE - ok 09:49:13.0734 1928 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 09:49:13.0734 1928 Mup - ok 09:49:13.0765 1928 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 09:49:13.0765 1928 NABTSFEC - ok 09:49:13.0812 1928 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 09:49:13.0828 1928 napagent - ok 09:49:14.0406 1928 [ 0D01287D85B3715FA8270E8EC919B7F7 ] NBService C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe 09:49:14.0421 1928 NBService - ok 09:49:14.0453 1928 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 09:49:14.0453 1928 NDIS - ok 09:49:14.0468 1928 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 09:49:14.0468 1928 NdisIP - ok 09:49:14.0531 1928 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 09:49:14.0546 1928 NdisTapi - ok 09:49:14.0593 1928 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 09:49:14.0609 1928 Ndisuio - ok 09:49:14.0656 1928 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 09:49:14.0703 1928 NdisWan - ok 09:49:19.0296 1928 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 09:49:19.0312 1928 NDProxy - ok 09:49:19.0328 1928 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 09:49:19.0343 1928 NetBIOS - ok 09:49:19.0359 1928 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 09:49:19.0375 1928 NetBT - ok 09:49:19.0453 1928 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 09:49:19.0468 1928 NetDDE - ok 09:49:19.0468 1928 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 09:49:19.0468 1928 NetDDEdsdm - ok 09:49:19.0484 1928 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 09:49:19.0484 1928 Netlogon - ok 09:49:19.0515 1928 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 09:49:19.0609 1928 Netman - ok 09:49:19.0671 1928 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 09:49:19.0671 1928 NIC1394 - ok 09:49:19.0765 1928 [ ACD8BD448A74F344D46FCAF21BAB92AF ] Nla C:\WINDOWS\System32\mswsock.dll 09:49:19.0937 1928 Nla - ok 09:49:21.0375 1928 [ C4EBBBD7165BE535F0BFD06B80601D91 ] NMIndexingService C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe 09:49:21.0406 1928 NMIndexingService - ok 09:49:22.0953 1928 [ C82F4CC10AD315B6D6BCB14D0A7CAD66 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys 09:49:22.0968 1928 nmwcd - ok 09:49:23.0015 1928 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 09:49:23.0015 1928 Npfs - ok 09:49:23.0062 1928 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys 09:49:23.0062 1928 NSCIRDA - ok 09:49:24.0484 1928 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 09:49:24.0750 1928 Ntfs - ok 09:49:24.0765 1928 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 09:49:24.0765 1928 NtLmSsp - ok 09:49:25.0125 1928 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 09:49:25.0484 1928 NtmsSvc - ok 09:49:25.0687 1928 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 09:49:25.0703 1928 Null - ok 09:49:25.0750 1928 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 09:49:25.0781 1928 NwlnkFlt - ok 09:49:25.0796 1928 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 09:49:25.0796 1928 NwlnkFwd - ok 09:49:25.0828 1928 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 09:49:25.0843 1928 ohci1394 - ok 09:49:26.0015 1928 [ 3F24EAEB165328E00D687BF3B60A448A ] PAC207 C:\WINDOWS\system32\DRIVERS\pfc027.sys 09:49:26.0031 1928 PAC207 - ok 09:49:26.0062 1928 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys 09:49:26.0078 1928 Parport - ok 09:49:26.0109 1928 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 09:49:26.0109 1928 PartMgr - ok 09:49:26.0171 1928 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 09:49:26.0187 1928 ParVdm - ok 09:49:26.0281 1928 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 09:49:26.0296 1928 PCI - ok 09:49:26.0296 1928 PCIDump - ok 09:49:26.0328 1928 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 09:49:26.0328 1928 PCIIde - ok 09:49:26.0421 1928 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 09:49:26.0578 1928 Pcmcia - ok 09:49:26.0578 1928 PDCOMP - ok 09:49:26.0578 1928 PDFRAME - ok 09:49:26.0593 1928 PDRELI - ok 09:49:26.0609 1928 PDRFRAME - ok 09:49:26.0609 1928 perc2 - ok 09:49:26.0625 1928 perc2hib - ok 09:49:26.0796 1928 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 09:49:26.0796 1928 PlugPlay - ok 09:49:26.0843 1928 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 09:49:26.0859 1928 PolicyAgent - ok 09:49:27.0046 1928 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 09:49:27.0046 1928 PptpMiniport - ok 09:49:27.0093 1928 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 09:49:27.0093 1928 ProtectedStorage - ok 09:49:27.0156 1928 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 09:49:27.0171 1928 PSched - ok 09:49:27.0187 1928 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 09:49:27.0187 1928 Ptilink - ok 09:49:27.0265 1928 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 09:49:27.0281 1928 PxHelp20 - ok 09:49:27.0281 1928 ql1080 - ok 09:49:27.0281 1928 Ql10wnt - ok 09:49:27.0296 1928 ql12160 - ok 09:49:27.0296 1928 ql1240 - ok 09:49:27.0312 1928 ql1280 - ok 09:49:27.0390 1928 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 09:49:27.0390 1928 RasAcd - ok 09:49:27.0421 1928 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 09:49:27.0437 1928 RasAuto - ok 09:49:27.0468 1928 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys 09:49:27.0468 1928 Rasirda - ok 09:49:27.0484 1928 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 09:49:27.0484 1928 Rasl2tp - ok 09:49:27.0500 1928 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 09:49:27.0515 1928 RasMan - ok 09:49:27.0531 1928 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 09:49:27.0531 1928 RasPppoe - ok 09:49:27.0531 1928 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 09:49:27.0531 1928 Raspti - ok 09:49:27.0640 1928 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 09:49:27.0656 1928 Rdbss - ok 09:49:27.0671 1928 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 09:49:27.0671 1928 RDPCDD - ok 09:49:27.0781 1928 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 09:49:27.0812 1928 RDPWD - ok 09:49:27.0875 1928 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 09:49:27.0906 1928 RDSessMgr - ok 09:49:27.0937 1928 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 09:49:27.0937 1928 redbook - ok 09:49:27.0984 1928 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 09:49:27.0984 1928 RemoteAccess - ok 09:49:28.0234 1928 [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo C:\Programme\CyberLink\Shared Files\RichVideo.exe 09:49:28.0234 1928 RichVideo - ok 09:49:28.0312 1928 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 09:49:28.0328 1928 RpcLocator - ok 09:49:28.0375 1928 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll 09:49:28.0375 1928 RpcSs - ok 09:49:28.0468 1928 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 09:49:28.0500 1928 RSVP - ok 09:49:28.0515 1928 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 09:49:28.0515 1928 SamSs - ok 09:49:28.0578 1928 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 09:49:28.0593 1928 SCardSvr - ok 09:49:28.0734 1928 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 09:49:28.0812 1928 Schedule - ok 09:49:28.0843 1928 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys 09:49:28.0843 1928 sdbus - ok 09:49:28.0984 1928 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 09:49:29.0000 1928 Secdrv - ok 09:49:29.0046 1928 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 09:49:29.0046 1928 seclogon - ok 09:49:29.0062 1928 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 09:49:29.0078 1928 SENS - ok 09:49:29.0109 1928 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys 09:49:29.0109 1928 Serial - ok 09:49:29.0140 1928 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys 09:49:29.0140 1928 sffdisk - ok 09:49:29.0218 1928 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys 09:49:29.0234 1928 sffp_sd - ok 09:49:29.0328 1928 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 09:49:29.0359 1928 Sfloppy - ok 09:49:30.0796 1928 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 09:49:31.0015 1928 SharedAccess - ok 09:49:33.0390 1928 [ 40602EBFBE06AA075C8E4560743F6883 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 09:49:33.0390 1928 ShellHWDetection - ok 09:49:33.0406 1928 Simbad - ok 09:49:33.0734 1928 [ 68EA68D03BF58389FE6AD2B38FAD798C ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 09:49:33.0859 1928 SkypeUpdate - ok 09:49:34.0796 1928 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 09:49:34.0812 1928 SLIP - ok 09:49:34.0828 1928 Sparrow - ok 09:49:34.0875 1928 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 09:49:34.0906 1928 splitter - ok 09:49:35.0093 1928 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 09:49:35.0109 1928 Spooler - ok 09:49:35.0218 1928 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 09:49:35.0265 1928 sr - ok 09:49:35.0312 1928 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 09:49:35.0312 1928 srservice - ok 09:49:35.0375 1928 [ 0F6AEFAD3641A657E18081F52D0C15AF ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 09:49:35.0390 1928 Srv - ok 09:49:35.0453 1928 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 09:49:35.0453 1928 SSDPSRV - ok 09:49:35.0500 1928 [ ED78DFAD8EFCDFBC89500492C4D14645 ] STI Simulator C:\WINDOWS\System32\PAStiSvc.exe 09:49:35.0500 1928 STI Simulator - ok 09:49:35.0562 1928 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 09:49:35.0578 1928 stisvc - ok 09:49:35.0593 1928 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 09:49:35.0593 1928 streamip - ok 09:49:35.0625 1928 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 09:49:35.0625 1928 swenum - ok 09:49:35.0640 1928 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 09:49:35.0640 1928 swmidi - ok 09:49:35.0640 1928 SwPrv - ok 09:49:35.0656 1928 symc810 - ok 09:49:35.0656 1928 symc8xx - ok 09:49:35.0671 1928 sym_hi - ok 09:49:35.0671 1928 sym_u3 - ok 09:49:35.0718 1928 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 09:49:35.0718 1928 sysaudio - ok 09:49:35.0734 1928 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 09:49:35.0765 1928 SysmonLog - ok 09:49:35.0812 1928 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 09:49:35.0828 1928 TapiSrv - ok 09:49:35.0890 1928 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 09:49:35.0906 1928 Tcpip - ok 09:49:35.0953 1928 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 09:49:35.0953 1928 TDPIPE - ok 09:49:35.0953 1928 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 09:49:35.0968 1928 TDTCP - ok 09:49:36.0015 1928 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 09:49:36.0015 1928 TermDD - ok 09:49:36.0078 1928 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 09:49:36.0093 1928 TermService - ok 09:49:36.0140 1928 [ 40602EBFBE06AA075C8E4560743F6883 ] Themes C:\WINDOWS\System32\shsvcs.dll 09:49:36.0140 1928 Themes - ok 09:49:36.0250 1928 [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys 09:49:36.0265 1928 tifm21 - ok 09:49:36.0265 1928 TosIde - ok 09:49:36.0328 1928 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 09:49:36.0343 1928 TrkWks - ok 09:49:36.0390 1928 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 09:49:36.0390 1928 Udfs - ok 09:49:36.0390 1928 UIUSys - ok 09:49:36.0406 1928 ultra - ok 09:49:36.0578 1928 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 09:49:36.0843 1928 Update - ok 09:49:36.0875 1928 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 09:49:36.0890 1928 upnphost - ok 09:49:36.0921 1928 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 09:49:36.0921 1928 UPS - ok 09:49:36.0968 1928 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 09:49:36.0968 1928 usbehci - ok 09:49:36.0984 1928 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 09:49:37.0000 1928 usbhub - ok 09:49:37.0046 1928 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 09:49:37.0046 1928 usbscan - ok 09:49:37.0093 1928 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 09:49:37.0093 1928 USBSTOR - ok 09:49:37.0125 1928 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 09:49:37.0125 1928 usbuhci - ok 09:49:37.0140 1928 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 09:49:37.0140 1928 VgaSave - ok 09:49:37.0140 1928 ViaIde - ok 09:49:37.0187 1928 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 09:49:37.0187 1928 VolSnap - ok 09:49:37.0265 1928 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 09:49:37.0265 1928 VSS - ok 09:49:37.0406 1928 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe 09:49:37.0421 1928 vToolbarUpdater13.2.0 - ok 09:49:37.0500 1928 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 09:49:37.0500 1928 W32Time - ok 09:49:37.0546 1928 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 09:49:37.0578 1928 Wanarp - ok 09:49:37.0625 1928 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 09:49:37.0640 1928 Wdf01000 - ok 09:49:37.0640 1928 WDICA - ok 09:49:37.0687 1928 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 09:49:37.0687 1928 wdmaud - ok 09:49:37.0734 1928 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 09:49:37.0734 1928 WebClient - ok 09:49:37.0781 1928 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 09:49:37.0812 1928 winachsf - ok 09:49:37.0921 1928 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 09:49:37.0921 1928 winmgmt - ok 09:49:37.0968 1928 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 09:49:37.0968 1928 WmdmPmSN - ok 09:49:38.0000 1928 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 09:49:38.0031 1928 WmiAcpi - ok 09:49:38.0062 1928 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 09:49:38.0078 1928 WmiApSrv - ok 09:49:38.0375 1928 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 09:49:38.0406 1928 WMPNetworkSvc - ok 09:49:38.0437 1928 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys 09:49:38.0453 1928 WpdUsb - ok 09:49:38.0515 1928 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 09:49:38.0515 1928 wscsvc - ok 09:49:38.0546 1928 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 09:49:38.0546 1928 WSTCODEC - ok 09:49:38.0593 1928 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 09:49:38.0609 1928 wuauserv - ok 09:49:38.0640 1928 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 09:49:38.0640 1928 WudfPf - ok 09:49:38.0656 1928 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 09:49:38.0656 1928 WudfRd - ok 09:49:38.0687 1928 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 09:49:38.0687 1928 WudfSvc - ok 09:49:38.0734 1928 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 09:49:38.0750 1928 WZCSVC - ok 09:49:38.0828 1928 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 09:49:38.0828 1928 xmlprov - ok 09:49:38.0843 1928 ================ Scan global =============================== 09:49:38.0890 1928 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 09:49:38.0953 1928 [ E9B93B97B1A2965144361F4FD8BD2BEF ] C:\WINDOWS\system32\winsrv.dll 09:49:38.0984 1928 [ E9B93B97B1A2965144361F4FD8BD2BEF ] C:\WINDOWS\system32\winsrv.dll 09:49:39.0000 1928 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 09:49:39.0000 1928 [Global] - ok 09:49:39.0000 1928 ================ Scan MBR ================================== 09:49:39.0031 1928 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 09:49:39.0234 1928 \Device\Harddisk0\DR0 - ok 09:49:39.0234 1928 ================ Scan VBR ================================== 09:49:39.0250 1928 [ F98956A5DE3C95D4C26C756CA1365B25 ] \Device\Harddisk0\DR0\Partition1 09:49:39.0250 1928 \Device\Harddisk0\DR0\Partition1 - ok 09:49:39.0250 1928 ============================================================ 09:49:39.0250 1928 Scan finished 09:49:39.0250 1928 ============================================================ 09:49:39.0265 2312 Detected object count: 1 09:49:39.0265 2312 Actual detected object count: 1 09:50:07.0640 2312 avgtp ( ForgedFile.Multi.Generic ) - skipped by user 09:50:07.0640 2312 avgtp ( ForgedFile.Multi.Generic ) - User select action: Skip |
29.11.2012, 07:06 | #8 |
/// Malwareteam | Virus- Windows -XP Schritt 1: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2: OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
29.11.2012, 18:46 | #9 |
| Virus- Windows -XPCode:
ATTFilter # AdwCleaner v2.009 - Datei am 29/11/2012 um 18:41:13 erstellt # Aktualisiert am 24/11/2012 von Xplode # Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits) # Benutzer : WinXP - WINXP-6005ED2CF # Bootmodus : Normal # Ausgeführt unter : C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Temporary Internet Files\Content.IE5\8Z6URRE7\adwcleaner[2].exe # Option [Suche] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gefunden : C:\Programme\Mozilla Firefox\.autoreg Datei Gefunden : C:\Programme\Mozilla Firefox\searchplugins\avg-secure-search.xml Datei Gefunden : C:\user.js Ordner Gefunden : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search Ordner Gefunden : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess Ordner Gefunden : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DealPly Ordner Gefunden : C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\AVG Secure Search Ordner Gefunden : C:\Programme\AVG Secure Search Ordner Gefunden : C:\Programme\BabylonToolbar Ordner Gefunden : C:\Programme\DealPly Ordner Gefunden : C:\Programme\Gemeinsame Dateien\AVG Secure Search ***** [Registrierungsdatenbank] ***** Schlüssel Gefunden : HKCU\Software\APN PIP Schlüssel Gefunden : HKCU\Software\AVG Secure Search Schlüssel Gefunden : HKCU\Software\BabylonToolbar Schlüssel Gefunden : HKCU\Software\Cr_Installer Schlüssel Gefunden : HKCU\Software\Crossrider Schlüssel Gefunden : HKCU\Software\DataMngr Schlüssel Gefunden : HKCU\Software\DealPly Schlüssel Gefunden : HKCU\Software\facemoods.com Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Schlüssel Gefunden : HKCU\Software\Iminent Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A} Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} Schlüssel Gefunden : HKCU\Software\PIP Schlüssel Gefunden : HKCU\Software\Softonic Schlüssel Gefunden : HKCU\Software\TBSB01620 Schlüssel Gefunden : HKLM\Software\AVG Secure Search Schlüssel Gefunden : HKLM\Software\Babylon Schlüssel Gefunden : HKLM\Software\BabylonToolbar Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\b Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.escrtSrvc Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.dskBnd Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.xtrnl Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoodsApp.appCore Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Schlüssel Gefunden : HKLM\SOFTWARE\Classes\S Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbTask Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620.3 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook Schlüssel Gefunden : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Schlüssel Gefunden : HKLM\Software\DealPly Schlüssel Gefunden : HKLM\Software\facemoods.com Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif Schlüssel Gefunden : HKLM\Software\Iminent Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Schlüssel Gefunden : HKLM\Software\PIP Schlüssel Gefunden : HKU\S-1-5-21-1390067357-2147052231-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A} Schlüssel Gefunden : HKU\S-1-5-21-1390067357-2147052231-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [Internet Browser] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Die Registrierungsdatenbank ist sauber. ************************* AdwCleaner[R1].txt - [9927 octets] - [29/11/2012 18:41:13] ########## EOF - C:\AdwCleaner[R1].txt - [9987 octets] ########## Code:
ATTFilter OTL logfile created on: 29.11.2012 18:48:29 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\WinXP\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1014,36 Mb Total Physical Memory | 212,78 Mb Available Physical Memory | 20,98% Memory free 2,38 Gb Paging File | 1,55 Gb Available in Paging File | 65,02% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 111,78 Gb Total Space | 102,23 Gb Free Space | 91,46% Space Free | Partition Type: NTFS Computer Name: WINXP-6005ED2CF | User Name: WinXP | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\WinXP\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Temporary Internet Files\Content.IE5\76DKTFKO\adwcleaner[1].exe () PRC - C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.) PRC - C:\Programme\AVG Secure Search\vprot.exe () PRC - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ScriptHelperInstaller\13.2.0\ScriptHelper.exe () PRC - C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe () PRC - C:\Programme\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\WINDOWS\system32\PAStiSvc.exe () ========== Modules (No Company Name) ========== MOD - C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Temporary Internet Files\Content.IE5\76DKTFKO\adwcleaner[1].exe () MOD - C:\Programme\AVG Secure Search\vprot.exe () MOD - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ScriptHelperInstaller\13.2.0\ScriptHelper.exe () MOD - C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe () MOD - C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll () MOD - C:\Programme\Gemeinsame Dateien\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll () MOD - C:\Programme\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\WINDOWS\system32\PAStiSvc.exe () MOD - C:\Programme\Launch Manager\PowerUtl.dll () ========== Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (vToolbarUpdater13.2.0) -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe () SRV - (AVGIDSAgent) -- C:\Programme\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (avgwd) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.) SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG) SRV - (STI Simulator) -- C:\WINDOWS\system32\PAStiSvc.exe () ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys () DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSHX) -- C:\WINDOWS\system32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. ) DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. ) DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corp.) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation) DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (PAC207) -- C:\WINDOWS\system32\drivers\pfc027.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {F069E2E6-CCD7-4721-AF63-69B09A4D8DE8} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{F069E2E6-CCD7-4721-AF63-69B09A4D8DE8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 43 F0 7F DC C5 FA CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109867&babsrc=SP_ss&mntrId=28a779de000000000000001e4ca5ca2e IE - HKCU\..\SearchScopes\{5CE9C47C-B96C-4315-8434-063F5BD76E60}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={F2D47C2E-E9CF-4542-BA7E-A2F93470EC9A}&mid=&lang=de&ds=AVG&pr=fr&d=2012-05-08 21:46:02&v=12.2.5.32&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{F069E2E6-CCD7-4721-AF63-69B09A4D8DE8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPT_de IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?babsrc=HP_Prot" FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.11.0.9874 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.2.0 FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1 FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0 FF - prefs.js..extensions.enabledItems: {28387537-e3f9-4ed7-860c-11e69af4a8a0}:4.6.1.01 FF - prefs.js..extensions.enabledItems: {C9B68337-E93A-44EA-94DC-CB300EC06444}:4.51.0 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191 FF - prefs.js..extensions.enabledItems: avg@toolbar:12.2.5.32 FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=1083&systemid=1&sr=0&q=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Programme\AVG\AVG2012\Firefox4\ [2012.09.11 14:25:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\12.2.5.32\ [2012.09.04 09:06:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.08.22 11:54:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.08.22 11:54:33 | 000,000,000 | ---D | M] [2012.11.25 17:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Extensions [2012.10.02 19:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions [2012.03.10 23:27:44 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} [2012.03.10 23:23:31 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions\ffxtlbr@babylon.com [2011.02.27 15:44:01 | 000,000,000 | ---D | M] (Facemoods) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions\ffxtlbr@Facemoods.com [2012.10.02 19:26:37 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions\staged [2010.10.10 15:46:56 | 000,004,669 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions\ffxtlbr@Facemoods.com\content\xpiInstallLgc.js [2012.06.07 18:42:13 | 000,002,517 | ---- | M] () -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\searchplugins\Search_Results.xml [2012.11.25 17:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.04.17 19:05:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011.02.27 15:48:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2012.09.04 09:06:28 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\AVG SECURE SEARCH\12.2.5.32 File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\WINXP\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\NGZH5H7I.DEFAULT\EXTENSIONS\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} [2012.09.11 14:25:08 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAMME\AVG\AVG2012\FIREFOX4 File not found (No name found) -- C:\PROGRAMME\IMESH APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION [2011.02.27 15:48:36 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011.02.27 15:48:36 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2012.04.07 15:53:18 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.10 09:32:00 | 000,003,499 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml [2012.04.07 15:53:19 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.04.07 15:53:19 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.04.07 15:53:19 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.04.07 15:53:19 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://search.imesh.net CHR - default_search_provider: Search Results () CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&appid=1083&systemid=1&sr=0&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://search.imesh.net CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Iminent (Enabled) = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\4.43.0_0\npIminent.dll CHR - plugin: AVG Internet Security (Enabled) = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ CHR - Extension: AVG Safe Search = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\ CHR - Extension: AVG Safe Search = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\ CHR - Extension: Skype Click to Call = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\ CHR - Extension: AVG Do Not Track = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\ CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll () O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVG_TRAY] C:\Programme\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Programme\AVG Secure Search\ROC_ROC_JULY_P1.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [vProt] C:\Programme\AVG Secure Search\vprot.exe () O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296671111013 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B3BC3C8-4111-43DA-81EB-AF665E0AF886}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.02.02 18:09:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{306ccbc6-55c0-11e1-9846-001e4ca5ca2e}\Shell - "" = AutoRun O33 - MountPoints2\{306ccbc6-55c0-11e1-9846-001e4ca5ca2e}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{306ccbc6-55c0-11e1-9846-001e4ca5ca2e}\Shell\AutoRun\command - "" = E:\Install.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.11.29 18:46:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\WinXP\Desktop\OTL.exe [2012.11.25 17:41:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2012.11.25 17:40:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.11.24 09:42:45 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\WinXP\Desktop\tdsskiller.exe [2012.11.24 09:20:51 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Dokumente und Einstellungen\WinXP\Desktop\aswMBR.exe [2012.11.21 04:14:01 | 000,000,000 | ---D | C] -- C:\_OTL ========== Files - Modified Within 30 Days ========== [2012.11.29 18:47:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\WinXP\Desktop\OTL.exe [2012.11.29 18:32:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.11.29 18:21:38 | 000,480,125 | ---- | M] () -- C:\Dokumente und Einstellungen\WinXP\Desktop\adwcleaner.exe [2012.11.29 14:25:37 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [2012.11.29 13:36:36 | 101,618,651 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm [2012.11.28 19:07:03 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.11.25 18:05:07 | 000,114,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.11.25 17:58:31 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.11.25 17:42:28 | 000,141,227 | ---- | M] () -- C:\logfile [2012.11.25 17:41:18 | 000,316,594 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.11.25 17:41:18 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.11.25 17:41:18 | 000,048,156 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.11.25 17:41:18 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.11.25 15:19:13 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2012.11.24 09:43:06 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\WinXP\Desktop\tdsskiller.exe [2012.11.24 09:39:25 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\WinXP\Desktop\MBR.dat [2012.11.24 09:22:27 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Dokumente und Einstellungen\WinXP\Desktop\aswMBR.exe [2012.11.24 08:54:36 | 000,000,047 | ---- | M] () -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\msconfig.ini [2012.11.20 22:33:39 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.11.10 09:31:51 | 000,026,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2012.11.05 07:50:27 | 000,148,480 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mbb [2012.11.05 07:50:25 | 000,102,400 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mb ========== Files Created - No Company Name ========== [2012.11.29 18:21:30 | 000,480,125 | ---- | C] () -- C:\Dokumente und Einstellungen\WinXP\Desktop\adwcleaner.exe [2012.11.24 09:39:25 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\WinXP\Desktop\MBR.dat [2012.11.19 15:17:23 | 000,000,047 | ---- | C] () -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\msconfig.ini [2012.09.04 09:06:15 | 000,026,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2012.08.22 12:46:45 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2012.04.29 19:31:20 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.04.17 19:08:57 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PAStiSvc.exe [2012.04.17 19:08:44 | 000,010,240 | R--- | C] () -- C:\WINDOWS\System32\PA207Usd.dll [2012.04.17 19:08:43 | 000,162,176 | R--- | C] () -- C:\WINDOWS\System32\drivers\pfc027.sys [2011.10.20 15:21:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.07.01 15:31:08 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011.02.03 10:55:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011.02.03 10:19:34 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll [2011.02.03 10:19:33 | 000,910,464 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll [2011.02.02 19:16:57 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011.02.02 18:11:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011.02.02 18:06:49 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011.02.02 18:00:07 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011.02.02 17:58:49 | 000,114,176 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2010.11.05 06:04:20 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 06:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Code:
ATTFilter OTL Extras logfile created on: 29.11.2012 18:48:29 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\WinXP\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1014,36 Mb Total Physical Memory | 212,78 Mb Available Physical Memory | 20,98% Memory free 2,38 Gb Paging File | 1,55 Gb Available in Paging File | 65,02% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 111,78 Gb Total Space | 102,23 Gb Free Space | 91,46% Space Free | Partition Type: NTFS Computer Name: WINXP-6005ED2CF | User Name: WinXP | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Programme\AVG\AVG10\avgmfapx.exe" = C:\Programme\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG-Installationsprogramm "C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Programme\Limewire Plus+\limewire.exe" = C:\Programme\Limewire Plus+\limewire.exe:*:Disabled:LimeWire p2p for windows "C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation) "C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Programme\AVG\AVG2012\avgmfapx.exe" = C:\Programme\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG-Installationsprogramm -- (AVG Technologies CZ, s.r.o.) "C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater "C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare "C:\Programme\AVG\AVG2012\avgnsx.exe" = C:\Programme\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.) "C:\Programme\AVG\AVG2012\avgdiagex.exe" = C:\Programme\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnose 2012 -- (AVG Technologies CZ, s.r.o.) "C:\Programme\AVG\AVG2012\avgemcx.exe" = C:\Programme\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-Mail-Scanner -- (AVG Technologies CZ, s.r.o.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1DFFB787-735E-371B-9C43-1321C10B4335}" = Microsoft .NET Framework 2.0 Client Service Pack 2 - Language Pack (DEU) "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{54C085D1-53E9-3768-B1B9-6018671D4882}" = Microsoft .NET Framework 3.0 Client Profile - Language Pack (DEU) "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2 "{AAB93551-3FFE-42B2-8315-96252BBC1031}" = Nero 7 Essentials "{ABEC4C47-2E98-49BF-AF8E-06316B6B2BB9}" = AVG 2012 "{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch "{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller "{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9 "{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F7172E9B-1145-3768-94E6-8477A73E860F}" = Microsoft .NET Framework 3.5 Client Profile - Language Pack (DEU) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AVG" = AVG 2012 "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP "DealPly" = DealPly "HDMI" = Intel(R) Graphics Media Accelerator Driver "ie8" = Windows Internet Explorer 8 "InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers. "LManager" = Launch Manager "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft.Net.Client.3.5.LangPack.deu" = Microsoft .NET Framework Client Profile Language Pack - DEU "Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "VLC media player" = VLC media player 1.1.7 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 15.11.2012 14:33:51 | Computer Name = WINXP-6005ED2CF | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 15.11.2012 14:38:37 | Computer Name = WINXP-6005ED2CF | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 16.11.2012 08:20:17 | Computer Name = WINXP-6005ED2CF | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 25.11.2012 12:43:09 | Computer Name = WINXP-6005ED2CF | Source = MsiInstaller | ID = 11905 Description = Produkt: ESScore -- Fehler 1905. Fehler beim Entfernen von Modul C:\Programme\Kodak\Kodak EasyShare software\bin\vdt.dll aus der Registrierung. HRESULT . Bitte wenden Sie sich an Ihren Support. Error - 25.11.2012 12:43:26 | Computer Name = WINXP-6005ED2CF | Source = MsiInstaller | ID = 11905 Description = Product: ESSgui -- Error 1905.Module C:\Programme\Kodak\Kodak EasyShare software\bin\ESCom.dll failed to unregister. HRESULT . Contact your support personnel. Error - 25.11.2012 12:46:26 | Computer Name = WINXP-6005ED2CF | Source = MsiInstaller | ID = 11905 Description = Product: PCDADDIN -- Error 1905.Module C:\Programme\Kodak\Kodak EasyShare software\AddIn\VPCD.dll failed to unregister. HRESULT . Contact your support personnel. Error - 25.11.2012 12:46:26 | Computer Name = WINXP-6005ED2CF | Source = MsiInstaller | ID = 11905 Description = Product: PCDADDIN -- Error 1905.Module C:\Programme\Kodak\Kodak EasyShare software\AddIn\Atlbutn.dll failed to unregister. HRESULT . Contact your support personnel. Error - 25.11.2012 12:46:26 | Computer Name = WINXP-6005ED2CF | Source = MsiInstaller | ID = 11905 Description = Product: PCDADDIN -- Error 1905.Module C:\Programme\Kodak\Kodak EasyShare software\AddIn\VistaPCD.cyx failed to unregister. HRESULT . Contact your support personnel. Error - 26.11.2012 03:29:58 | Computer Name = WINXP-6005ED2CF | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 26.11.2012 09:24:44 | Computer Name = WINXP-6005ED2CF | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. [ System Events ] Error - 29.11.2012 13:33:27 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811 Description = Generate Activation Context ist für C:\Programme\AVG\AVG2012\avgse.dll fehlgeschlagen. Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet. . Error - 29.11.2012 13:33:58 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842784 Description = Abhängige Assemblierung "Microsoft.VC90.MFC" konnte nicht gefunden werden. "Last Error": Die referenzierte Assemblierung ist nicht auf dem Computer installiert. Error - 29.11.2012 13:33:58 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly ist für Microsoft.VC90.MFC fehlgeschlagen. Referenzfehlermeldung: Die referenzierte Assemblierung ist nicht auf dem Computer installiert. . Error - 29.11.2012 13:33:58 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811 Description = Generate Activation Context ist für C:\Programme\AVG\AVG2012\avgse.dll fehlgeschlagen. Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet. . Error - 29.11.2012 13:34:07 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842784 Description = Abhängige Assemblierung "Microsoft.VC90.MFC" konnte nicht gefunden werden. "Last Error": Die referenzierte Assemblierung ist nicht auf dem Computer installiert. Error - 29.11.2012 13:34:07 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly ist für Microsoft.VC90.MFC fehlgeschlagen. Referenzfehlermeldung: Die referenzierte Assemblierung ist nicht auf dem Computer installiert. . Error - 29.11.2012 13:34:07 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811 Description = Generate Activation Context ist für C:\Programme\AVG\AVG2012\avgse.dll fehlgeschlagen. Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet. . Error - 29.11.2012 13:35:17 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842784 Description = Abhängige Assemblierung "Microsoft.VC90.MFC" konnte nicht gefunden werden. "Last Error": Die referenzierte Assemblierung ist nicht auf dem Computer installiert. Error - 29.11.2012 13:35:17 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly ist für Microsoft.VC90.MFC fehlgeschlagen. Referenzfehlermeldung: Die referenzierte Assemblierung ist nicht auf dem Computer installiert. . Error - 29.11.2012 13:35:17 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811 Description = Generate Activation Context ist für C:\Programme\AVG\AVG2012\avgse.dll fehlgeschlagen. Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet. . < End of report > |
30.11.2012, 07:37 | #10 |
/// Malwareteam | Virus- Windows -XP Hm, da hab ich leider den falschen Baustein genommen. Tut mir leid... Schritt 1: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2: Neues OTL-Log
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
03.12.2012, 08:35 | #11 |
/// Malwareteam | Virus- Windows -XP Hallo, benötigst Du noch weiterhin Hilfe ? Sollte ich innerhalb der nächsten 24 Stunden keine Antwort von dir erhalten, werde ich dein Thema aus meinen Abos nehmen und bekomme dadurch keine Nachricht über neue Antworten. Das Verschwinden der Symptome bedeutet nicht, dass dein System schon sauber ist
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
03.12.2012, 11:13 | #12 |
| Virus- Windows -XP Hallo, ich kann das Programm nicht ausführen. Löschen startet, jedoch erhalte ich die Sanduhr und nichts weiter passiert. |
03.12.2012, 12:20 | #13 |
/// Malwareteam | Virus- Windows -XP Starte den PC im abgesicherten Modus und versuche es erneut! Abgesicherter Modus zur Bereinigung
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
19.12.2012, 08:17 | #14 |
/// Malwareteam | Virus- Windows -XP Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
Themen zu Virus- Windows -XP |
anhang, bildschirm, datei, dateien, erstell, hoffe, hänge, laptop, modus, otl.txt, otlpe, reatogo-x-pe, scan, starte, virus, windows |