| |
| |||||||
Log-Analyse und Auswertung: Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.01.2013, 18:23
| #1 |
 |  Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Hallo Leider ist mein Laptop gesperrt aufgrund eines Trojaners (die Sperre zeigte längere Zeit ein Bild an, auf welchem oben links Schweizerische Eidgenossenschaft stand, mittlerweile ist der Bildschirm nach dem Aufstarten einfach weiss). Aufgrund dieses Forums hier habe ich die Malwarebytes Anti-Malware heruntergeladen und den vollständigen Scan durchgeführt. Dieser zeigt an, dass er vier Objekte gefunden und in die Quarantäne verschoben hat. Logdatei 1: Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.05.08 Windows XP Service Pack 3 x86 FAT32 Internet Explorer 8.0.6001.18702 ***:: VALUED-1EA80BFA [Administrator] 06.01.2013 06:56:31 MBAM-log-2013-01-06 (08-29-51).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 361936 Laufzeit: 1 Stunde(n), 32 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKCU\SOFTWARE\fcn (Rogue.Residue) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 1 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.Agent) -> Daten: explorer.exe,C:\Dokumente und Einstellungen\***\Anwendungsdaten\msconfig.dat -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\0je8ts5canum3mfdh2x2p.exe (Trojan.Agent.GNI) -> Keine Aktion durchgeführt. C:\Dokumente und Einstellungen\***\Anwendungsdaten\msconfig.dat (Trojan.Agent.GNI) -> Keine Aktion durchgeführt. C:\Dokumente und Einstellungen\***\Anwendungsdaten\msconfig.ini (Trojan.Agent) -> Keine Aktion durchgeführt. (Ende) Logdatei 2: Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.05.08 Windows XP Service Pack 3 x86 FAT32 Internet Explorer 8.0.6001.18702 *** :: VALUED-1EA80BFA [Administrator] 06.01.2013 06:56:31 mbam-log-2013-01-06 (06-56-31).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 361936 Laufzeit: 1 Stunde(n), 32 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKCU\SOFTWARE\fcn (Rogue.Residue) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.Agent) -> Daten: explorer.exe,C:\Dokumente und Einstellungen\***\Anwendungsdaten\msconfig.dat -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\0je8ts5canum3mfdh2x2p.exe (Trojan.Agent.GNI) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\***\Anwendungsdaten\msconfig.dat (Trojan.Agent.GNI) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\***\Anwendungsdaten\msconfig.ini (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Logdatei 3: 2012/12/01 20:12:44 +0100 VALUED-1EA80BFA *** MESSAGE Starting protection 2012/12/01 20:12:44 +0100 VALUED-1EA80BFA *** MESSAGE Protection started successfully 2012/12/01 20:12:44 +0100 VALUED-1EA80BFA *** MESSAGE Starting IP protection 2012/12/01 20:13:22 +0100 VALUED-1EA80BFA *** MESSAGE IP Protection started successfully 2012/12/01 20:15:22 +0100 VALUED-1EA80BFA *** MESSAGE Starting database refresh 2012/12/01 20:15:22 +0100 VALUED-1EA80BFA *** MESSAGE Stopping IP protection 2012/12/01 20:15:23 +0100 VALUED-1EA80BFA *** MESSAGE IP Protection stopped successfully 2012/12/01 20:15:35 +0100 VALUED-1EA80BFA *** MESSAGE Database refreshed successfully 2012/12/01 20:15:35 +0100 VALUED-1EA80BFA *** MESSAGE Starting IP protection 2012/12/01 20:16:17 +0100 VALUED-1EA80BFA *** MESSAGE IP Protection started successfully 2012/12/01 20:20:45 +0100 VALUED-1EA80BFA *** MESSAGE Executing scheduled update: Daily 2012/12/01 20:21:04 +0100 VALUED-1EA80BFA *** MESSAGE Database already up-to-date Logdatei 4: 2012/12/02 08:20:34 +0100 VALUED-1EA80BFA *** MESSAGE Starting protection 2012/12/02 08:20:34 +0100 VALUED-1EA80BFA *** MESSAGE Protection started successfully 2012/12/02 08:20:34 +0100 VALUED-1EA80BFA *** MESSAGE Starting IP protection 2012/12/02 08:21:21 +0100 VALUED-1EA80BFA *** MESSAGE IP Protection started successfully 2012/12/02 08:52:33 +0100 VALUED-1EA80BFA *** MESSAGE Starting protection 2012/12/02 08:52:34 +0100 VALUED-1EA80BFA *** MESSAGE Protection started successfully 2012/12/02 08:52:34 +0100 VALUED-1EA80BFA *** MESSAGE Starting IP protection 2012/12/02 08:54:22 +0100 VALUED-1EA80BFA *** MESSAGE IP Protection started successfully 2012/12/02 09:12:32 +0100 VALUED-1EA80BFA *** MESSAGE Starting protection 2012/12/02 09:12:32 +0100 VALUED-1EA80BFA *** MESSAGE Protection started successfully 2012/12/02 09:12:32 +0100 VALUED-1EA80BFA *** MESSAGE Starting IP protection 2012/12/02 09:14:21 +0100 VALUED-1EA80BFA *** MESSAGE IP Protection started successfully Logdatei 5: 2013/01/05 21:00:19 +0100 VALUED-1EA80BFA *** MESSAGE Protection stopped 2013/01/05 21:43:28 +0100 VALUED-1EA80BFA *** MESSAGE Starting database refresh 2013/01/05 21:48:39 +0100 VALUED-1EA80BFA *** MESSAGE Database refreshed successfully Logdatei 6: 2013/01/06 17:36:06 +0100 VALUED-1EA80BFA *** MESSAGE Protection stopped Das ist das, was ich bis jetzt gemacht habe. Was benötigt es nun zur definitiven Reinigung meines Laptops? Jedes Aufstarten bedeutet wieder, den Laptop zu überlisten, um an der Problemlösung arbeiten zu können, denn jedes Mal muss ich die Sperre erneut überwinden. Herzlichen Dank für Eure Hilfe schon jetzt. Lieben Gruss Anst66 P.S.: Den Defogger von jpshortstuff kann ich nicht downloaden, es zeigt Re-enable / disable an. Geändert von Anst66 (06.01.2013 um 18:32 Uhr) |
|
06.01.2013, 19:56
| #2 |
| /// Malware-holic   | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Hi
__________________na wenn es re enable bzw disable anzeigt, hast du ihn doch, einfach auf disable klicken. Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
06.01.2013, 20:50
| #3 |
| | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Wow, hallo Markusg, danke für die schnelle Antwort.
__________________Hier der Inhalt von OTL.Txt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 06.01.2013 20:09:40 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\***\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 1022.60 Mb Total Physical Memory | 362.86 Mb Available Physical Memory | 35.48% Memory free 2.40 Gb Paging File | 0.54 Gb Available in Paging File | 22.64% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 53.19 Gb Total Space | 11.46 Gb Free Space | 21.55% Space Free | Partition Type: FAT32 Drive D: | 53.69 Gb Total Space | 53.34 Gb Free Space | 99.36% Space Free | Partition Type: FAT32 Computer Name: VALUED-1EA80BFA | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.06 20:07:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe PRC - [2012.09.12 11:17:12 | 000,445,624 | ---- | M] (Sony) -- C:\Programme\Sony\Sony PC Companion\PCCompanion.exe PRC - [2012.08.08 15:00:24 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.08 19:10:42 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2012.05.08 19:10:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.08 19:10:42 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.08 19:10:42 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.04.30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe PRC - [2012.01.04 20:20:50 | 001,391,272 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe PRC - [2011.01.24 16:06:38 | 004,460,896 | ---- | M] () -- C:\Programme\TeamDrive2.0\bin\mysql\bin\TeamDrive2Database.exe PRC - [2008.04.14 04:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.03.02 16:48:00 | 000,098,304 | ---- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe PRC - [2006.11.03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MsMpEng.exe PRC - [2006.09.08 11:49:56 | 000,245,760 | ---- | M] () -- C:\WINDOWS\BUtilityBar\BisonBar.exe PRC - [2006.09.05 19:25:58 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\RtkBtMnt.exe PRC - [2006.08.08 14:15:14 | 000,634,880 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe PRC - [2006.07.18 11:37:30 | 000,438,272 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe PRC - [2006.06.28 17:01:32 | 000,520,192 | ---- | M] () -- C:\Acer\Empowering Technology\eLock\LockServ.exe PRC - [2006.06.28 12:24:30 | 000,348,160 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe PRC - [2006.06.13 16:23:50 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe PRC - [2006.06.07 20:18:12 | 000,208,896 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePresentation\ePresentation.exe PRC - [2006.06.01 14:40:54 | 000,413,696 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe PRC - [2006.05.18 16:52:06 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe PRC - [2006.05.11 15:22:48 | 000,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe PRC - [2006.03.17 15:00:50 | 000,345,088 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe PRC - [2005.09.13 09:57:58 | 000,401,408 | ---- | M] (Motive Communications, Inc.) -- C:\Programme\Bluewin\Quick Help\SmartBridge\QuickHelpAlert.exe PRC - [2005.05.27 11:24:52 | 000,310,272 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe PRC - [2004.09.05 17:20:18 | 000,380,928 | ---- | M] (Tracker Software Products Ltd.) -- C:\Programme\Mindjet\MindManager 7\PDF-XChange\pdfSaver\pdfSaver3.exe PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE ========== Modules (No Company Name) ========== MOD - [2012.11.16 14:38:50 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2007dbef\mscorlib.dll MOD - [2012.11.16 14:38:46 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_e8a1a867\system.drawing.dll MOD - [2012.11.16 14:38:38 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_236b87fa\system.xml.dll MOD - [2012.11.16 14:38:32 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_fec84b6f\system.windows.forms.dll MOD - [2012.11.16 14:38:18 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_41d29522\system.dll MOD - [2012.11.16 14:38:06 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll MOD - [2012.11.16 14:38:04 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll MOD - [2012.11.07 16:25:36 | 000,204,288 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\MExplorer.dll MOD - [2012.06.14 19:15:42 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll MOD - [2012.05.08 19:10:42 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2012.04.30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe MOD - [2012.04.30 10:57:42 | 000,039,936 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\TMonitorAPI.dll MOD - [2011.07.07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\Report.dll MOD - [2011.02.04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2011.01.24 16:06:38 | 004,460,896 | ---- | M] () -- C:\Programme\TeamDrive2.0\bin\mysql\bin\TeamDrive2Database.exe MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2006.09.08 11:49:56 | 000,245,760 | ---- | M] () -- C:\WINDOWS\BUtilityBar\BisonBar.exe MOD - [2006.09.05 19:36:30 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll MOD - [2006.09.05 19:36:30 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll MOD - [2006.09.05 19:36:30 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll MOD - [2006.09.05 19:36:30 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll MOD - [2006.09.05 19:35:54 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2006.09.05 19:35:54 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\system.serviceprocess.resources\1.0.5000.0_de_b03f5f7f11d50a3a\system.serviceprocess.resources.dll MOD - [2006.07.20 20:58:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll MOD - [2006.07.18 11:37:30 | 000,438,272 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe MOD - [2006.06.28 17:01:32 | 000,520,192 | ---- | M] () -- C:\Acer\Empowering Technology\eLock\LockServ.exe MOD - [2006.06.02 14:08:58 | 000,188,416 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\CPUID.dll MOD - [2006.05.19 16:09:40 | 000,352,256 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\it41.dll MOD - [2006.03.16 12:03:24 | 000,032,768 | ---- | M] () -- c:\Acer\Empowering Technology\eDataSecurity\eDSCS2CClassLib.dll MOD - [2006.01.12 09:33:34 | 000,212,992 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\imagefile.dll MOD - [2005.10.20 17:20:24 | 000,208,896 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\DialogDLL.dll MOD - [2005.10.11 13:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll MOD - [2005.01.06 18:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll MOD - [2004.09.05 17:20:38 | 000,008,192 | ---- | M] () -- C:\Programme\Mindjet\MindManager 7\PDF-XChange\pdfSaver\fm30xmf.dll MOD - [2003.06.07 13:30:08 | 000,057,344 | ---- | M] () -- C:\Programme\Launch Manager\PowerUtl.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler) SRV - [2012.05.08 19:10:42 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2012.05.08 19:10:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.08 19:10:42 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.01.18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MsMpEng.exe -- (WinDefend) SRV - [2006.06.28 17:01:32 | 000,520,192 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eLock\LockServ.exe -- (LockServ) SRV - [2006.05.18 16:52:06 | 000,049,152 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2006.05.11 15:22:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService) SRV - [2005.11.14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.05.08 19:10:42 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2012.05.08 19:10:42 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.09.16 16:09:18 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010.07.18 18:48:50 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri) DRV - [2010.06.17 14:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2006.09.18 14:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm) DRV - [2006.09.18 14:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl) DRV - [2006.07.24 02:15:04 | 004,353,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) DRV - [2006.06.30 10:40:40 | 000,775,936 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D) DRV - [2006.06.08 17:54:24 | 000,017,664 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2BurnerLockDriver.sys -- (eLock2BurnerLockDriver) DRV - [2006.06.06 18:36:30 | 000,090,112 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2FSCTLDriver.sys -- (eLock2FSCTLDriver) DRV - [2006.06.02 13:59:54 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport) DRV - [2006.06.02 13:59:52 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport) DRV - [2006.06.02 13:59:50 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15) DRV - [2006.05.17 18:32:38 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2006.05.15 15:35:56 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) DRV - [2006.05.15 15:35:48 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex) DRV - [2006.05.15 15:35:48 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) DRV - [2006.05.15 15:35:46 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) DRV - [2006.05.15 15:35:36 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) DRV - [2006.05.10 11:27:00 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006.03.07 05:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2006.03.04 06:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006.03.04 06:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006.01.13 01:20:54 | 000,008,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EPINDD.SYS -- (epindd) DRV - [2005.10.24 10:20:52 | 000,218,496 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2005.10.18 16:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005.10.18 16:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005.04.18 00:30:04 | 000,052,864 | R--- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CnxTrUsb.sys -- (CnxTrUsb) DRV - [2005.04.18 00:30:04 | 000,025,984 | R--- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CnxTrLan.sys -- (CnxTrLan) DRV - [2005.02.11 11:24:24 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex) DRV - [2005.02.11 11:22:48 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2005.02.11 11:21:10 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm) DRV - [2005.02.11 11:21:02 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl) DRV - [2005.02.11 11:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) DRV - [2005.01.13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys) DRV - [2005.01.10 15:47:14 | 000,449,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211) DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = Der Such-Assistent von Internet Explorer 6 wird nicht länger unterstützt. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=25f25fb80000000000000016d34c05c9&tlver=1.4.19.19&ss=1&affID=17395 IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Der Such-Assistent von Internet Explorer 6 wird nicht länger unterstützt. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Web News online - Aktuelles - Swisscom - Aktuelle Nachrichten - Neuigkeiten IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWin2.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=10588 IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=25f25fb80000000000000016d34c05c9&tlver=1.4.19.19&ss=1&affID=17395 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7RNWN_de IE - HKCU\..\SearchScopes\{971D4787-F144-4B85-8EBF-FD4F552C8B37}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2449730 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = : ========== FireFox ========== FF - prefs.js..network.proxy.ftp: ":" FF - prefs.js..network.proxy.gopher: ":" FF - prefs.js..network.proxy.http: ":" FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1,*.local" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: ":" FF - prefs.js..network.proxy.ssl: ":" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.04.20 11:40:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.03.20 18:21:56 | 000,000,000 | ---D | M] [2009.12.27 14:41:22 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions [2009.12.27 14:41:22 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\2ojbui5r.default\extensions [2009.12.27 14:42:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\2ojbui5r.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.07.17 17:22:36 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\2ojbui5r.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011.03.20 10:37:28 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\2ojbui5r.default\extensions\ffxtlbr@babylon.com [2011.03.20 19:26:44 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\2ojbui5r.default\extensions\finder@meingutscheincode.de [2009.12.27 14:42:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\2ojbui5r.default\extensions\staged-xpis [2009.03.18 14:40:42 | 000,019,153 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\2ojbui5r.default\extensions\staged-xpis\{20a82645-c095-46ed-80e3-08825760534b}\MicrosoftDotNetFrameworkAssistant.xpi File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\COFFPLGN File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\IPSFFPLGN [2009.03.28 17:26:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011.03.20 18:41:24 | 000,002,428 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml O1 HOSTS File: ([2004.08.10 05:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {2753BFB5-0566-8974-7D82-C0E9EE58F94C} - No CLSID value found. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWin2.dll (Conduit Ltd.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (DeskbarBHO) - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Programme\myTouch\dbuA\deskbar.dll (Deskbar) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWin2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST) O3 - HKCU\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Programme\Winload\prxtbWin2.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [BisonBar] C:\WINDOWS\BUtilityBar\BisonBar.exe () O4 - HKLM..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe () O4 - HKLM..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST) O4 - HKLM..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe ( ) O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe () O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.) O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Motive SmartBridge] C:\Programme\Bluewin\Quick Help\SmartBridge\QuickHelpAlert.exe (Motive Communications, Inc.) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [ntiMUI] C:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe () O4 - HKLM..\Run: [pdfSaver3] File not found O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [preload] C:\WINDOWS\RUNXMLPL.EXE (Wistron) O4 - HKLM..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl05a\BrStDvPt.exe (Brother Industories, Ltd.) O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" File not found O4 - HKLM..\Run: [TkBellExe] C:\Programme\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [ocgai] "c:\dokumente und einstellungen\***\lokale einstellungen\anwendungsdaten\ocgai.exe" ocgai File not found O4 - HKCU..\Run: [pdfSaver3] C:\Programme\Mindjet\MindManager 7\PDF-XChange\pdfSaver\pdfSaver3.exe (Tracker Software Products Ltd.) O4 - HKCU..\Run: [Sony PC Companion] C:\Programme\Sony\Sony PC Companion\PCCompanion.exe (Sony) O4 - HKCU..\Run: [UniblueRegistryBooster] "C:\Programme\Uniblue\RegistryBooster\launcher.exe" delay 20000 File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Quick Help.lnk = C:\Programme\Bluewin\Quick Help\bin\matcli.exe (Motive Communications, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\TeamDrive2.lnk = C:\Programme\TeamDrive2.0\bin\TeamDrive2.exe (TeamDrive Systems GmbH) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_24.dll (Sun Microsystems, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178567884250 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4481175C-9BF8-4C02-8684-B2BFEC64DD59}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - C:\WINDOWS\Downloaded Program Files\mimectl.dll () O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digeste.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{88a4f128-b797-11e1-8a42-0016d34c05c9}\Shell - "" = AutoRun O33 - MountPoints2\{88a4f128-b797-11e1-8a42-0016d34c05c9}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{88a4f128-b797-11e1-8a42-0016d34c05c9}\Shell\AutoRun\command - "" = F:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.06 20:08:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe [30 C:\Dokumente und Einstellungen\***\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\***\Desktop\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.06 20:18:02 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2013.01.06 20:07:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe [2013.01.06 20:06:08 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\***\defogger_reenable [2013.01.06 19:56:02 | 000,001,106 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.01.06 18:56:02 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.01.06 17:52:52 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1616273580-3617419342-554980115-1005.job [2013.01.06 17:52:52 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1616273580-3617419342-554980115-1005.job [2013.01.06 17:50:14 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office Word 2003.lnk [2013.01.06 08:42:14 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2013.01.06 08:41:42 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.01.06 08:39:30 | 000,000,097 | ---- | M] () -- C:\WINDOWS\ComponentList.xml [2013.01.06 08:39:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-***-Startup.job [2013.01.06 08:38:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.01.06 08:38:36 | 1072,345,088 | -HS- | M] () -- C:\hiberfil.sys [2013.01.06 03:25:58 | 000,216,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.01.06 03:07:46 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.01.05 21:04:28 | 000,000,664 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.05 20:57:42 | 000,000,080 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\mbam.context.scan [2013.01.05 20:00:02 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\Registry Winner Schedule.job [2013.01.05 18:37:44 | 000,464,866 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.01.05 18:37:44 | 000,446,218 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.01.05 18:37:44 | 000,073,424 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.01.05 18:37:42 | 000,087,080 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.01.05 17:49:18 | 000,001,611 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Sony PC Companion 2.1.lnk [2012.12.16 13:24:00 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll [2012.12.16 13:24:00 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [30 C:\Dokumente und Einstellungen\***\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\***\Desktop\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.06 20:06:06 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\***\defogger_reenable [2013.01.05 20:57:40 | 000,000,080 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\mbam.context.scan [2013.01.05 17:49:16 | 000,001,611 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Sony PC Companion 2.1.lnk [2012.11.28 22:17:46 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.02.16 16:38:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.02.21 20:40:26 | 000,000,895 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.recently-used.xbel [2011.01.19 06:46:19 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2011.01.19 06:41:16 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2009.05.09 14:53:52 | 000,145,756 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ocgai_nav.dat [2009.05.09 14:53:52 | 000,003,407 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ocgai.dat [2009.05.09 14:53:52 | 000,000,365 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ocgai_navps.dat [2008.11.16 10:29:22 | 000,004,131 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\xqkcebzs.dik [2008.01.25 18:09:51 | 000,027,648 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.02.06 21:05:08 | 000,000,251 | ---- | C] () -- C:\Programme\wt3d.ini [2007.01.18 15:50:27 | 000,000,147 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== ZeroAccess Check ========== [2005.04.15 16:53:54 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:26 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Und hier der Inhalt von Extras.Txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 06.01.2013 20:09:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
1022.60 Mb Total Physical Memory | 362.86 Mb Available Physical Memory | 35.48% Memory free
2.40 Gb Paging File | 0.54 Gb Available in Paging File | 22.64% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 53.19 Gb Total Space | 11.46 Gb Free Space | 21.55% Space Free | Partition Type: FAT32
Drive D: | 53.69 Gb Total Space | 53.34 Gb Free Space | 99.36% Space Free | Partition Type: FAT32
Computer Name: VALUED-1EA80BFA | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Sony Ericsson\Update Service\Update Service.exe" = C:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.1.2903
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Acer OrbiCam
"{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{6A28AB0B-22B1-494C-AF61-B386EA1736C0}" = LightScribe 1.4.97.1
"{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A}" = Microsoft Outlook Web Access S/MIME
"{6EEE36E8-2FD8-5461-930C-A40374B023E4}" = Search Assistant Addestination
"{7057702F-6D71-4F30-8000-9E72BC771887}" = Acer ePerformance Management
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{86839B00-48BC-436D-978C-6EC44FF887A2}" = TeamDrive
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90530407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Standard 2003
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA396ABC-98AF-4F4A-B0F8-EB160DFF344B}" = Acer OrbiCam Utility Bar
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B06B842F-2450-494F-BBDE-217CDC151A37}" = NTI Backup NOW! 4.5
"{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}" = Acer Screensaver
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}" = FaceFilter Studio Brother Edition
"1F811665-E818-4956-9173-35CD47C9DCE0" = Otto
"7A1E1C4F-CC6F-4BF0-BB81-7CFC3F655564" = GemMaster Mystic
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS DVDMenu Editor_is1" = AVS DVDMenu Editor 1.2.1.20
"BLUEWIN.MCCInstall" = Quick Help
"CFF5FD902CAD8828AC62E155C542E69D5439C37A" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10250093" = HDAUDIO Soft Data Fax Modem with SmartCP
"cont_addestination" = Contextual Tool Addestination
"DBTB00001.DBTB00001Deskbar" = myTouch
"f4" = f4 3.1.0
"FreePDF_XP" = FreePDF XP (Remove only)
"GNU Ghostscript 7.05" = GNU Ghostscript 7.05
"GNU Ghostscript Fonts" = GNU Ghostscript Fonts
"GridVista" = Acer GridVista
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ifolor-Designer" = ifolor Designer
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.0.3077
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Netopia 3300 Series USB Network" = Netopia 3300 Series USB Network Adapter
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NP_OW_2011" = ObwaldenTax 2011 11.3.12
"NVIDIA Drivers" = NVIDIA Drivers
"ocgai" = Favorit
"PDF-XChange 3_is1" = PDF-XChange 3.0
"RealPlayer 12.0" = RealPlayer
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Update Service" = Update Service
"Usenet.to_is1" = Usenet.to
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winload Toolbar" = Winload Toolbar
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05.01.2013 16:47:15 | Computer Name = VALUED-1EA80BFA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00040014.
Error - 05.01.2013 16:47:27 | Computer Name = VALUED-1EA80BFA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00040005.
Error - 05.01.2013 16:47:45 | Computer Name = VALUED-1EA80BFA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00040005.
Error - 05.01.2013 16:47:53 | Computer Name = VALUED-1EA80BFA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 05.01.2013 20:50:16 | Computer Name = VALUED-1EA80BFA | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.
Error - 05.01.2013 22:26:20 | Computer Name = VALUED-1EA80BFA | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 06.01.2013 01:06:32 | Computer Name = VALUED-1EA80BFA | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 06.01.2013 01:06:47 | Computer Name = VALUED-1EA80BFA | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 06.01.2013 03:39:12 | Computer Name = VALUED-1EA80BFA | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 06.01.2013 03:42:42 | Computer Name = VALUED-1EA80BFA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teamdrive2.exe, Version 2.3.140.0, fehlgeschlagenes
Modul qtcore4.dll, Version 4.5.2.0, Fehleradresse 0x0000fc78.
[ System Events ]
Error - 05.01.2013 16:29:10 | Computer Name = VALUED-1EA80BFA | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Automatisches LiveUpdate - Scheduler" wurde aufgrund folgenden
Fehlers nicht gestartet: %%3
Error - 05.01.2013 16:29:24 | Computer Name = VALUED-1EA80BFA | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
Error - 05.01.2013 16:30:39 | Computer Name = VALUED-1EA80BFA | Source = DCOM | ID = 10010
Description = Der Server "{49BD2028-1523-11D1-AD79-00C04FD8FDFF}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 05.01.2013 22:27:31 | Computer Name = VALUED-1EA80BFA | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Automatisches LiveUpdate - Scheduler" wurde aufgrund folgenden
Fehlers nicht gestartet: %%3
Error - 05.01.2013 22:28:00 | Computer Name = VALUED-1EA80BFA | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
Error - 06.01.2013 01:07:52 | Computer Name = VALUED-1EA80BFA | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Automatisches LiveUpdate - Scheduler" wurde aufgrund folgenden
Fehlers nicht gestartet: %%3
Error - 06.01.2013 01:08:15 | Computer Name = VALUED-1EA80BFA | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
Error - 06.01.2013 03:38:52 | Computer Name = VALUED-1EA80BFA | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "" auf Volume "HarddiskVolume2" ist im
Wiederherstellungsfilter der unerwartete Fehler "0xC0000001" aufgetreten. Die Volumeüberwachung
wurde angehalten.
Error - 06.01.2013 03:40:07 | Computer Name = VALUED-1EA80BFA | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Automatisches LiveUpdate - Scheduler" wurde aufgrund folgenden
Fehlers nicht gestartet: %%3
Error - 06.01.2013 03:41:33 | Computer Name = VALUED-1EA80BFA | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
Lbd
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde
< End of report >
Herzlichen Dank. Gruss Anst |
|
07.01.2013, 16:01
| #4 |
| /// Malware-holic | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Hi download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
07.01.2013, 17:52
| #5 |
| |  Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Hallo Nun habe ich den tdss killer herunter geladen und gestartet und anschliessend alle Funde auf skip gesetzt. Wie krieg' ich die Ergebnisse nun hier ins Forum? Ich kann die Ergebnisse nicht kopieren, da der Klick mit der rechten Maustaste immer nur das ganze Fenster bewegt. Sorry, dass ich mich so dämlich anstelle. Gruss Anst |
|
07.01.2013, 20:35
| #6 |
| /// Malware-holic | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) hi, C:\tdsskiller-datum-version.txt öffnen und Inhalt bitte posten
__________________ --> Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) |
|
07.01.2013, 20:48
| #7 |
| | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) So blöd, jetzt habe ich den tdsskiller auf dem Desktop geschlossen und im Laufwerk C finde ich nichts. Jetzt ist der Report und alles andere weg.  |
|
07.01.2013, 20:48
| #8 |
| /// Malware-holic | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Das log wird automatisch gespeichert, wenn nicht führe ihn noch mal aus. das log liegt direkt auf c: tdsskiller-datum-version.txt
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
07.01.2013, 20:58
| #9 |
| | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Danke, nun habe ich beide LogFile gefunden. Hier der von gerade eben: 20:44:36.0703 2308 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 20:44:36.0796 2308 ============================================================ 20:44:36.0796 2308 Current date / time: 2013/01/07 20:44:36.0796 20:44:36.0796 2308 SystemInfo: 20:44:36.0796 2308 20:44:36.0796 2308 OS Version: 5.1.2600 ServicePack: 3.0 20:44:36.0796 2308 Product type: Workstation 20:44:36.0796 2308 ComputerName: VALUED-1EA80BFA 20:44:36.0796 2308 UserName: *** 20:44:36.0796 2308 Windows directory: C:\WINDOWS 20:44:36.0796 2308 System windows directory: C:\WINDOWS 20:44:36.0796 2308 Processor architecture: Intel x86 20:44:36.0796 2308 Number of processors: 2 20:44:36.0796 2308 Page size: 0x1000 20:44:36.0796 2308 Boot type: Normal boot 20:44:36.0796 2308 ============================================================ 20:44:38.0203 2308 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 20:44:38.0203 2308 ============================================================ 20:44:38.0203 2308 \Device\Harddisk0\DR0: 20:44:38.0203 2308 MBR partitions: 20:44:38.0203 2308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x9C64FE, BlocksNum 0x6A671E1 20:44:38.0203 2308 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x742D6DF, BlocksNum 0x6B660E2 20:44:38.0203 2308 ============================================================ 20:44:38.0234 2308 C: <-> \Device\Harddisk0\DR0\Partition1 20:44:38.0250 2308 D: <-> \Device\Harddisk0\DR0\Partition2 20:44:38.0250 2308 ============================================================ 20:44:38.0250 2308 Initialize success 20:44:38.0250 2308 ============================================================ 20:44:45.0312 0464 ============================================================ 20:44:45.0312 0464 Scan started 20:44:45.0312 0464 Mode: Manual; 20:44:45.0312 0464 ============================================================ 20:44:45.0953 0464 ================ Scan system memory ======================== 20:44:49.0156 0464 System memory - ok 20:44:49.0156 0464 ================ Scan services ============================= 20:44:49.0250 0464 Abiosdsk - ok 20:44:49.0281 0464 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 20:44:49.0281 0464 abp480n5 - ok 20:44:49.0281 0464 AcerMemUsageCheckService - ok 20:44:49.0312 0464 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 20:44:49.0312 0464 ACPI - ok 20:44:49.0343 0464 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 20:44:49.0343 0464 ACPIEC - ok 20:44:49.0359 0464 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys 20:44:49.0359 0464 adpu160m - ok 20:44:49.0421 0464 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 20:44:49.0453 0464 aec - ok 20:44:49.0484 0464 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 20:44:49.0546 0464 AFD - ok 20:44:49.0562 0464 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys 20:44:49.0562 0464 agp440 - ok 20:44:49.0578 0464 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 20:44:49.0578 0464 agpCPQ - ok 20:44:49.0593 0464 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys 20:44:49.0593 0464 Aha154x - ok 20:44:49.0593 0464 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys 20:44:49.0609 0464 aic78u2 - ok 20:44:49.0609 0464 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys 20:44:49.0625 0464 aic78xx - ok 20:44:49.0671 0464 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 20:44:49.0687 0464 Alerter - ok 20:44:49.0734 0464 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 20:44:49.0750 0464 ALG - ok 20:44:49.0765 0464 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys 20:44:49.0765 0464 AliIde - ok 20:44:49.0781 0464 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys 20:44:49.0781 0464 alim1541 - ok 20:44:49.0796 0464 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys 20:44:49.0796 0464 amdagp - ok 20:44:49.0812 0464 [ A96CC1761E4E6E997F3CA0021226C431 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 20:44:49.0828 0464 AmdK8 - ok 20:44:49.0843 0464 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys 20:44:49.0843 0464 amsint - ok 20:44:49.0921 0464 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe 20:44:49.0921 0464 AntiVirSchedulerService - ok 20:44:49.0968 0464 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe 20:44:49.0968 0464 AntiVirService - ok 20:44:50.0031 0464 [ E38BA9FAB3981A2115C53260B930FD3C ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE 20:44:50.0046 0464 AntiVirWebService - ok 20:44:50.0093 0464 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 20:44:50.0140 0464 AppMgmt - ok 20:44:50.0218 0464 [ 67F7D2C3A9265EE0534E36FE952F2AC4 ] AR5211 C:\WINDOWS\system32\DRIVERS\ar5211.sys 20:44:50.0218 0464 AR5211 - ok 20:44:50.0265 0464 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 20:44:50.0296 0464 Arp1394 - ok 20:44:50.0328 0464 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys 20:44:50.0328 0464 asc - ok 20:44:50.0343 0464 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys 20:44:50.0343 0464 asc3350p - ok 20:44:50.0359 0464 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys 20:44:50.0359 0464 asc3550 - ok 20:44:50.0468 0464 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 20:44:50.0546 0464 aspnet_state - ok 20:44:50.0546 0464 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 20:44:50.0593 0464 AsyncMac - ok 20:44:50.0609 0464 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 20:44:50.0609 0464 atapi - ok 20:44:50.0625 0464 Atdisk - ok 20:44:50.0656 0464 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 20:44:50.0656 0464 Atmarpc - ok 20:44:50.0812 0464 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 20:44:50.0812 0464 AudioSrv - ok 20:44:50.0843 0464 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 20:44:50.0843 0464 audstub - ok 20:44:50.0859 0464 Automatisches LiveUpdate - Scheduler - ok 20:44:50.0906 0464 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 20:44:50.0906 0464 avgntflt - ok 20:44:50.0921 0464 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 20:44:50.0921 0464 avipbb - ok 20:44:50.0968 0464 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 20:44:50.0968 0464 avkmgr - ok 20:44:51.0000 0464 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 20:44:51.0015 0464 Beep - ok 20:44:51.0078 0464 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 20:44:51.0078 0464 BITS - ok 20:44:51.0156 0464 [ CFD4C3352E29A8B729536648466E8DF5 ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe 20:44:51.0156 0464 Bonjour Service - ok 20:44:51.0218 0464 [ D3FACB34FFF5DB91ADB70987838F8BA7 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe 20:44:51.0234 0464 Brother XP spl Service - ok 20:44:51.0281 0464 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 20:44:51.0281 0464 Browser - ok 20:44:51.0312 0464 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\Drivers\BrScnUsb.sys 20:44:51.0312 0464 BrScnUsb - ok 20:44:51.0375 0464 [ B2C100ADE3A01B663CAA7EB68EE80A51 ] Cam5603D C:\WINDOWS\system32\Drivers\BisonCam.sys 20:44:51.0390 0464 Cam5603D - ok 20:44:51.0421 0464 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 20:44:51.0421 0464 cbidf - ok 20:44:51.0421 0464 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 20:44:51.0421 0464 cbidf2k - ok 20:44:51.0453 0464 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 20:44:51.0468 0464 CCDECODE - ok 20:44:51.0468 0464 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 20:44:51.0468 0464 cd20xrnt - ok 20:44:51.0484 0464 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 20:44:51.0484 0464 Cdaudio - ok 20:44:51.0500 0464 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 20:44:51.0500 0464 Cdfs - ok 20:44:51.0515 0464 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 20:44:51.0515 0464 Cdrom - ok 20:44:51.0531 0464 Changer - ok 20:44:51.0625 0464 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 20:44:51.0625 0464 CiSvc - ok 20:44:51.0718 0464 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 20:44:51.0718 0464 ClipSrv - ok 20:44:51.0812 0464 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:44:51.0812 0464 clr_optimization_v2.0.50727_32 - ok 20:44:51.0859 0464 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 20:44:51.0859 0464 CmBatt - ok 20:44:51.0859 0464 [ C687F81290303D90099B027A6474F99F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys 20:44:51.0875 0464 CmdIde - ok 20:44:51.0921 0464 [ 7071C6FCC5C452D8F1BCE78D53015154 ] CnxTrLan C:\WINDOWS\system32\DRIVERS\CnxTrLan.sys 20:44:51.0921 0464 CnxTrLan - ok 20:44:51.0984 0464 [ 60DC47FFFAE8B1987DB88F7AFD101EA3 ] CnxTrUsb C:\WINDOWS\system32\DRIVERS\CnxTrUsb.sys 20:44:51.0984 0464 CnxTrUsb - ok 20:44:52.0015 0464 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 20:44:52.0015 0464 Compbatt - ok 20:44:52.0093 0464 COMSysApp - ok 20:44:52.0125 0464 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys 20:44:52.0125 0464 Cpqarray - ok 20:44:52.0218 0464 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 20:44:52.0218 0464 CryptSvc - ok 20:44:52.0234 0464 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 20:44:52.0234 0464 dac2w2k - ok 20:44:52.0250 0464 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys 20:44:52.0250 0464 dac960nt - ok 20:44:52.0328 0464 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 20:44:52.0328 0464 DcomLaunch - ok 20:44:52.0359 0464 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 20:44:52.0359 0464 Dhcp - ok 20:44:52.0375 0464 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 20:44:52.0375 0464 Disk - ok 20:44:52.0390 0464 [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys 20:44:52.0406 0464 DKbFltr - ok 20:44:52.0468 0464 dmadmin - ok 20:44:52.0562 0464 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 20:44:52.0578 0464 dmboot - ok 20:44:52.0609 0464 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 20:44:52.0625 0464 dmio - ok 20:44:52.0625 0464 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 20:44:52.0625 0464 dmload - ok 20:44:52.0703 0464 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 20:44:52.0703 0464 dmserver - ok 20:44:52.0781 0464 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 20:44:52.0781 0464 DMusic - ok 20:44:52.0890 0464 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 20:44:52.0890 0464 Dnscache - ok 20:44:53.0015 0464 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 20:44:53.0015 0464 Dot3svc - ok 20:44:53.0046 0464 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys 20:44:53.0046 0464 dpti2o - ok 20:44:53.0093 0464 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 20:44:53.0093 0464 drmkaud - ok 20:44:53.0187 0464 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 20:44:53.0187 0464 EapHost - ok 20:44:53.0265 0464 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe 20:44:53.0265 0464 ehRecvr - ok 20:44:53.0281 0464 [ E774BF24A6CB798DCE67AD1C8E917152 ] ehSched C:\WINDOWS\eHome\ehSched.exe 20:44:53.0296 0464 ehSched - ok 20:44:53.0359 0464 [ 70F3D2751BA8877EE06BECFC59BD77F1 ] eLock2BurnerLockDriver C:\WINDOWS\system32\eLock2BurnerLockDriver.sys 20:44:53.0359 0464 eLock2BurnerLockDriver - ok 20:44:53.0421 0464 [ 8A24DCB29ABC693F1D3085A69239E84B ] eLock2FSCTLDriver C:\WINDOWS\system32\eLock2FSCTLDriver.sys 20:44:53.0421 0464 eLock2FSCTLDriver - ok 20:44:53.0468 0464 [ B44EB52D68A09B7E41C709CA2F18B1C4 ] epindd C:\WINDOWS\system32\drivers\epindd.sys 20:44:53.0468 0464 epindd - ok 20:44:53.0546 0464 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 20:44:53.0546 0464 ERSvc - ok 20:44:53.0625 0464 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 20:44:53.0625 0464 Eventlog - ok 20:44:53.0703 0464 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 20:44:53.0703 0464 EventSystem - ok 20:44:53.0734 0464 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 20:44:53.0750 0464 Fastfat - ok 20:44:53.0812 0464 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 20:44:53.0812 0464 FastUserSwitchingCompatibility - ok 20:44:53.0906 0464 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe 20:44:53.0906 0464 Fax - ok 20:44:53.0921 0464 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 20:44:53.0921 0464 Fdc - ok 20:44:53.0968 0464 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 20:44:53.0968 0464 Fips - ok 20:44:53.0984 0464 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 20:44:53.0984 0464 Flpydisk - ok 20:44:54.0015 0464 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 20:44:54.0015 0464 FltMgr - ok 20:44:54.0125 0464 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 20:44:54.0125 0464 FontCache3.0.0.0 - ok 20:44:54.0156 0464 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 20:44:54.0156 0464 Fs_Rec - ok 20:44:54.0171 0464 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 20:44:54.0187 0464 Ftdisk - ok 20:44:54.0218 0464 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 20:44:54.0218 0464 Gpc - ok 20:44:54.0343 0464 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 20:44:54.0343 0464 gupdate - ok 20:44:54.0359 0464 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 20:44:54.0359 0464 gupdatem - ok 20:44:54.0468 0464 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe 20:44:54.0468 0464 gusvc - ok 20:44:54.0515 0464 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 20:44:54.0515 0464 HDAudBus - ok 20:44:54.0593 0464 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 20:44:54.0593 0464 helpsvc - ok 20:44:54.0718 0464 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll 20:44:54.0718 0464 HidServ - ok 20:44:54.0796 0464 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 20:44:54.0796 0464 HidUsb - ok 20:44:54.0906 0464 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 20:44:54.0921 0464 hkmsvc - ok 20:44:54.0937 0464 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys 20:44:54.0937 0464 hpn - ok 20:44:54.0984 0464 [ A902A7E76C245210EEE9EF5185158E9C ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys 20:44:54.0984 0464 HSFHWAZL - ok 20:44:55.0046 0464 [ C9F4E7DA78A02623ABF78A4A34CE79B1 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 20:44:55.0062 0464 HSF_DPV - ok 20:44:55.0109 0464 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 20:44:55.0125 0464 HTTP - ok 20:44:55.0203 0464 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 20:44:55.0203 0464 HTTPFilter - ok 20:44:55.0234 0464 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys 20:44:55.0234 0464 i2omgmt - ok 20:44:55.0265 0464 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys 20:44:55.0265 0464 i2omp - ok 20:44:55.0281 0464 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 20:44:55.0281 0464 i8042prt - ok 20:44:55.0375 0464 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe 20:44:55.0375 0464 IDriverT - ok 20:44:55.0484 0464 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 20:44:55.0500 0464 idsvc - ok 20:44:55.0515 0464 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 20:44:55.0531 0464 Imapi - ok 20:44:55.0609 0464 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 20:44:55.0625 0464 ImapiService - ok 20:44:55.0671 0464 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys 20:44:55.0671 0464 ini910u - ok 20:44:55.0750 0464 [ 4D8D5B1C895EA0F2A721B98A7CE198F1 ] int15 C:\WINDOWS\system32\drivers\int15.sys 20:44:55.0750 0464 int15 - ok 20:44:55.0750 0464 int15.sys - ok 20:44:55.0984 0464 [ 12F4D2AA29745DC2A403FF42E75CF7FA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 20:44:56.0078 0464 IntcAzAudAddService - ok 20:44:56.0171 0464 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 20:44:56.0171 0464 IntelIde - ok 20:44:56.0203 0464 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 20:44:56.0203 0464 Ip6Fw - ok 20:44:56.0250 0464 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 20:44:56.0250 0464 IpFilterDriver - ok 20:44:56.0296 0464 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 20:44:56.0296 0464 IpInIp - ok 20:44:56.0328 0464 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 20:44:56.0343 0464 IpNat - ok 20:44:56.0359 0464 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 20:44:56.0359 0464 IPSec - ok 20:44:56.0406 0464 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys 20:44:56.0406 0464 irda - ok 20:44:56.0437 0464 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 20:44:56.0437 0464 IRENUM - ok 20:44:56.0515 0464 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll 20:44:56.0515 0464 Irmon - ok 20:44:56.0546 0464 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 20:44:56.0562 0464 isapnp - ok 20:44:56.0703 0464 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe 20:44:56.0703 0464 JavaQuickStarterService - ok 20:44:56.0765 0464 [ FE8300320281D658A7854D5CFC02A63F ] k750bus C:\WINDOWS\system32\DRIVERS\k750bus.sys 20:44:56.0765 0464 k750bus - ok 20:44:56.0781 0464 [ F44521F63C0C00364FA3D59DB980DE6A ] k750mdfl C:\WINDOWS\system32\DRIVERS\k750mdfl.sys 20:44:56.0781 0464 k750mdfl - ok 20:44:56.0906 0464 [ E93323C3ED5E8923A177740A973C27B2 ] k750mdm C:\WINDOWS\system32\DRIVERS\k750mdm.sys 20:44:56.0937 0464 k750mdm - ok 20:44:57.0015 0464 [ 9D5F5A70CA0B7C428EFCD73DB50E6AC7 ] k750mgmt C:\WINDOWS\system32\DRIVERS\k750mgmt.sys 20:44:57.0015 0464 k750mgmt - ok 20:44:57.0187 0464 [ 81CA2D57B2C14F76F4BA80846784BB3D ] k750obex C:\WINDOWS\system32\DRIVERS\k750obex.sys 20:44:57.0203 0464 k750obex - ok 20:44:57.0312 0464 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 20:44:57.0312 0464 Kbdclass - ok 20:44:57.0375 0464 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 20:44:57.0375 0464 kbdhid - ok 20:44:57.0640 0464 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 20:44:57.0703 0464 kmixer - ok 20:44:57.0734 0464 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 20:44:57.0734 0464 KSecDD - ok 20:44:57.0828 0464 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 20:44:57.0828 0464 lanmanserver - ok 20:44:57.0906 0464 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 20:44:57.0937 0464 lanmanworkstation - ok 20:44:57.0953 0464 Lbd - ok 20:44:57.0953 0464 lbrtfdc - ok 20:44:58.0062 0464 [ 86E8BCAA91FC2ACFACD99CF2BF9F1F47 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe 20:44:58.0062 0464 LightScribeService - ok 20:44:58.0093 0464 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 20:44:58.0109 0464 LmHosts - ok 20:44:58.0109 0464 LockServ - ok 20:44:58.0171 0464 [ 52404CC76E9D53843BDF97564BB16BED ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe 20:44:58.0171 0464 McrdSvc - ok 20:44:58.0250 0464 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE 20:44:58.0265 0464 MDM - ok 20:44:58.0296 0464 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 20:44:58.0296 0464 mdmxsdk - ok 20:44:58.0359 0464 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 20:44:58.0359 0464 Messenger - ok 20:44:58.0437 0464 [ DED60230E3019C508769EC3C15BCDA44 ] MHN C:\WINDOWS\System32\mhn.dll 20:44:58.0437 0464 MHN - ok 20:44:58.0484 0464 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys 20:44:58.0484 0464 MHNDRV - ok 20:44:58.0515 0464 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 20:44:58.0515 0464 mnmdd - ok 20:44:58.0562 0464 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 20:44:58.0562 0464 mnmsrvc - ok 20:44:58.0609 0464 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 20:44:58.0609 0464 Modem - ok 20:44:58.0625 0464 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 20:44:58.0625 0464 Mouclass - ok 20:44:58.0671 0464 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 20:44:58.0671 0464 mouhid - ok 20:44:58.0718 0464 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 20:44:58.0718 0464 MountMgr - ok 20:44:58.0734 0464 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys 20:44:58.0734 0464 mraid35x - ok 20:44:58.0765 0464 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 20:44:58.0765 0464 MRxDAV - ok 20:44:58.0812 0464 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 20:44:58.0812 0464 MRxSmb - ok 20:44:58.0890 0464 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 20:44:58.0890 0464 MSDTC - ok 20:44:58.0906 0464 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 20:44:58.0906 0464 Msfs - ok 20:44:59.0031 0464 MSIServer - ok 20:44:59.0078 0464 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 20:44:59.0078 0464 MSKSSRV - ok 20:44:59.0093 0464 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 20:44:59.0093 0464 MSPCLOCK - ok 20:44:59.0125 0464 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 20:44:59.0125 0464 MSPQM - ok 20:44:59.0156 0464 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 20:44:59.0156 0464 mssmbios - ok 20:44:59.0187 0464 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 20:44:59.0187 0464 MSTEE - ok 20:44:59.0218 0464 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 20:44:59.0218 0464 Mup - ok 20:44:59.0250 0464 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 20:44:59.0250 0464 NABTSFEC - ok 20:44:59.0359 0464 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 20:44:59.0375 0464 napagent - ok 20:44:59.0406 0464 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 20:44:59.0406 0464 NDIS - ok 20:44:59.0437 0464 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 20:44:59.0437 0464 NdisIP - ok 20:44:59.0468 0464 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 20:44:59.0468 0464 NdisTapi - ok 20:44:59.0515 0464 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 20:44:59.0515 0464 Ndisuio - ok 20:44:59.0531 0464 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 20:44:59.0531 0464 NdisWan - ok 20:44:59.0562 0464 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 20:44:59.0562 0464 NDProxy - ok 20:44:59.0578 0464 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 20:44:59.0578 0464 NetBIOS - ok 20:44:59.0609 0464 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 20:44:59.0609 0464 NetBT - ok 20:44:59.0703 0464 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 20:44:59.0703 0464 NetDDE - ok 20:44:59.0718 0464 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 20:44:59.0718 0464 NetDDEdsdm - ok 20:44:59.0781 0464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 20:44:59.0781 0464 Netlogon - ok 20:44:59.0859 0464 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 20:44:59.0859 0464 Netman - ok 20:44:59.0953 0464 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:44:59.0953 0464 NetTcpPortSharing - ok 20:44:59.0984 0464 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 20:44:59.0984 0464 NIC1394 - ok 20:45:00.0046 0464 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 20:45:00.0046 0464 Nla - ok 20:45:00.0062 0464 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 20:45:00.0062 0464 Npfs - ok 20:45:00.0093 0464 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys 20:45:00.0093 0464 NSCIRDA - ok 20:45:00.0171 0464 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 20:45:00.0171 0464 Ntfs - ok 20:45:00.0203 0464 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys 20:45:00.0218 0464 NTIDrvr - ok 20:45:00.0250 0464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 20:45:00.0250 0464 NtLmSsp - ok 20:45:00.0390 0464 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 20:45:00.0406 0464 NtmsSvc - ok 20:45:00.0453 0464 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys 20:45:00.0453 0464 NuidFltr - ok 20:45:00.0484 0464 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 20:45:00.0484 0464 Null - ok 20:45:00.0671 0464 [ 59E5D945934EC2E7EAA22AF81813DABF ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 20:45:00.0750 0464 nv - ok 20:45:00.0843 0464 [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 20:45:00.0843 0464 NVENETFD - ok 20:45:00.0859 0464 [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 20:45:00.0859 0464 nvnetbus - ok 20:45:00.0875 0464 [ E0F76FAB86FEC98778047D0C7C39CBB9 ] nvsmu C:\WINDOWS\system32\DRIVERS\nvsmu.sys 20:45:00.0890 0464 nvsmu - ok 20:45:00.0968 0464 [ 6D88C26BF33D2B8404F01CECBDD47D3A ] NVSvc C:\WINDOWS\system32\nvsvc32.exe 20:45:00.0968 0464 NVSvc - ok 20:45:01.0000 0464 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 20:45:01.0000 0464 NwlnkFlt - ok 20:45:01.0031 0464 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 20:45:01.0031 0464 NwlnkFwd - ok 20:45:01.0062 0464 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 20:45:01.0078 0464 ohci1394 - ok 20:45:01.0171 0464 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 20:45:01.0171 0464 ose - ok 20:45:01.0234 0464 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys 20:45:01.0234 0464 Parport - ok 20:45:01.0234 0464 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 20:45:01.0250 0464 PartMgr - ok 20:45:01.0265 0464 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 20:45:01.0265 0464 ParVdm - ok 20:45:01.0281 0464 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 20:45:01.0281 0464 PCI - ok 20:45:01.0296 0464 PCIDump - ok 20:45:01.0296 0464 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 20:45:01.0296 0464 PCIIde - ok 20:45:01.0328 0464 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 20:45:01.0343 0464 Pcmcia - ok 20:45:01.0343 0464 PDCOMP - ok 20:45:01.0359 0464 PDFRAME - ok 20:45:01.0375 0464 PDRELI - ok 20:45:01.0390 0464 PDRFRAME - ok 20:45:01.0406 0464 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys 20:45:01.0406 0464 perc2 - ok 20:45:01.0421 0464 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys 20:45:01.0421 0464 perc2hib - ok 20:45:01.0484 0464 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 20:45:01.0484 0464 PlugPlay - ok 20:45:01.0515 0464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 20:45:01.0515 0464 PolicyAgent - ok 20:45:01.0562 0464 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 20:45:01.0562 0464 PptpMiniport - ok 20:45:01.0609 0464 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 20:45:01.0609 0464 Processor - ok 20:45:01.0640 0464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 20:45:01.0640 0464 ProtectedStorage - ok 20:45:01.0656 0464 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 20:45:01.0656 0464 PSched - ok 20:45:01.0703 0464 [ 00B670D8A36C7134CFC66B446A18CC92 ] psdfilter C:\WINDOWS\system32\Drivers\psdfilter.sys 20:45:01.0718 0464 psdfilter - ok 20:45:01.0734 0464 [ E9A60343CB7C39090638B1DD574F26EB ] psdvdisk C:\WINDOWS\system32\Drivers\psdvdisk.sys 20:45:01.0734 0464 psdvdisk - ok 20:45:01.0750 0464 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 20:45:01.0750 0464 Ptilink - ok 20:45:01.0765 0464 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 20:45:01.0765 0464 PxHelp20 - ok 20:45:01.0781 0464 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys 20:45:01.0781 0464 ql1080 - ok 20:45:01.0796 0464 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 20:45:01.0796 0464 Ql10wnt - ok 20:45:01.0812 0464 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys 20:45:01.0812 0464 ql12160 - ok 20:45:01.0812 0464 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys 20:45:01.0828 0464 ql1240 - ok 20:45:01.0828 0464 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys 20:45:01.0828 0464 ql1280 - ok 20:45:01.0859 0464 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 20:45:01.0859 0464 RasAcd - ok 20:45:01.0921 0464 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 20:45:01.0921 0464 RasAuto - ok 20:45:01.0953 0464 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys 20:45:01.0953 0464 Rasirda - ok 20:45:01.0953 0464 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 20:45:01.0968 0464 Rasl2tp - ok 20:45:02.0015 0464 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 20:45:02.0015 0464 RasMan - ok 20:45:02.0031 0464 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 20:45:02.0031 0464 RasPppoe - ok 20:45:02.0046 0464 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 20:45:02.0046 0464 Raspti - ok 20:45:02.0062 0464 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 20:45:02.0078 0464 Rdbss - ok 20:45:02.0078 0464 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 20:45:02.0078 0464 RDPCDD - ok 20:45:02.0109 0464 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 20:45:02.0140 0464 rdpdr - ok 20:45:02.0187 0464 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 20:45:02.0187 0464 RDPWD - ok 20:45:02.0250 0464 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 20:45:02.0265 0464 RDSessMgr - ok 20:45:02.0281 0464 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 20:45:02.0281 0464 redbook - ok 20:45:02.0390 0464 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 20:45:02.0390 0464 RemoteAccess - ok 20:45:02.0437 0464 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 20:45:02.0453 0464 RemoteRegistry - ok 20:45:02.0515 0464 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 20:45:02.0515 0464 RpcLocator - ok 20:45:02.0578 0464 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll 20:45:02.0578 0464 RpcSs - ok 20:45:02.0640 0464 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 20:45:02.0640 0464 RSVP - ok 20:45:02.0671 0464 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 20:45:02.0671 0464 rtl8139 - ok 20:45:02.0718 0464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 20:45:02.0734 0464 SamSs - ok 20:45:02.0781 0464 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 20:45:02.0796 0464 SCardSvr - ok 20:45:02.0843 0464 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 20:45:02.0843 0464 Schedule - ok 20:45:02.0906 0464 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys 20:45:02.0906 0464 sdbus - ok 20:45:02.0953 0464 [ 59A9EB4073A39895AF314780D0A032FA ] SE27bus C:\WINDOWS\system32\DRIVERS\SE27bus.sys 20:45:02.0953 0464 SE27bus - ok 20:45:03.0062 0464 [ D53E7E53107D1796825540129F8FE89F ] SE27mdfl C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys 20:45:03.0062 0464 SE27mdfl - ok 20:45:03.0078 0464 [ 2AFA2F65A6E91DA5B5070E734769827E ] SE27mdm C:\WINDOWS\system32\DRIVERS\SE27mdm.sys 20:45:03.0093 0464 SE27mdm - ok 20:45:03.0140 0464 [ 5A33A8D7B44C7BD8ABE248B4DCD1FF3C ] SE27mgmt C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys 20:45:03.0140 0464 SE27mgmt - ok 20:45:03.0187 0464 [ BB30139683BBF3EE89EC931393D9335C ] se27nd5 C:\WINDOWS\system32\DRIVERS\se27nd5.sys 20:45:03.0187 0464 se27nd5 - ok 20:45:03.0250 0464 [ 5DA6FF71E94B9134DDD094EBB09F05E6 ] SE27obex C:\WINDOWS\system32\DRIVERS\SE27obex.sys 20:45:03.0250 0464 SE27obex - ok 20:45:03.0281 0464 [ 4D54A9D7C22157AB3D2442E8BCF5ECD2 ] se27unic C:\WINDOWS\system32\DRIVERS\se27unic.sys 20:45:03.0281 0464 se27unic - ok 20:45:03.0343 0464 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 20:45:03.0343 0464 Secdrv - ok 20:45:03.0421 0464 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 20:45:03.0421 0464 seclogon - ok 20:45:03.0453 0464 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\WINDOWS\system32\DRIVERS\seehcri.sys 20:45:03.0453 0464 seehcri - ok 20:45:03.0531 0464 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 20:45:03.0531 0464 SENS - ok 20:45:03.0578 0464 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys 20:45:03.0578 0464 Serial - ok 20:45:03.0640 0464 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 20:45:03.0640 0464 Sfloppy - ok 20:45:03.0734 0464 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 20:45:03.0750 0464 SharedAccess - ok 20:45:03.0828 0464 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 20:45:03.0828 0464 ShellHWDetection - ok 20:45:03.0843 0464 Simbad - ok 20:45:03.0875 0464 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys 20:45:03.0875 0464 sisagp - ok 20:45:03.0890 0464 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 20:45:03.0890 0464 SLIP - ok 20:45:04.0031 0464 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Programme\Sony\Sony PC Companion\PCCService.exe 20:45:04.0031 0464 Sony PC Companion - ok 20:45:04.0046 0464 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys 20:45:04.0046 0464 Sparrow - ok 20:45:04.0078 0464 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 20:45:04.0078 0464 splitter - ok 20:45:04.0109 0464 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 20:45:04.0109 0464 Spooler - ok 20:45:04.0125 0464 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 20:45:04.0125 0464 sr - ok 20:45:04.0187 0464 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 20:45:04.0203 0464 srservice - ok 20:45:04.0250 0464 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 20:45:04.0250 0464 Srv - ok 20:45:04.0312 0464 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 20:45:04.0312 0464 SSDPSRV - ok 20:45:04.0343 0464 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 20:45:04.0343 0464 ssmdrv - ok 20:45:04.0390 0464 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 20:45:04.0390 0464 stisvc - ok 20:45:04.0421 0464 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 20:45:04.0421 0464 streamip - ok 20:45:04.0437 0464 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 20:45:04.0453 0464 swenum - ok 20:45:04.0468 0464 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 20:45:04.0484 0464 swmidi - ok 20:45:04.0593 0464 SwPrv - ok 20:45:04.0625 0464 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys 20:45:04.0640 0464 symc810 - ok 20:45:04.0640 0464 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys 20:45:04.0656 0464 symc8xx - ok 20:45:04.0656 0464 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys 20:45:04.0656 0464 sym_hi - ok 20:45:04.0671 0464 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys 20:45:04.0671 0464 sym_u3 - ok 20:45:04.0734 0464 [ 69BF2DD9B1099D1AA3E7CF14B4B842CD ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 20:45:04.0734 0464 SynTP - ok 20:45:04.0765 0464 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 20:45:04.0765 0464 sysaudio - ok 20:45:04.0843 0464 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 20:45:04.0843 0464 SysmonLog - ok 20:45:04.0921 0464 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 20:45:04.0921 0464 TapiSrv - ok 20:45:04.0968 0464 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 20:45:04.0984 0464 Tcpip - ok 20:45:05.0000 0464 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 20:45:05.0000 0464 TDPIPE - ok 20:45:05.0015 0464 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 20:45:05.0015 0464 TDTCP - ok 20:45:05.0046 0464 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 20:45:05.0046 0464 TermDD - ok 20:45:05.0125 0464 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 20:45:05.0125 0464 TermService - ok 20:45:05.0203 0464 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 20:45:05.0203 0464 Themes - ok 20:45:05.0250 0464 [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys 20:45:05.0250 0464 tifm21 - ok 20:45:05.0312 0464 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 20:45:05.0312 0464 TlntSvr - ok 20:45:05.0328 0464 [ D213A9247DC347F305A2D4CC9B951487 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys 20:45:05.0328 0464 TosIde - ok 20:45:05.0406 0464 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 20:45:05.0406 0464 TrkWks - ok 20:45:05.0437 0464 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport C:\WINDOWS\system32\drivers\tvicport.sys 20:45:05.0437 0464 tvicport - ok 20:45:05.0453 0464 [ E0C67BE430C6DE490D6CCAECFA071F9E ] UBHelper C:\WINDOWS\system32\drivers\UBHelper.sys 20:45:05.0453 0464 UBHelper - ok 20:45:05.0468 0464 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 20:45:05.0468 0464 Udfs - ok 20:45:05.0484 0464 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys 20:45:05.0484 0464 ultra - ok 20:45:05.0531 0464 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 20:45:05.0531 0464 Update - ok 20:45:05.0609 0464 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 20:45:05.0609 0464 upnphost - ok 20:45:05.0671 0464 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 20:45:05.0671 0464 UPS - ok 20:45:05.0718 0464 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 20:45:05.0718 0464 usbccgp - ok 20:45:05.0750 0464 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 20:45:05.0750 0464 usbehci - ok 20:45:05.0765 0464 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 20:45:05.0765 0464 usbhub - ok 20:45:05.0781 0464 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 20:45:05.0781 0464 usbohci - ok 20:45:05.0812 0464 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 20:45:05.0812 0464 usbprint - ok 20:45:05.0828 0464 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 20:45:05.0828 0464 USBSTOR - ok 20:45:05.0843 0464 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 20:45:05.0843 0464 VgaSave - ok 20:45:05.0859 0464 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys 20:45:05.0859 0464 viaagp - ok 20:45:05.0875 0464 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 20:45:05.0875 0464 ViaIde - ok 20:45:05.0890 0464 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 20:45:05.0890 0464 VolSnap - ok 20:45:05.0984 0464 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 20:45:05.0984 0464 VSS - ok 20:45:06.0046 0464 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 20:45:06.0062 0464 W32Time - ok 20:45:06.0093 0464 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 20:45:06.0093 0464 Wanarp - ok 20:45:06.0171 0464 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 20:45:06.0171 0464 Wdf01000 - ok 20:45:06.0187 0464 WDICA - ok 20:45:06.0234 0464 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 20:45:06.0234 0464 wdmaud - ok 20:45:06.0312 0464 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 20:45:06.0312 0464 WebClient - ok 20:45:06.0375 0464 [ C1D5CBD8AA0D674DA1BA1BB189696396 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 20:45:06.0390 0464 winachsf - ok 20:45:06.0468 0464 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Programme\Windows Defender\MsMpEng.exe 20:45:06.0468 0464 WinDefend - ok 20:45:06.0531 0464 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 20:45:06.0531 0464 winmgmt - ok 20:45:06.0656 0464 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 20:45:06.0656 0464 WmdmPmSN - ok 20:45:06.0718 0464 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll 20:45:06.0718 0464 Wmi - ok 20:45:06.0765 0464 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 20:45:06.0765 0464 WmiAcpi - ok 20:45:06.0828 0464 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 20:45:06.0828 0464 WmiApSrv - ok 20:45:06.0937 0464 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\wmpnetwk.exe 20:45:06.0953 0464 WMPNetworkSvc - ok 20:45:07.0000 0464 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 20:45:07.0000 0464 WpdUsb - ok 20:45:07.0031 0464 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 20:45:07.0031 0464 WS2IFSL - ok 20:45:07.0109 0464 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 20:45:07.0125 0464 wscsvc - ok 20:45:07.0156 0464 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 20:45:07.0171 0464 WSTCODEC - ok 20:45:07.0265 0464 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 20:45:07.0265 0464 wuauserv - ok 20:45:07.0312 0464 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 20:45:07.0312 0464 WudfPf - ok 20:45:07.0343 0464 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 20:45:07.0343 0464 WUDFRd - ok 20:45:07.0421 0464 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 20:45:07.0421 0464 WudfSvc - ok 20:45:07.0515 0464 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 20:45:07.0531 0464 WZCSVC - ok 20:45:07.0609 0464 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 20:45:07.0609 0464 xmlprov - ok 20:45:07.0640 0464 [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport C:\WINDOWS\system32\drivers\zntport.sys 20:45:07.0656 0464 zntport - ok 20:45:07.0671 0464 ================ Scan global =============================== 20:45:07.0843 0464 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 20:45:07.0984 0464 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 20:45:08.0109 0464 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 20:45:08.0171 0464 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 20:45:08.0171 0464 [Global] - ok 20:45:08.0171 0464 ================ Scan MBR ================================== 20:45:08.0187 0464 [ 99852D5C3A78447C3D6D82B6155FE848 ] \Device\Harddisk0\DR0 20:45:12.0328 0464 \Device\Harddisk0\DR0 - ok 20:45:12.0328 0464 ================ Scan VBR ================================== 20:45:12.0343 0464 [ 2C795C37FF1E40B720C9AFC7AC343A43 ] \Device\Harddisk0\DR0\Partition1 20:45:12.0343 0464 \Device\Harddisk0\DR0\Partition1 - ok 20:45:12.0375 0464 [ 51923B4816BD0D882C6EB9A181536A77 ] \Device\Harddisk0\DR0\Partition2 20:45:12.0375 0464 \Device\Harddisk0\DR0\Partition2 - ok 20:45:12.0375 0464 ============================================================ 20:45:12.0375 0464 Scan finished 20:45:12.0375 0464 ============================================================ 20:45:12.0390 4156 Detected object count: 0 20:45:12.0390 4156 Actual detected object count: 0 20:50:42.0140 0916 Deinitialize success Und hier das erste Log: 17:38:09.0515 2936 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 17:38:11.0656 2936 ============================================================ 17:38:11.0656 2936 Current date / time: 2013/01/07 17:38:11.0656 17:38:11.0656 2936 SystemInfo: 17:38:11.0656 2936 17:38:11.0656 2936 OS Version: 5.1.2600 ServicePack: 3.0 17:38:11.0656 2936 Product type: Workstation 17:38:11.0656 2936 ComputerName: VALUED-1EA80BFA 17:38:11.0656 2936 UserName: *** 17:38:11.0656 2936 Windows directory: C:\WINDOWS 17:38:11.0656 2936 System windows directory: C:\WINDOWS 17:38:11.0656 2936 Processor architecture: Intel x86 17:38:11.0656 2936 Number of processors: 2 17:38:11.0656 2936 Page size: 0x1000 17:38:11.0656 2936 Boot type: Normal boot 17:38:11.0656 2936 ============================================================ 17:38:23.0359 2936 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 17:38:23.0406 2936 ============================================================ 17:38:23.0406 2936 \Device\Harddisk0\DR0: 17:38:23.0406 2936 MBR partitions: 17:38:23.0406 2936 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x9C64FE, BlocksNum 0x6A671E1 17:38:23.0406 2936 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x742D6DF, BlocksNum 0x6B660E2 17:38:23.0406 2936 ============================================================ 17:38:23.0421 2936 C: <-> \Device\Harddisk0\DR0\Partition1 17:38:23.0468 2936 D: <-> \Device\Harddisk0\DR0\Partition2 17:38:23.0562 2936 ============================================================ 17:38:23.0562 2936 Initialize success 17:38:23.0562 2936 ============================================================ 17:38:58.0125 3072 ============================================================ 17:38:58.0125 3072 Scan started 17:38:58.0125 3072 Mode: Manual; SigCheck; TDLFS; 17:38:58.0125 3072 ============================================================ 17:39:06.0078 3072 ================ Scan system memory ======================== 17:39:06.0078 3072 System memory - ok 17:39:06.0093 3072 ================ Scan services ============================= 17:39:16.0578 3072 Abiosdsk - ok 17:39:19.0062 3072 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 17:39:32.0390 3072 abp480n5 - ok 17:39:32.0390 3072 AcerMemUsageCheckService - ok 17:39:32.0593 3072 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 17:39:33.0015 3072 ACPI - ok 17:39:33.0062 3072 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 17:39:33.0375 3072 ACPIEC - ok 17:39:34.0109 3072 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys 17:39:34.0625 3072 adpu160m - ok 17:39:35.0515 3072 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 17:39:35.0796 3072 aec - ok 17:39:36.0156 3072 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 17:39:36.0328 3072 AFD - ok 17:39:36.0406 3072 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys 17:39:36.0718 3072 agp440 - ok 17:39:36.0796 3072 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 17:39:37.0062 3072 agpCPQ - ok 17:39:37.0109 3072 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys 17:39:37.0203 3072 Aha154x - ok 17:39:37.0390 3072 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys 17:39:37.0593 3072 aic78u2 - ok 17:39:37.0781 3072 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys 17:39:37.0953 3072 aic78xx - ok 17:39:38.0265 3072 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 17:39:38.0531 3072 Alerter - ok 17:39:38.0734 3072 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 17:39:38.0984 3072 ALG - ok 17:39:39.0156 3072 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys 17:39:39.0437 3072 AliIde - ok 17:39:39.0718 3072 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys 17:39:39.0906 3072 alim1541 - ok 17:39:40.0015 3072 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys 17:39:40.0250 3072 amdagp - ok 17:39:43.0750 3072 [ A96CC1761E4E6E997F3CA0021226C431 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 17:39:43.0906 3072 AmdK8 - ok 17:39:44.0656 3072 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys 17:39:44.0781 3072 amsint - ok 17:39:45.0343 3072 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe 17:39:45.0375 3072 AntiVirSchedulerService - ok 17:39:45.0453 3072 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe 17:39:45.0484 3072 AntiVirService - ok 17:39:45.0562 3072 [ E38BA9FAB3981A2115C53260B930FD3C ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE 17:39:45.0609 3072 AntiVirWebService - ok 17:39:45.0640 3072 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 17:39:45.0796 3072 AppMgmt - ok 17:39:45.0906 3072 [ 67F7D2C3A9265EE0534E36FE952F2AC4 ] AR5211 C:\WINDOWS\system32\DRIVERS\ar5211.sys 17:39:45.0984 3072 AR5211 - ok 17:39:46.0046 3072 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 17:39:46.0203 3072 Arp1394 - ok 17:39:46.0234 3072 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys 17:39:46.0406 3072 asc - ok 17:39:46.0421 3072 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys 17:39:46.0531 3072 asc3350p - ok 17:39:46.0562 3072 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys 17:39:46.0750 3072 asc3550 - ok 17:39:47.0859 3072 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 17:39:47.0875 3072 aspnet_state - ok 17:39:48.0000 3072 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 17:39:48.0187 3072 AsyncMac - ok 17:39:49.0875 3072 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 17:39:53.0984 3072 atapi - ok 17:39:54.0000 3072 Atdisk - ok 17:39:54.0953 3072 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 17:39:58.0234 3072 Atmarpc - ok 17:40:00.0750 3072 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 17:40:06.0640 3072 AudioSrv - ok 17:40:06.0671 3072 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 17:40:07.0109 3072 audstub - ok 17:40:07.0125 3072 Automatisches LiveUpdate - Scheduler - ok 17:40:07.0328 3072 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 17:40:15.0578 3072 avgntflt - ok 17:40:15.0765 3072 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 17:40:15.0953 3072 avipbb - ok 17:40:16.0078 3072 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 17:40:16.0203 3072 avkmgr - ok 17:40:16.0546 3072 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 17:40:17.0390 3072 Beep - ok 17:40:21.0578 3072 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 17:40:28.0437 3072 BITS - ok 17:40:33.0609 3072 [ CFD4C3352E29A8B729536648466E8DF5 ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe 17:40:34.0515 3072 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning 17:40:34.0515 3072 Bonjour Service - detected UnsignedFile.Multi.Generic (1) 17:40:38.0093 3072 [ D3FACB34FFF5DB91ADB70987838F8BA7 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe 17:40:38.0937 3072 Brother XP spl Service - ok 17:40:42.0234 3072 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 17:40:42.0968 3072 Browser - ok 17:40:48.0593 3072 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\Drivers\BrScnUsb.sys 17:40:50.0093 3072 BrScnUsb - ok 17:40:55.0218 3072 [ B2C100ADE3A01B663CAA7EB68EE80A51 ] Cam5603D C:\WINDOWS\system32\Drivers\BisonCam.sys 17:40:56.0281 3072 Cam5603D - ok 17:40:56.0406 3072 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 17:40:56.0937 3072 cbidf - ok 17:40:56.0953 3072 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 17:40:57.0593 3072 cbidf2k - ok 17:40:57.0984 3072 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 17:40:58.0281 3072 CCDECODE - ok 17:40:58.0328 3072 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 17:40:58.0578 3072 cd20xrnt - ok 17:40:58.0734 3072 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 17:40:59.0375 3072 Cdaudio - ok 17:40:59.0500 3072 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 17:40:59.0734 3072 Cdfs - ok 17:41:00.0046 3072 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 17:41:00.0250 3072 Cdrom - ok 17:41:00.0265 3072 Changer - ok 17:41:00.0437 3072 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 17:41:00.0796 3072 CiSvc - ok 17:41:01.0625 3072 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 17:41:03.0406 3072 ClipSrv - ok 17:41:04.0031 3072 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:41:04.0109 3072 clr_optimization_v2.0.50727_32 - ok 17:41:04.0156 3072 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 17:41:04.0437 3072 CmBatt - ok 17:41:04.0609 3072 [ C687F81290303D90099B027A6474F99F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys 17:41:04.0968 3072 CmdIde - ok 17:41:06.0531 3072 [ 7071C6FCC5C452D8F1BCE78D53015154 ] CnxTrLan C:\WINDOWS\system32\DRIVERS\CnxTrLan.sys 17:41:06.0796 3072 CnxTrLan - ok 17:41:07.0171 3072 [ 60DC47FFFAE8B1987DB88F7AFD101EA3 ] CnxTrUsb C:\WINDOWS\system32\DRIVERS\CnxTrUsb.sys 17:41:07.0296 3072 CnxTrUsb - ok 17:41:07.0421 3072 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 17:41:08.0281 3072 Compbatt - ok 17:41:08.0921 3072 COMSysApp - ok 17:41:10.0156 3072 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys 17:41:10.0718 3072 Cpqarray - ok 17:41:12.0046 3072 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 17:41:13.0125 3072 CryptSvc - ok 17:41:14.0171 3072 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 17:41:16.0359 3072 dac2w2k - ok 17:41:16.0765 3072 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys 17:41:17.0343 3072 dac960nt - ok 17:41:21.0671 3072 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 17:41:22.0812 3072 DcomLaunch - ok 17:41:22.0984 3072 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 17:41:23.0234 3072 Dhcp - ok 17:41:23.0312 3072 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 17:41:23.0781 3072 Disk - ok 17:41:24.0453 3072 [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys 17:41:24.0687 3072 DKbFltr - ok 17:41:24.0750 3072 dmadmin - ok 17:41:28.0484 3072 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 17:41:29.0281 3072 dmboot - ok 17:41:29.0375 3072 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 17:41:29.0593 3072 dmio - ok 17:41:29.0593 3072 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 17:41:29.0796 3072 dmload - ok 17:41:29.0953 3072 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 17:41:30.0125 3072 dmserver - ok 17:41:30.0171 3072 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 17:41:30.0328 3072 DMusic - ok 17:41:30.0515 3072 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 17:41:30.0640 3072 Dnscache - ok 17:41:30.0906 3072 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 17:41:31.0140 3072 Dot3svc - ok 17:41:31.0281 3072 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys 17:41:31.0531 3072 dpti2o - ok 17:41:31.0609 3072 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 17:41:31.0828 3072 drmkaud - ok 17:41:32.0109 3072 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 17:41:32.0359 3072 EapHost - ok 17:41:32.0953 3072 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe 17:41:33.0437 3072 ehRecvr - ok 17:41:33.0796 3072 [ E774BF24A6CB798DCE67AD1C8E917152 ] ehSched C:\WINDOWS\eHome\ehSched.exe 17:41:33.0937 3072 ehSched - ok 17:41:34.0156 3072 [ 70F3D2751BA8877EE06BECFC59BD77F1 ] eLock2BurnerLockDriver C:\WINDOWS\system32\eLock2BurnerLockDriver.sys 17:41:34.0187 3072 eLock2BurnerLockDriver ( UnsignedFile.Multi.Generic ) - warning 17:41:34.0187 3072 eLock2BurnerLockDriver - detected UnsignedFile.Multi.Generic (1) 17:41:34.0406 3072 [ 8A24DCB29ABC693F1D3085A69239E84B ] eLock2FSCTLDriver C:\WINDOWS\system32\eLock2FSCTLDriver.sys 17:41:34.0421 3072 eLock2FSCTLDriver ( UnsignedFile.Multi.Generic ) - warning 17:41:34.0421 3072 eLock2FSCTLDriver - detected UnsignedFile.Multi.Generic (1) 17:41:34.0640 3072 [ B44EB52D68A09B7E41C709CA2F18B1C4 ] epindd C:\WINDOWS\system32\drivers\epindd.sys 17:41:34.0687 3072 epindd ( UnsignedFile.Multi.Generic ) - warning 17:41:34.0687 3072 epindd - detected UnsignedFile.Multi.Generic (1) 17:41:34.0890 3072 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 17:41:35.0093 3072 ERSvc - ok 17:41:35.0437 3072 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 17:41:35.0484 3072 Eventlog - ok 17:41:36.0484 3072 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 17:41:36.0625 3072 EventSystem - ok 17:41:36.0953 3072 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 17:41:37.0171 3072 Fastfat - ok 17:41:37.0468 3072 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 17:41:37.0531 3072 FastUserSwitchingCompatibility - ok 17:41:37.0937 3072 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe 17:41:38.0718 3072 Fax - ok 17:41:39.0218 3072 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 17:41:39.0406 3072 Fdc - ok 17:41:39.0421 3072 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 17:41:39.0609 3072 Fips - ok 17:41:39.0640 3072 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 17:41:39.0843 3072 Flpydisk - ok 17:41:40.0140 3072 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 17:41:40.0828 3072 FltMgr - ok 17:41:47.0562 3072 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 17:41:48.0171 3072 FontCache3.0.0.0 - ok 17:41:48.0765 3072 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 17:41:49.0281 3072 Fs_Rec - ok 17:41:50.0796 3072 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 17:41:52.0906 3072 Ftdisk - ok 17:41:52.0984 3072 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 17:41:53.0234 3072 Gpc - ok 17:41:54.0750 3072 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 17:41:54.0796 3072 gupdate - ok 17:41:54.0796 3072 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 17:41:54.0828 3072 gupdatem - ok 17:41:58.0390 3072 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe 17:41:58.0890 3072 gusvc - ok 17:41:59.0328 3072 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 17:41:59.0531 3072 HDAudBus - ok 17:41:59.0968 3072 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 17:42:00.0140 3072 helpsvc - ok 17:42:00.0640 3072 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll 17:42:00.0890 3072 HidServ - ok 17:42:01.0109 3072 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 17:42:01.0578 3072 HidUsb - ok 17:42:02.0031 3072 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 17:42:02.0328 3072 hkmsvc - ok 17:42:04.0750 3072 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys 17:42:05.0015 3072 hpn - ok 17:42:06.0000 3072 [ A902A7E76C245210EEE9EF5185158E9C ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys 17:42:06.0296 3072 HSFHWAZL - ok 17:42:14.0468 3072 [ C9F4E7DA78A02623ABF78A4A34CE79B1 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 17:42:16.0156 3072 HSF_DPV - ok 17:42:18.0656 3072 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 17:42:19.0812 3072 HTTP - ok 17:42:20.0000 3072 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 17:42:20.0718 3072 HTTPFilter - ok 17:42:20.0875 3072 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys 17:42:21.0109 3072 i2omgmt - ok 17:42:21.0203 3072 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys 17:42:21.0390 3072 i2omp - ok 17:42:21.0984 3072 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 17:42:22.0546 3072 i8042prt - ok 17:42:25.0218 3072 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe 17:42:25.0343 3072 IDriverT ( UnsignedFile.Multi.Generic ) - warning 17:42:25.0375 3072 IDriverT - detected UnsignedFile.Multi.Generic (1) 17:42:26.0984 3072 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 17:42:29.0296 3072 idsvc - ok 17:42:30.0312 3072 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 17:42:30.0750 3072 Imapi - ok 17:42:31.0265 3072 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 17:42:31.0453 3072 ImapiService - ok 17:42:31.0500 3072 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys 17:42:31.0718 3072 ini910u - ok 17:42:32.0093 3072 [ 4D8D5B1C895EA0F2A721B98A7CE198F1 ] int15 C:\WINDOWS\system32\drivers\int15.sys 17:42:32.0125 3072 int15 ( UnsignedFile.Multi.Generic ) - warning 17:42:32.0125 3072 int15 - detected UnsignedFile.Multi.Generic (1) 17:42:32.0125 3072 int15.sys - ok 17:42:42.0000 3072 [ 12F4D2AA29745DC2A403FF42E75CF7FA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 17:42:45.0265 3072 IntcAzAudAddService - ok 17:42:45.0796 3072 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 17:42:46.0125 3072 IntelIde - ok 17:42:46.0656 3072 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 17:42:46.0953 3072 Ip6Fw - ok 17:42:47.0312 3072 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 17:42:47.0531 3072 IpFilterDriver - ok 17:42:47.0656 3072 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 17:42:47.0843 3072 IpInIp - ok 17:42:48.0125 3072 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 17:42:48.0390 3072 IpNat - ok 17:42:48.0812 3072 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 17:42:49.0125 3072 IPSec - ok 17:42:49.0406 3072 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys 17:42:49.0625 3072 irda - ok 17:42:49.0671 3072 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 17:42:49.0843 3072 IRENUM - ok 17:42:50.0562 3072 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll 17:42:50.0718 3072 Irmon - ok 17:42:50.0859 3072 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 17:42:51.0375 3072 isapnp - ok 17:42:52.0421 3072 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe 17:42:52.0562 3072 JavaQuickStarterService - ok 17:42:52.0656 3072 [ FE8300320281D658A7854D5CFC02A63F ] k750bus C:\WINDOWS\system32\DRIVERS\k750bus.sys 17:42:52.0718 3072 k750bus ( UnsignedFile.Multi.Generic ) - warning 17:42:52.0718 3072 k750bus - detected UnsignedFile.Multi.Generic (1) 17:42:52.0796 3072 [ F44521F63C0C00364FA3D59DB980DE6A ] k750mdfl C:\WINDOWS\system32\DRIVERS\k750mdfl.sys 17:42:52.0859 3072 k750mdfl ( UnsignedFile.Multi.Generic ) - warning 17:42:52.0859 3072 k750mdfl - detected UnsignedFile.Multi.Generic (1) 17:42:53.0062 3072 [ E93323C3ED5E8923A177740A973C27B2 ] k750mdm C:\WINDOWS\system32\DRIVERS\k750mdm.sys 17:42:53.0109 3072 k750mdm ( UnsignedFile.Multi.Generic ) - warning 17:42:53.0109 3072 k750mdm - detected UnsignedFile.Multi.Generic (1) 17:42:53.0156 3072 [ 9D5F5A70CA0B7C428EFCD73DB50E6AC7 ] k750mgmt C:\WINDOWS\system32\DRIVERS\k750mgmt.sys 17:42:53.0203 3072 k750mgmt ( UnsignedFile.Multi.Generic ) - warning 17:42:53.0203 3072 k750mgmt - detected UnsignedFile.Multi.Generic (1) 17:42:53.0234 3072 [ 81CA2D57B2C14F76F4BA80846784BB3D ] k750obex C:\WINDOWS\system32\DRIVERS\k750obex.sys 17:42:53.0296 3072 k750obex ( UnsignedFile.Multi.Generic ) - warning 17:42:53.0296 3072 k750obex - detected UnsignedFile.Multi.Generic (1) 17:42:53.0453 3072 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 17:42:53.0703 3072 Kbdclass - ok 17:42:54.0828 3072 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 17:42:55.0109 3072 kbdhid - ok 17:42:55.0234 3072 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 17:42:55.0437 3072 kmixer - ok 17:42:56.0015 3072 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 17:42:56.0203 3072 KSecDD - ok 17:42:56.0890 3072 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 17:42:57.0000 3072 lanmanserver - ok 17:42:57.0078 3072 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 17:42:57.0234 3072 lanmanworkstation - ok 17:42:57.0250 3072 Lbd - ok 17:42:57.0265 3072 lbrtfdc - ok 17:42:57.0765 3072 [ 86E8BCAA91FC2ACFACD99CF2BF9F1F47 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe 17:42:57.0781 3072 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 17:42:57.0781 3072 LightScribeService - detected UnsignedFile.Multi.Generic (1) 17:42:57.0843 3072 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 17:42:58.0031 3072 LmHosts - ok 17:42:58.0031 3072 LockServ - ok 17:42:58.0171 3072 [ 52404CC76E9D53843BDF97564BB16BED ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe 17:42:58.0281 3072 McrdSvc - ok 17:42:58.0546 3072 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE 17:42:58.0796 3072 MDM - ok 17:42:58.0937 3072 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 17:42:59.0031 3072 mdmxsdk - ok 17:42:59.0078 3072 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 17:42:59.0281 3072 Messenger - ok 17:42:59.0500 3072 [ DED60230E3019C508769EC3C15BCDA44 ] MHN C:\WINDOWS\System32\mhn.dll 17:42:59.0562 3072 MHN ( UnsignedFile.Multi.Generic ) - warning 17:42:59.0562 3072 MHN - detected UnsignedFile.Multi.Generic (1) 17:42:59.0625 3072 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys 17:42:59.0656 3072 MHNDRV ( UnsignedFile.Multi.Generic ) - warning 17:42:59.0656 3072 MHNDRV - detected UnsignedFile.Multi.Generic (1) 17:42:59.0687 3072 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 17:42:59.0921 3072 mnmdd - ok 17:43:00.0234 3072 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 17:43:00.0515 3072 mnmsrvc - ok 17:43:00.0687 3072 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 17:43:00.0953 3072 Modem - ok 17:43:01.0109 3072 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 17:43:01.0328 3072 Mouclass - ok 17:43:01.0468 3072 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 17:43:01.0687 3072 mouhid - ok 17:43:02.0500 3072 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 17:43:03.0015 3072 MountMgr - ok 17:43:03.0187 3072 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys 17:43:03.0671 3072 mraid35x - ok 17:43:03.0843 3072 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 17:43:05.0546 3072 MRxDAV - ok 17:43:07.0171 3072 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 17:43:09.0218 3072 MRxSmb - ok 17:43:09.0484 3072 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 17:43:09.0687 3072 MSDTC - ok 17:43:09.0765 3072 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 17:43:10.0281 3072 Msfs - ok 17:43:11.0546 3072 MSIServer - ok 17:43:11.0671 3072 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 17:43:12.0109 3072 MSKSSRV - ok 17:43:12.0171 3072 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 17:43:12.0468 3072 MSPCLOCK - ok 17:43:12.0562 3072 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 17:43:12.0781 3072 MSPQM - ok 17:43:12.0921 3072 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 17:43:13.0109 3072 mssmbios - ok 17:43:13.0156 3072 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 17:43:13.0328 3072 MSTEE - ok 17:43:13.0531 3072 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 17:43:13.0687 3072 Mup - ok 17:43:13.0765 3072 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 17:43:14.0125 3072 NABTSFEC - ok 17:43:16.0656 3072 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 17:43:16.0953 3072 napagent - ok 17:43:18.0156 3072 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 17:43:18.0500 3072 NDIS - ok 17:43:18.0703 3072 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 17:43:18.0968 3072 NdisIP - ok 17:43:19.0875 3072 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 17:43:20.0156 3072 NdisTapi - ok 17:43:21.0250 3072 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 17:43:21.0531 3072 Ndisuio - ok 17:43:25.0296 3072 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 17:43:26.0078 3072 NdisWan - ok 17:43:26.0421 3072 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 17:43:26.0500 3072 NDProxy - ok 17:43:27.0250 3072 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 17:43:27.0703 3072 NetBIOS - ok 17:43:30.0953 3072 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 17:43:31.0765 3072 NetBT - ok 17:43:34.0484 3072 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 17:43:34.0843 3072 NetDDE - ok 17:43:34.0859 3072 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 17:43:35.0015 3072 NetDDEdsdm - ok 17:43:35.0296 3072 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 17:43:35.0531 3072 Netlogon - ok 17:43:37.0328 3072 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 17:43:37.0984 3072 Netman - ok 17:43:39.0015 3072 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 17:43:39.0187 3072 NetTcpPortSharing - ok 17:43:39.0437 3072 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 17:43:39.0625 3072 NIC1394 - ok 17:43:41.0484 3072 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 17:43:41.0578 3072 Nla - ok 17:43:41.0625 3072 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 17:43:41.0812 3072 Npfs - ok 17:43:41.0906 3072 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys 17:43:42.0109 3072 NSCIRDA - ok 17:43:43.0250 3072 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 17:43:44.0234 3072 Ntfs - ok 17:43:44.0328 3072 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys 17:43:44.0390 3072 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning 17:43:44.0390 3072 NTIDrvr - detected UnsignedFile.Multi.Generic (1) 17:43:44.0421 3072 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 17:43:44.0609 3072 NtLmSsp - ok 17:43:45.0953 3072 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 17:43:46.0796 3072 NtmsSvc - ok 17:43:46.0859 3072 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys 17:43:47.0015 3072 NuidFltr - ok 17:43:47.0078 3072 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 17:43:47.0343 3072 Null - ok 17:43:51.0671 3072 [ 59E5D945934EC2E7EAA22AF81813DABF ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 17:43:53.0734 3072 nv - ok 17:43:54.0187 3072 [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 17:43:54.0328 3072 NVENETFD - ok 17:43:54.0453 3072 [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 17:43:54.0578 3072 nvnetbus - ok 17:43:54.0640 3072 [ E0F76FAB86FEC98778047D0C7C39CBB9 ] nvsmu C:\WINDOWS\system32\DRIVERS\nvsmu.sys 17:43:54.0718 3072 nvsmu - ok 17:43:54.0937 3072 [ 6D88C26BF33D2B8404F01CECBDD47D3A ] NVSvc C:\WINDOWS\system32\nvsvc32.exe 17:43:55.0000 3072 NVSvc - ok 17:43:55.0078 3072 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 17:43:55.0265 3072 NwlnkFlt - ok 17:43:55.0421 3072 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 17:43:55.0640 3072 NwlnkFwd - ok 17:43:55.0671 3072 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 17:43:55.0859 3072 ohci1394 - ok 17:43:56.0312 3072 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 17:43:56.0421 3072 ose - ok 17:43:56.0515 3072 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys 17:43:56.0734 3072 Parport - ok 17:43:56.0812 3072 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 17:43:56.0984 3072 PartMgr - ok 17:43:57.0015 3072 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 17:43:57.0187 3072 ParVdm - ok 17:43:57.0218 3072 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 17:43:57.0406 3072 PCI - ok 17:43:57.0421 3072 PCIDump - ok 17:43:57.0437 3072 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 17:43:57.0656 3072 PCIIde - ok 17:43:57.0718 3072 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 17:43:57.0906 3072 Pcmcia - ok 17:43:57.0921 3072 PDCOMP - ok 17:43:57.0937 3072 PDFRAME - ok 17:43:57.0953 3072 PDRELI - ok 17:43:57.0968 3072 PDRFRAME - ok 17:43:57.0984 3072 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys 17:43:58.0156 3072 perc2 - ok 17:43:58.0171 3072 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys 17:43:58.0359 3072 perc2hib - ok 17:43:58.0703 3072 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 17:43:58.0765 3072 PlugPlay - ok 17:43:58.0828 3072 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 17:43:58.0968 3072 PolicyAgent - ok 17:43:59.0031 3072 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 17:43:59.0218 3072 PptpMiniport - ok 17:43:59.0359 3072 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 17:43:59.0625 3072 Processor - ok 17:43:59.0656 3072 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 17:43:59.0812 3072 ProtectedStorage - ok 17:43:59.0906 3072 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 17:44:00.0078 3072 PSched - ok 17:44:00.0171 3072 [ 00B670D8A36C7134CFC66B446A18CC92 ] psdfilter C:\WINDOWS\system32\Drivers\psdfilter.sys 17:44:00.0218 3072 psdfilter ( UnsignedFile.Multi.Generic ) - warning 17:44:00.0218 3072 psdfilter - detected UnsignedFile.Multi.Generic (1) 17:44:00.0281 3072 [ E9A60343CB7C39090638B1DD574F26EB ] psdvdisk C:\WINDOWS\system32\Drivers\psdvdisk.sys 17:44:00.0312 3072 psdvdisk ( UnsignedFile.Multi.Generic ) - warning 17:44:00.0312 3072 psdvdisk - detected UnsignedFile.Multi.Generic (1) 17:44:00.0359 3072 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 17:44:00.0546 3072 Ptilink - ok 17:44:00.0609 3072 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 17:44:00.0750 3072 PxHelp20 - ok 17:44:00.0765 3072 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys 17:44:00.0984 3072 ql1080 - ok 17:44:01.0140 3072 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 17:44:01.0328 3072 Ql10wnt - ok 17:44:01.0375 3072 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys 17:44:01.0546 3072 ql12160 - ok 17:44:01.0578 3072 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys 17:44:01.0812 3072 ql1240 - ok 17:44:01.0953 3072 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys 17:44:02.0125 3072 ql1280 - ok 17:44:02.0171 3072 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 17:44:02.0328 3072 RasAcd - ok 17:44:02.0437 3072 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 17:44:02.0625 3072 RasAuto - ok 17:44:02.0671 3072 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys 17:44:02.0812 3072 Rasirda - ok 17:44:03.0015 3072 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 17:44:03.0203 3072 Rasl2tp - ok 17:44:03.0359 3072 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 17:44:03.0515 3072 RasMan - ok 17:44:03.0671 3072 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 17:44:03.0906 3072 RasPppoe - ok 17:44:03.0953 3072 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 17:44:04.0125 3072 Raspti - ok 17:44:04.0203 3072 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 17:44:04.0453 3072 Rdbss - ok 17:44:04.0484 3072 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 17:44:04.0671 3072 RDPCDD - ok 17:44:04.0750 3072 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 17:44:04.0937 3072 rdpdr - ok 17:44:05.0109 3072 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 17:44:05.0312 3072 RDPWD - ok 17:44:05.0390 3072 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 17:44:05.0578 3072 RDSessMgr - ok 17:44:05.0609 3072 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 17:44:05.0781 3072 redbook - ok 17:44:06.0218 3072 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 17:44:06.0406 3072 RemoteAccess - ok 17:44:06.0531 3072 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 17:44:06.0687 3072 RemoteRegistry - ok 17:44:06.0781 3072 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 17:44:06.0953 3072 RpcLocator - ok 17:44:07.0296 3072 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll 17:44:07.0359 3072 RpcSs - ok 17:44:07.0437 3072 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 17:44:07.0609 3072 RSVP - ok 17:44:07.0718 3072 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 17:44:07.0859 3072 rtl8139 - ok 17:44:07.0968 3072 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 17:44:08.0109 3072 SamSs - ok 17:44:08.0203 3072 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 17:44:08.0375 3072 SCardSvr - ok 17:44:08.0500 3072 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 17:44:08.0640 3072 Schedule - ok 17:44:08.0750 3072 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys 17:44:08.0937 3072 sdbus - ok 17:44:09.0015 3072 [ 59A9EB4073A39895AF314780D0A032FA ] SE27bus C:\WINDOWS\system32\DRIVERS\SE27bus.sys 17:44:09.0046 3072 SE27bus ( UnsignedFile.Multi.Generic ) - warning 17:44:09.0046 3072 SE27bus - detected UnsignedFile.Multi.Generic (1) 17:44:09.0125 3072 [ D53E7E53107D1796825540129F8FE89F ] SE27mdfl C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys 17:44:09.0234 3072 SE27mdfl ( UnsignedFile.Multi.Generic ) - warning 17:44:09.0234 3072 SE27mdfl - detected UnsignedFile.Multi.Generic (1) 17:44:10.0453 3072 [ 2AFA2F65A6E91DA5B5070E734769827E ] SE27mdm C:\WINDOWS\system32\DRIVERS\SE27mdm.sys 17:44:10.0546 3072 SE27mdm ( UnsignedFile.Multi.Generic ) - warning 17:44:10.0546 3072 SE27mdm - detected UnsignedFile.Multi.Generic (1) 17:44:10.0765 3072 [ 5A33A8D7B44C7BD8ABE248B4DCD1FF3C ] SE27mgmt C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys 17:44:10.0812 3072 SE27mgmt ( UnsignedFile.Multi.Generic ) - warning 17:44:10.0812 3072 SE27mgmt - detected UnsignedFile.Multi.Generic (1) 17:44:10.0875 3072 [ BB30139683BBF3EE89EC931393D9335C ] se27nd5 C:\WINDOWS\system32\DRIVERS\se27nd5.sys 17:44:10.0906 3072 se27nd5 ( UnsignedFile.Multi.Generic ) - warning 17:44:10.0906 3072 se27nd5 - detected UnsignedFile.Multi.Generic (1) 17:44:10.0953 3072 [ 5DA6FF71E94B9134DDD094EBB09F05E6 ] SE27obex C:\WINDOWS\system32\DRIVERS\SE27obex.sys 17:44:11.0015 3072 SE27obex ( UnsignedFile.Multi.Generic ) - warning 17:44:11.0015 3072 SE27obex - detected UnsignedFile.Multi.Generic (1) 17:44:11.0234 3072 [ 4D54A9D7C22157AB3D2442E8BCF5ECD2 ] se27unic C:\WINDOWS\system32\DRIVERS\se27unic.sys 17:44:11.0265 3072 se27unic ( UnsignedFile.Multi.Generic ) - warning 17:44:11.0265 3072 se27unic - detected UnsignedFile.Multi.Generic (1) 17:44:11.0375 3072 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 17:44:11.0562 3072 Secdrv - ok 17:44:11.0671 3072 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 17:44:11.0843 3072 seclogon - ok 17:44:11.0921 3072 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\WINDOWS\system32\DRIVERS\seehcri.sys 17:44:12.0062 3072 seehcri - ok 17:44:12.0171 3072 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 17:44:12.0343 3072 SENS - ok 17:44:12.0531 3072 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys 17:44:12.0718 3072 Serial - ok 17:44:12.0828 3072 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 17:44:12.0984 3072 Sfloppy - ok 17:44:13.0421 3072 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 17:44:13.0703 3072 SharedAccess - ok 17:44:13.0765 3072 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 17:44:13.0828 3072 ShellHWDetection - ok 17:44:13.0843 3072 Simbad - ok 17:44:13.0875 3072 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys 17:44:14.0031 3072 sisagp - ok 17:44:14.0062 3072 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 17:44:14.0218 3072 SLIP - ok 17:44:14.0406 3072 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Programme\Sony\Sony PC Companion\PCCService.exe 17:44:14.0437 3072 Sony PC Companion - ok 17:44:14.0484 3072 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys 17:44:14.0609 3072 Sparrow - ok 17:44:14.0656 3072 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 17:44:14.0812 3072 splitter - ok 17:44:14.0875 3072 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 17:44:14.0968 3072 Spooler - ok 17:44:15.0062 3072 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 17:44:15.0234 3072 sr - ok 17:44:15.0296 3072 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 17:44:15.0484 3072 srservice - ok 17:44:15.0531 3072 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 17:44:15.0656 3072 Srv - ok 17:44:15.0718 3072 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 17:44:15.0890 3072 SSDPSRV - ok 17:44:15.0953 3072 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 17:44:16.0000 3072 ssmdrv - ok 17:44:16.0046 3072 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 17:44:16.0234 3072 stisvc - ok 17:44:16.0265 3072 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 17:44:16.0421 3072 streamip - ok 17:44:16.0453 3072 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 17:44:16.0593 3072 swenum - ok 17:44:16.0640 3072 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 17:44:16.0812 3072 swmidi - ok 17:44:17.0000 3072 SwPrv - ok 17:44:17.0031 3072 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys 17:44:17.0203 3072 symc810 - ok 17:44:17.0218 3072 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys 17:44:17.0390 3072 symc8xx - ok 17:44:17.0406 3072 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys 17:44:17.0578 3072 sym_hi - ok 17:44:17.0593 3072 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys 17:44:17.0828 3072 sym_u3 - ok 17:44:17.0890 3072 [ 69BF2DD9B1099D1AA3E7CF14B4B842CD ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 17:44:17.0937 3072 SynTP - ok 17:44:17.0968 3072 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 17:44:18.0140 3072 sysaudio - ok 17:44:18.0250 3072 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 17:44:18.0421 3072 SysmonLog - ok 17:44:18.0562 3072 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 17:44:18.0718 3072 TapiSrv - ok 17:44:18.0781 3072 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 17:44:18.0859 3072 Tcpip - ok 17:44:18.0890 3072 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 17:44:19.0046 3072 TDPIPE - ok 17:44:19.0140 3072 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 17:44:19.0281 3072 TDTCP - ok 17:44:19.0343 3072 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 17:44:19.0484 3072 TermDD - ok 17:44:19.0578 3072 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 17:44:19.0781 3072 TermService - ok 17:44:19.0859 3072 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 17:44:19.0875 3072 Themes - ok 17:44:19.0906 3072 [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys 17:44:20.0031 3072 tifm21 - ok 17:44:20.0140 3072 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 17:44:20.0328 3072 TlntSvr - ok 17:44:20.0375 3072 [ D213A9247DC347F305A2D4CC9B951487 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys 17:44:20.0546 3072 TosIde - ok 17:44:20.0609 3072 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 17:44:20.0781 3072 TrkWks - ok 17:44:20.0812 3072 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport C:\WINDOWS\system32\drivers\tvicport.sys 17:44:20.0859 3072 tvicport ( UnsignedFile.Multi.Generic ) - warning 17:44:20.0859 3072 tvicport - detected UnsignedFile.Multi.Generic (1) 17:44:20.0875 3072 [ E0C67BE430C6DE490D6CCAECFA071F9E ] UBHelper C:\WINDOWS\system32\drivers\UBHelper.sys 17:44:20.0906 3072 UBHelper ( UnsignedFile.Multi.Generic ) - warning 17:44:20.0906 3072 UBHelper - detected UnsignedFile.Multi.Generic (1) 17:44:20.0921 3072 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 17:44:21.0093 3072 Udfs - ok 17:44:21.0093 3072 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys 17:44:21.0218 3072 ultra - ok 17:44:21.0281 3072 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 17:44:21.0468 3072 Update - ok 17:44:21.0562 3072 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 17:44:21.0734 3072 upnphost - ok 17:44:21.0812 3072 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 17:44:21.0968 3072 UPS - ok 17:44:22.0000 3072 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 17:44:22.0156 3072 usbccgp - ok 17:44:22.0187 3072 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 17:44:22.0343 3072 usbehci - ok 17:44:22.0437 3072 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 17:44:22.0578 3072 usbhub - ok 17:44:22.0609 3072 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 17:44:22.0750 3072 usbohci - ok 17:44:22.0765 3072 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 17:44:22.0937 3072 usbprint - ok 17:44:22.0953 3072 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 17:44:23.0156 3072 USBSTOR - ok 17:44:23.0234 3072 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 17:44:23.0390 3072 VgaSave - ok 17:44:23.0421 3072 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys 17:44:23.0578 3072 viaagp - ok 17:44:23.0593 3072 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 17:44:23.0750 3072 ViaIde - ok 17:44:23.0765 3072 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 17:44:23.0921 3072 VolSnap - ok 17:44:24.0156 3072 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 17:44:24.0328 3072 VSS - ok 17:44:24.0406 3072 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 17:44:24.0578 3072 W32Time - ok 17:44:24.0625 3072 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 17:44:24.0796 3072 Wanarp - ok 17:44:25.0093 3072 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 17:44:25.0234 3072 Wdf01000 - ok 17:44:25.0250 3072 WDICA - ok 17:44:25.0359 3072 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 17:44:25.0531 3072 wdmaud - ok 17:44:25.0640 3072 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 17:44:25.0812 3072 WebClient - ok 17:44:25.0921 3072 [ C1D5CBD8AA0D674DA1BA1BB189696396 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 17:44:26.0078 3072 winachsf - ok 17:44:26.0187 3072 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Programme\Windows Defender\MsMpEng.exe 17:44:26.0203 3072 WinDefend - ok 17:44:26.0328 3072 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 17:44:26.0500 3072 winmgmt - ok 17:44:26.0609 3072 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 17:44:26.0671 3072 WmdmPmSN - ok 17:44:26.0750 3072 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll 17:44:26.0812 3072 Wmi - ok 17:44:26.0859 3072 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 17:44:27.0000 3072 WmiAcpi - ok 17:44:27.0046 3072 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 17:44:27.0203 3072 WmiApSrv - ok 17:44:27.0296 3072 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\wmpnetwk.exe 17:44:27.0421 3072 WMPNetworkSvc - ok 17:44:27.0453 3072 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 17:44:27.0500 3072 WpdUsb - ok 17:44:27.0546 3072 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 17:44:27.0718 3072 WS2IFSL - ok 17:44:27.0796 3072 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 17:44:27.0984 3072 wscsvc - ok 17:44:28.0015 3072 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 17:44:28.0187 3072 WSTCODEC - ok 17:44:28.0281 3072 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 17:44:28.0453 3072 wuauserv - ok 17:44:28.0515 3072 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 17:44:28.0593 3072 WudfPf - ok 17:44:28.0625 3072 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 17:44:28.0671 3072 WUDFRd - ok 17:44:28.0750 3072 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 17:44:28.0796 3072 WudfSvc - ok 17:44:28.0890 3072 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 17:44:29.0078 3072 WZCSVC - ok 17:44:29.0203 3072 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 17:44:29.0375 3072 xmlprov - ok 17:44:29.0406 3072 [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport C:\WINDOWS\system32\drivers\zntport.sys 17:44:29.0421 3072 zntport ( UnsignedFile.Multi.Generic ) - warning 17:44:29.0421 3072 zntport - detected UnsignedFile.Multi.Generic (1) 17:44:29.0453 3072 ================ Scan global =============================== 17:44:29.0640 3072 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 17:44:29.0781 3072 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 17:44:29.0875 3072 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 17:44:29.0953 3072 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 17:44:29.0953 3072 [Global] - ok 17:44:29.0953 3072 ================ Scan MBR ================================== 17:44:29.0984 3072 [ 99852D5C3A78447C3D6D82B6155FE848 ] \Device\Harddisk0\DR0 17:44:34.0343 3072 \Device\Harddisk0\DR0 - ok 17:44:34.0343 3072 ================ Scan VBR ================================== 17:44:34.0375 3072 [ 1C0CAE03BC2BE334230940E8D5EA4024 ] \Device\Harddisk0\DR0\Partition1 17:44:34.0375 3072 \Device\Harddisk0\DR0\Partition1 - ok 17:44:34.0406 3072 [ 51923B4816BD0D882C6EB9A181536A77 ] \Device\Harddisk0\DR0\Partition2 17:44:34.0406 3072 \Device\Harddisk0\DR0\Partition2 - ok 17:44:34.0406 3072 ============================================================ 17:44:34.0406 3072 Scan finished 17:44:34.0406 3072 ============================================================ 17:44:34.0625 3084 Detected object count: 27 17:44:34.0625 3084 Actual detected object count: 27 17:47:09.0109 3084 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0109 3084 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0109 3084 eLock2BurnerLockDriver ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0109 3084 eLock2BurnerLockDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0109 3084 eLock2FSCTLDriver ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0109 3084 eLock2FSCTLDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0109 3084 epindd ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0109 3084 epindd ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0109 3084 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0109 3084 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0109 3084 int15 ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0109 3084 int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0125 3084 k750bus ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0125 3084 k750bus ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0125 3084 k750mdfl ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0125 3084 k750mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0125 3084 k750mdm ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0125 3084 k750mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0125 3084 k750mgmt ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0125 3084 k750mgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0125 3084 k750obex ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0125 3084 k750obex ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0125 3084 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0125 3084 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0140 3084 MHN ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0140 3084 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0140 3084 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0140 3084 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0140 3084 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0140 3084 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0140 3084 psdfilter ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0140 3084 psdfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0140 3084 psdvdisk ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0140 3084 psdvdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0156 3084 SE27bus ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0156 3084 SE27bus ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0156 3084 SE27mdfl ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0156 3084 SE27mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0156 3084 SE27mdm ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0156 3084 SE27mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0156 3084 SE27mgmt ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0156 3084 SE27mgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0171 3084 se27nd5 ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0171 3084 se27nd5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0171 3084 SE27obex ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0171 3084 SE27obex ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0171 3084 se27unic ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0171 3084 se27unic ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0171 3084 tvicport ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0171 3084 tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0171 3084 UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0171 3084 UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:47:09.0171 3084 zntport ( UnsignedFile.Multi.Generic ) - skipped by user 17:47:09.0171 3084 zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:44:22.0203 2548 Deinitialize success Herzlichen Gruss Anst |
|
08.01.2013, 19:31
| #10 | |
| /// Malware-holic | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Hi combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.01.2013, 21:07
| #11 |
| | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Hallo Nun habe ich Combofix auf meinem Desktop gespeichert und gestartet, das war vor mehr als einer Stunde. Nun hängt es seit ca. 40 Minuten und es geht nichts mehr. Was nun? Danke und Gruss Anst |
|
09.01.2013, 00:36
| #12 |
| /// Malware-holic | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Hi beenden, neustarten, f8 drücken, abgesicherter Modus mit Netzwerk wählen, im betroffenen Konto anmelden, erneut probieren.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.01.2013, 20:36
| #13 |
| | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Hallo Leider funktioniert es mit F8 nicht, es passiert gar nichts, wenn ich dies drücke und Combofix kommt nicht über "Lösche Ordner" C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP" hinaus. Dort hängt er sich auf. Vorher stellt er bis Stufe 50 fertig. Was nun? Gruss Anst66 |
|
10.01.2013, 16:06
| #14 |
| /// Malware-holic | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Dann versuch die anderen F-tasten bei neustart, könnte auch f5 sein.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.01.2013, 18:28
| #15 |
| | Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) Hallo Leider reagiert keine der F-Tasten, so dass ich auch nicht im geschützten Modus Combofix laufen lassen kann und auf dem anderen Modus hängt sich dies auf. Was nun? Danke für Deine Hilfe Gruss Anst |
|
| Themen zu Laptop gesperrt aufgrund von Trojanern (Geldzahlung verlangt zur Entsperrung) |
| administrator, anti-malware, autostart, bild, bildschirm, dateien, explorer, explorer.exe, gelöscht, gesperrt, laptop, links, malwarebytes, microsoft, quarantäne, rogue.residue, scan, service pack 3, software, speicher, temp, trojan.agent, trojaner, update |
Linear-Darstellung
