| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: BKA Trojaner XP desktop Sperrung auch im abgesicherten ModusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.02.2013, 19:09
| #1 |
 |  BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Guten Abend. Bei der Aktualisierung meines Virenprogrammes habe ich mir den BKA Trojaner eingefangen. Ich kann den Rechner aber auch im abgesicherten Modus nicht ohne Sperrbildschirm hochfahren. Was nun???  |
|
02.02.2013, 20:10
| #2 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Mittlerweile habe ich mir diese OTLPE-Datei von einem anderen Rechner gebrannt, den Text in die Box kopiert und den Scan laufen lassen. OTL Datei im Anhang. Und nun?
__________________ |
|
03.02.2013, 12:28
| #3 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Kann mir denn niemand helfen?
__________________ |
|
07.02.2013, 13:52
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Mach einen OTL-Fix über OTLPE, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\Janine\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
[2013/02/02 13:43:45 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\netdislw.pad
[2013/02/02 12:53:20 | 000,003,206 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\netdislw.js
[2013/02/02 12:53:20 | 000,000,804 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\runctf.lnk
[2013/02/02 12:21:30 | 000,000,804 | ---- | M] () -- C:\Dokumente und Einstellungen\Janine\Startmenü\Programme\Autostart\runctf.lnk
:Files
C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\runctf.lnk
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann! Danach sollte Windows wieder normal starten - stell uns bitte den Quarantäneordner von OTL zur Verfügung. Dabei bitte so vorgehen: 1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinträchtigen! 2.) Ordner movedfiles in C:\_OTL in eine Datei zippen 3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! 4.) Wenns erfolgreich war Bescheid sagen 5.) Erst dann wieder den Virenscanner einschalten
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.02.2013, 17:02
| #5 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Hallo Cosinus! Danke für Deine Hilfe!!! Über CD bebootet, den Text kopiert und Fix laufen lassen. Das ging sehr schnell und er wollte tatsächlich neu starten. Rechner fährt wieder hoch! Es hat sich aber keine logfile geöffnet und ich habe nichts mit diesem Namen gesehen. Wenn ich sie dir noch zur Verfügung stellen soll, kein Problem, wenn Du mir sagst wo ich sie finde Ich hatte vor ein paar Tagen versucht Malwarebytes auf dem infizierten Rechner zu installieren. Das ging aber nicht weil ich wohl das Service Pack 2 nicht installiert hatte. In der Zwischenzeit habe ich mir das Service Pack 2 auf einem anderen Rechner runtergeladen und installiert. Ich hoffe ich habe deine Arbeit damit nicht irgendwie untergraben sondern unterstützt. Momentan habe ich gar keinen Virenscan auf dem Desktop. Wenn er clean ist und ich wieder online gehen kann lade ich Avira runter. Ich hoffe ich habe richtig gezippet?! Habe auf jeden Fall was nach Deiner Anleitung hochgeladen  LG, Janine |
|
08.02.2013, 10:27
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Bevor wir uns an die weitere Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ --> BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus |
|
08.02.2013, 14:52
| #7 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Hallo Cosinus. Danke für den Einlauf! Ich konnte keine Benutzer irgendwo auswählen. Anbei die beiden Dateien. LG, Janine OTL Logfile: Code:
ATTFilter OTL logfile created on: 08.02.2013 14:29:54 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = G:\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
511,00 Mb Total Physical Memory | 287,00 Mb Available Physical Memory | 56,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): G:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Programme
Drive C: | 3,77 Gb Total Space | 3,75 Gb Free Space | 99,66% Space Free | Partition Type: FAT32
Drive D: | 14,88 Gb Total Space | 13,12 Gb Free Space | 88,16% Space Free | Partition Type: FAT32
Drive G: | 23,45 Gb Total Space | 17,98 Gb Free Space | 76,69% Space Free | Partition Type: NTFS
Computer Name: NINE | User Name: Janine
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - (AppMgmt) -- File not found
SRV - (Kodak AiO Network Discovery Service) -- G:\Programme\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company)
SRV - (TGCM_ImportWiFiSvc) -- G:\Programme\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D)
SRV - (DCService.exe) -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\DCService.exe ()
SRV - (Microsoft Office Groove Audit Service) -- D:\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (odserv) -- G:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- G:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (Scutum50) -- File not found
DRV - (RT73) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (hwusbdev) -- File not found
DRV - (Changer) -- File not found
DRV - (tidnet) -- G:\WINDOWS\system32\drivers\tidnet.sys (Telefónica I+D)
DRV - (huawei_enumerator) -- G:\WINDOWS\system32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (ewusbnet) -- G:\WINDOWS\system32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- G:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- G:\WINDOWS\system32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (videX32) -- G:\WINDOWS\system32\drivers\videX32.sys (VIA Technologies, Inc.)
DRV - (VIAudio) VIA AC'97 Audio Controller (WDM) -- G:\WINDOWS\system32\drivers\viaudios.sys (VIA Technologies, Inc.)
DRV - (Vsp) -- G:\WINDOWS\system32\drivers\vsp.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-796845957-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.freemail.de/
IE - HKU\S-1-5-21-746137067-796845957-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: G:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: G:\Programme\VLC Media Player\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: G:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: G:\Programme\Firefox\components [2012.10.20 11:17:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: G:\Programme\Firefox\plugins
[2012.10.20 11:40:41 | 000,000,000 | ---D | M] (No name found) -- G:\Dokumente und Einstellungen\Janine\Anwendungsdaten\Mozilla\Extensions
File not found (No name found) --
O1 HOSTS File: ([2013.02.07 22:25:09 | 000,000,098 | ---- | M]) - G:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - G:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] G:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Conime] G:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKAIO2StatusMonitor] G:\WINDOWS\system32\spool\drivers\w32x86\3\EKAiO2MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [GrooveMonitor] D:\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - Startup: G:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AudioDeck.lnk = G:\Programme\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-796845957-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab (WebSDev Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - G:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - G:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - G:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: G:\Dokumente und Einstellungen\Janine\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: G:\Dokumente und Einstellungen\Janine\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{33a56c05-1803-11e0-bbce-001109cfa233}\Shell - "" = AutoRun
O33 - MountPoints2\{33a56c05-1803-11e0-bbce-001109cfa233}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{33a56c05-1803-11e0-bbce-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{6f3252ce-6d57-11e2-bc28-001109cfa233}\Shell - "" = AutoRun
O33 - MountPoints2\{6f3252ce-6d57-11e2-bc28-001109cfa233}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6f3252ce-6d57-11e2-bc28-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{8237859c-17df-11e0-bbcb-001109cfa233}\Shell - "" = AutoRun
O33 - MountPoints2\{8237859c-17df-11e0-bbcb-001109cfa233}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8237859c-17df-11e0-bbcb-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{ac726b18-17e1-11e0-bbcd-001109cfa233}\Shell - "" = AutoRun
O33 - MountPoints2\{ac726b18-17e1-11e0-bbcd-001109cfa233}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ac726b18-17e1-11e0-bbcd-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{ac726b1c-17e1-11e0-bbcd-001109cfa233}\Shell - "" = AutoRun
O33 - MountPoints2\{ac726b1c-17e1-11e0-bbcd-001109cfa233}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ac726b1c-17e1-11e0-bbcd-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{e093a88c-5a7a-11df-bb68-001109cfa233}\Shell - "" = AutoRun
O33 - MountPoints2\{e093a88c-5a7a-11df-bb68-001109cfa233}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e093a88c-5a7a-11df-bb68-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{e3c5463a-0a86-11df-bb12-001109cfa233}\Shell - "" = AutoRun
O33 - MountPoints2\{e3c5463a-0a86-11df-bb12-001109cfa233}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e3c5463a-0a86-11df-bb12-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{e3c5463e-0a86-11df-bb12-001109cfa233}\Shell - "" = AutoRun
O33 - MountPoints2\{e3c5463e-0a86-11df-bb12-001109cfa233}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e3c5463e-0a86-11df-bb12-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013.02.07 22:25:07 | 002,237,440 | R--- | C] (OldTimer Tools) -- G:\OTLPE.exe
[2013.02.07 22:25:06 | 000,000,000 | ---D | C] -- G:\_OTL
[2013.02.07 17:07:30 | 000,000,000 | RH-D | C] -- G:\Dokumente und Einstellungen\Janine\Recent
[2013.02.07 16:58:57 | 000,000,000 | ---D | C] -- G:\WINDOWS\Prefetch
[2013.02.07 16:49:57 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1btxx.sys
[2013.02.07 16:49:57 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1raxx.sys
[2013.02.07 16:49:57 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1pdxx.sys
[2013.02.07 16:49:57 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1mdxx.sys
[2013.02.07 16:49:57 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv01nt5.dll
[2013.02.07 16:49:57 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv02nt5.dll
[2013.02.07 16:49:57 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv11nt5.dll
[2013.02.07 16:49:57 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv09nt5.dll
[2013.02.07 16:49:57 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv07nt5.dll
[2013.02.07 16:49:57 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv05nt5.dll
[2013.02.07 16:49:57 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv08nt5.dll
[2013.02.07 16:49:56 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati2mtag.sys
[2013.02.07 16:49:56 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati2mtaa.sys
[2013.02.07 16:49:56 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinrvxx.sys
[2013.02.07 16:49:56 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atintuxx.sys
[2013.02.07 16:49:56 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1rvxx.sys
[2013.02.07 16:49:56 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinxsxx.sys
[2013.02.07 16:49:56 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinbtxx.sys
[2013.02.07 16:49:56 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinraxx.sys
[2013.02.07 16:49:56 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1tuxx.sys
[2013.02.07 16:49:56 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1xsxx.sys
[2013.02.07 16:49:56 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinxbxx.sys
[2013.02.07 16:49:56 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1xbxx.sys
[2013.02.07 16:49:56 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinsnxx.sys
[2013.02.07 16:49:56 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1snxx.sys
[2013.02.07 16:49:56 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\atv04nt5.dll
[2013.02.07 16:49:56 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1ttxx.sys
[2013.02.07 16:49:56 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\atv01nt5.dll
[2013.02.07 16:49:56 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\atv10nt5.dll
[2013.02.07 16:49:56 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinpdxx.sys
[2013.02.07 16:49:56 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\atv06nt5.dll
[2013.02.07 16:49:56 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinttxx.sys
[2013.02.07 16:49:56 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinmdxx.sys
[2013.02.07 16:49:56 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\atv02nt5.dll
[2013.02.07 16:49:55 | 000,035,456 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\drivers\bthprint.sys
[2013.02.07 16:49:55 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2013.02.07 16:49:54 | 001,309,184 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\mtlstrm.sys
[2013.02.07 16:49:54 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- G:\WINDOWS\System32\drivers\mtxparhm.sys
[2013.02.07 16:49:54 | 000,180,360 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\ntmtlfax.sys
[2013.02.07 16:49:54 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- G:\WINDOWS\System32\drivers\s3gnbm.sys
[2013.02.07 16:49:54 | 000,129,535 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\slnt7554.sys
[2013.02.07 16:49:54 | 000,126,686 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\mtlmnt5.sys
[2013.02.07 16:49:54 | 000,030,080 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\drivers\rndismpx.sys
[2013.02.07 16:49:54 | 000,013,776 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\recagent.sys
[2013.02.07 16:49:54 | 000,012,672 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\drivers\mutohpen.sys
[2013.02.07 16:49:54 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\siint5.dll
[2013.02.07 16:49:53 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- G:\WINDOWS\System32\ati3d1ag.dll
[2013.02.07 16:49:53 | 000,404,990 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\slntamr.sys
[2013.02.07 16:49:53 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ati2dvaa.dll
[2013.02.07 16:49:53 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ati2cqag.dll
[2013.02.07 16:49:53 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ati2dvag.dll
[2013.02.07 16:49:53 | 000,095,424 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\slnthal.sys
[2013.02.07 16:49:53 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\watv10nt.sys
[2013.02.07 16:49:53 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\watv06nt.sys
[2013.02.07 16:49:53 | 000,013,240 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\slwdmsup.sys
[2013.02.07 16:49:53 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\wadv11nt.sys
[2013.02.07 16:49:53 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\wadv09nt.sys
[2013.02.07 16:49:53 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\wadv07nt.sys
[2013.02.07 16:49:53 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\vchnt5.dll
[2013.02.07 16:49:53 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\wadv08nt.sys
[2013.02.07 16:49:53 | 000,006,016 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\drivers\smbali.sys
[2013.02.07 16:49:52 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- G:\WINDOWS\System32\ati3duag.dll
[2013.02.07 16:49:52 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- G:\WINDOWS\System32\mtxparhd.dll
[2013.02.07 16:49:52 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- G:\WINDOWS\System32\ativvaxx.dll
[2013.02.07 16:49:52 | 000,086,016 | ---- | C] (Conexant) -- G:\WINDOWS\System32\mdmxsdk.dll
[2013.02.07 16:49:52 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ativtmxx.dll
[2013.02.07 16:49:52 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- G:\WINDOWS\System32\hsfcisp2.dll
[2013.02.07 16:49:52 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ativmvxx.ax
[2013.02.07 16:49:52 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ativdaxx.ax
[2013.02.07 16:49:51 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- G:\WINDOWS\System32\s3gnb.dll
[2013.02.07 16:49:51 | 000,286,792 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\slextspk.dll
[2013.02.07 16:49:51 | 000,188,508 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\slgen.dll
[2013.02.07 16:49:51 | 000,073,832 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\slcoinst.dll
[2013.02.07 16:49:51 | 000,073,796 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\slserv.exe
[2013.02.07 16:49:51 | 000,032,866 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\slrundll.exe
[2013.02.07 16:49:51 | 000,032,866 | ---- | C] (Smart Link) -- G:\WINDOWS\slrundll.exe
[2013.02.07 16:49:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\vidcap.ax
[2013.02.07 16:46:49 | 000,000,000 | ---D | C] -- G:\WINDOWS\ServicePackFiles
[2013.02.07 16:44:50 | 000,000,000 | ---D | C] -- G:\WINDOWS\EHome
[2013.02.07 16:40:34 | 000,000,000 | ---D | C] -- G:\Programme\Service Pack 2
[2013.02.02 17:43:18 | 000,000,000 | ---D | C] -- G:\Dokumente und Einstellungen\Janine\Anwendungsdaten\Telefónica
[2013.02.02 17:42:29 | 001,112,288 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\wdfcoinstaller01007.dll
[2013.02.02 17:42:29 | 001,112,288 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\drivers\WdfCoInstaller01007.dll
[2013.02.02 17:42:13 | 000,000,000 | ---D | C] -- G:\Programme\HUAWEI Modem Driver
[2013.02.02 17:41:46 | 000,000,000 | ---D | C] -- G:\Dokumente und Einstellungen\All Users\Startmenü\Programme\o2
[2013.02.02 17:41:39 | 000,000,000 | ---D | C] -- G:\Programme\o2
[1 G:\WINDOWS\System32\*.tmp files -> G:\WINDOWS\System32\*.tmp -> ]
[1 G:\WINDOWS\*.tmp files -> G:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.02.08 14:17:18 | 095,023,320 | ---- | M] () -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\netdislw.pad
[2013.02.08 14:16:51 | 000,002,048 | --S- | M] () -- G:\WINDOWS\bootstat.dat
[2013.02.08 14:16:50 | 536,399,872 | -HS- | M] () -- G:\hiberfil.sys
[2013.02.07 16:58:38 | 000,264,616 | ---- | M] () -- G:\WINDOWS\System32\FNTCACHE.DAT
[2013.02.07 16:55:52 | 000,000,210 | RHS- | M] () -- G:\boot.ini
[2013.02.07 16:29:48 | 000,003,206 | ---- | M] () -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\netdislw.js
[2013.02.07 16:29:48 | 000,000,804 | ---- | M] () -- G:\Dokumente und Einstellungen\Janine\Startmenü\Programme\Autostart\runctf.lnk
[2013.02.07 16:29:07 | 000,013,646 | ---- | M] () -- G:\WINDOWS\System32\wpa.dbl
[2013.02.02 17:43:14 | 000,001,717 | ---- | M] () -- G:\Dokumente und Einstellungen\All Users\Desktop\Mobile Connection Manager.lnk
[2013.02.02 17:42:48 | 000,000,000 | -H-- | M] () -- G:\WINDOWS\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013.02.02 17:41:46 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\All Users\Startmenü\Programme\o2
[1 G:\WINDOWS\System32\*.tmp files -> G:\WINDOWS\System32\*.tmp -> ]
[1 G:\WINDOWS\*.tmp files -> G:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.02.07 17:00:11 | 000,000,718 | ---- | C] () -- G:\Dokumente und Einstellungen\Janine\Startmenü\Programme\Outlook Express.lnk
[2013.02.07 16:49:56 | 000,064,352 | ---- | C] () -- G:\WINDOWS\System32\drivers\ativmc20.cod
[2013.02.07 16:49:55 | 000,129,045 | ---- | C] () -- G:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013.02.07 16:49:54 | 000,067,866 | ---- | C] () -- G:\WINDOWS\System32\drivers\netwlan5.img
[2013.02.07 16:49:52 | 000,081,920 | ---- | C] () -- G:\WINDOWS\System32\ieencode.dll
[2013.02.07 16:29:48 | 000,003,206 | ---- | C] () -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\netdislw.js
[2013.02.07 16:29:48 | 000,000,804 | ---- | C] () -- G:\Dokumente und Einstellungen\Janine\Startmenü\Programme\Autostart\runctf.lnk
[2013.02.07 16:29:30 | 095,023,320 | ---- | C] () -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\netdislw.pad
[2013.02.02 19:43:28 | 536,399,872 | -HS- | C] () -- G:\hiberfil.sys
[2013.02.02 17:43:14 | 000,001,717 | ---- | C] () -- G:\Dokumente und Einstellungen\All Users\Desktop\Mobile Connection Manager.lnk
[2013.02.02 17:42:48 | 000,000,000 | -H-- | C] () -- G:\WINDOWS\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2011.07.27 09:28:01 | 000,000,125 | -HS- | C] () -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2010.03.08 15:02:44 | 000,032,768 | ---- | C] () -- G:\WINDOWS\System32\UnAudioNT.dll
[2010.03.08 15:02:44 | 000,003,351 | ---- | C] () -- G:\WINDOWS\System32\drivers\vsp.sys
[2010.02.28 17:10:17 | 000,001,272 | ---- | C] () -- G:\WINDOWS\System32\drivers\alcxinit.dat
[2010.01.26 16:37:23 | 000,000,000 | ---- | C] () -- G:\WINDOWS\nsreg.dat
[2010.01.25 17:24:21 | 000,058,880 | ---- | C] () -- G:\Dokumente und Einstellungen\Janine\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.25 17:11:39 | 000,002,048 | --S- | C] () -- G:\WINDOWS\bootstat.dat
[2010.01.25 17:06:03 | 000,021,740 | ---- | C] () -- G:\WINDOWS\System32\emptyregdb.dat
[2010.01.25 16:52:46 | 000,004,161 | ---- | C] () -- G:\WINDOWS\ODBCINST.INI
[2010.01.25 16:51:34 | 000,264,616 | ---- | C] () -- G:\WINDOWS\System32\FNTCACHE.DAT
[2008.02.01 08:18:14 | 000,009,216 | ---- | C] () -- G:\WINDOWS\System32\drivers\FlashSys.sys
[2006.10.27 16:26:56 | 000,069,632 | ---- | C] () -- G:\WINDOWS\System32\vuins32.dll
[2004.08.04 13:00:00 | 013,107,200 | ---- | C] () -- G:\WINDOWS\System32\oembios.bin
[2004.08.04 13:00:00 | 000,673,088 | ---- | C] () -- G:\WINDOWS\System32\mlang.dat
[2004.08.04 13:00:00 | 000,478,738 | ---- | C] () -- G:\WINDOWS\System32\perfh007.dat
[2004.08.04 13:00:00 | 000,457,840 | ---- | C] () -- G:\WINDOWS\System32\perfh009.dat
[2004.08.04 13:00:00 | 000,272,128 | ---- | C] () -- G:\WINDOWS\System32\perfi009.dat
[2004.08.04 13:00:00 | 000,269,480 | ---- | C] () -- G:\WINDOWS\System32\perfi007.dat
[2004.08.04 13:00:00 | 000,218,003 | ---- | C] () -- G:\WINDOWS\System32\dssec.dat
[2004.08.04 13:00:00 | 000,092,552 | ---- | C] () -- G:\WINDOWS\System32\perfc007.dat
[2004.08.04 13:00:00 | 000,075,858 | ---- | C] () -- G:\WINDOWS\System32\perfc009.dat
[2004.08.04 13:00:00 | 000,046,258 | ---- | C] () -- G:\WINDOWS\System32\mib.bin
[2004.08.04 13:00:00 | 000,034,478 | ---- | C] () -- G:\WINDOWS\System32\perfd007.dat
[2004.08.04 13:00:00 | 000,028,626 | ---- | C] () -- G:\WINDOWS\System32\perfd009.dat
[2004.08.04 13:00:00 | 000,027,440 | ---- | C] () -- G:\WINDOWS\System32\drivers\secdrv.sys
[2004.08.04 13:00:00 | 000,004,569 | ---- | C] () -- G:\WINDOWS\System32\secupd.dat
[2004.08.04 13:00:00 | 000,004,461 | ---- | C] () -- G:\WINDOWS\System32\oembios.dat
[2004.08.04 13:00:00 | 000,001,788 | ---- | C] () -- G:\WINDOWS\System32\Dcache.bin
[2004.08.04 13:00:00 | 000,000,741 | ---- | C] () -- G:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.07.27 16:30:56 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Temp
[2010.06.05 13:56:59 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\Janine\Anwendungsdaten\Sony
[2013.02.02 17:43:18 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\Janine\Anwendungsdaten\Telefónica
[2011.07.26 15:50:55 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\Janine\Anwendungsdaten\Temp
[2011.01.04 10:10:58 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService
[2011.07.27 09:28:08 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
========== Purity Check ==========
< End of report >
OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 08.02.2013 14:29:54 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = G:\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
511,00 Mb Total Physical Memory | 287,00 Mb Available Physical Memory | 56,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): G:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Programme
Drive C: | 3,77 Gb Total Space | 3,75 Gb Free Space | 99,66% Space Free | Partition Type: FAT32
Drive D: | 14,88 Gb Total Space | 13,12 Gb Free Space | 88,16% Space Free | Partition Type: FAT32
Drive G: | 23,45 Gb Total Space | 17,98 Gb Free Space | 76,69% Space Free | Partition Type: NTFS
Computer Name: NINE | User Name: Janine
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "G:\Programme\VLC Media Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "G:\Programme\VLC Media Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery
"5353:UDP" = 5353:UDP:*:Enabled:Bonjour Port 5353
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Office12\OUTLOOK.EXE" = D:\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Office12\groove.exe" = D:\Office12\groove.exe:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Office12\ONENOTE.EXE" = D:\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"G:\Programme\Kodak\AiO\Center\AiOHomeCenter.exe" = G:\Programme\Kodak\AiO\Center\AiOHomeCenter.exe:*:Enabled:Kodak.AiO.HomeCenter -- (Eastman Kodak Company)
"G:\Programme\Kodak\AiO\Center\Kodak.Statistics.exe" = G:\Programme\Kodak\AiO\Center\Kodak.Statistics.exe:*:Enabled:Kodak.AiO.Statistics -- (Eastman Kodak Company)
"G:\Programme\Kodak\AiO\Center\NetworkPrinterDiscovery.exe" = G:\Programme\Kodak\AiO\Center\NetworkPrinterDiscovery.exe:*:Enabled:Kodak.AiO.SetupUtility -- (Eastman Kodak Company)
"G:\Programme\Kodak\AiO\Firmware\KodakAiOUpdater.exe" = G:\Programme\Kodak\AiO\Firmware\KodakAiOUpdater.exe:*:Enabled:Kodak.AiO.FwUpdater -- (Eastman Kodak Company)
"G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kodak\Installer\Setup.exe" = G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kodak\Installer\Setup.exe:*:Enabled:Kodak.AiO.Installer -- (Eastman Kodak Company)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CCleaner" = CCleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.20.12.00
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"Lexmark Supplies Monitor" = Lexmark Supplies Monitor
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"o2DE" = Mobile Connection Manager
"ULTIMATER" = Microsoft Office Ultimate 2007
"VIA Audio Driver Setup Program" = VIA Audio Driver Setup Program
"VLC media player" = VLC media player 2.0.4
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
< End of report >
[/CODE] |
|
08.02.2013, 14:54
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Anleitung nicht gelesen? Du hast schon wieder ein Log mit OTLPE gemacht du solltest aber OTL normal benutzen in deinem installierten Windows!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.02.2013, 21:06
| #9 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Hallo Cosinus. Da war ich wohl von Deinem "Installiere / Deinstalliere keine Software ohne Aufforderung!" noch zu beeindruckt. Das ist jetzt wirklich nicht böse gemeint und ich bin auch mega dankbar für eure hilfe und bedanke mich auch höflich für jeden Einlauf. Aber ich bin ein Mensch ohne Computer-Gen. Und jetzt halt Dich fest, es kann da schon man passieren das ich einen Fehler mache! Also ich wußte nicht das es noch eine "andere" OTL-Anwendung gibt. Ich habe sie mir jetzt aber aus dem Internet geladen ohne explizit noch mal auf Deine Erlaubnis zu warten Du hast auch nicht geschrieben ob ich irgendwas rückgängig machen soll oder so also habe ich die Schritte unter "Erstmal eine Kontrolle mit OTL bitte" ausgeführt. Muss ich den Fix nicht noch bei OTL machen hatte ihne ja bei OTLPE gemacht?!? Ich habe es noch 2 Mal gelesen ("Mach einen OTL-Fix über OTLPE, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box") aber finde es einfach nicht eindeutig :/ CODE-Tags wie folgt: OTL Logfile: Code:
ATTFilter OTL logfile created on: 10.02.2013 20:43:33 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = G:\ Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 511,48 Mb Total Physical Memory | 299,76 Mb Available Physical Memory | 58,61% Memory free 1,22 Gb Paging File | 1,03 Gb Available in Paging File | 84,69% Paging File free Paging file location(s): G:\pagefile.sys 768 1536 [binary data] %SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Programme Drive C: | 3,77 Gb Total Space | 3,75 Gb Free Space | 99,68% Space Free | Partition Type: FAT32 Drive D: | 14,88 Gb Total Space | 13,12 Gb Free Space | 88,16% Space Free | Partition Type: FAT32 Drive G: | 23,45 Gb Total Space | 17,99 Gb Free Space | 76,72% Space Free | Partition Type: NTFS Computer Name: NINE | User Name: Janine | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - G:\OTL.exe (OldTimer Tools) PRC - G:\Programme\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) PRC - G:\WINDOWS\system32\spool\drivers\w32x86\3\EKAiO2MUI.exe (Eastman Kodak Company) PRC - G:\Programme\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D) PRC - G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\DCService.exe () PRC - D:\Office12\GrooveMonitor.exe (Microsoft Corporation) PRC - G:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - G:\Programme\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe () ========== Modules (No Company Name) ========== MOD - G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\7ca43b94b3935c4595ee05a002400ea5\System.Configuration.ni.dll () MOD - G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\55a193230135f94ab845aec689849a8e\System.Xml.ni.dll () MOD - G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\013358215400de44ac58fb2d72fbc723\System.Windows.Forms.ni.dll () MOD - G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\b3ec66273eed154d92615c40eb599355\System.Drawing.ni.dll () MOD - G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\f67e41a3753e664b8b8077bac2a7c92d\System.ni.dll () MOD - G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\a10a0e4a537c8249a7f806157eeb1b9e\mscorlib.ni.dll () MOD - G:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll () MOD - G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\DCService.exe () MOD - G:\Programme\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe () ========== Services (SafeList) ========== SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (Kodak AiO Network Discovery Service) -- G:\Programme\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) SRV - (TGCM_ImportWiFiSvc) -- G:\Programme\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D) SRV - (DCService.exe) -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\DCService.exe () SRV - (Microsoft Office Groove Audit Service) -- D:\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (odserv) -- G:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- G:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (Scutum50) -- System32\Drivers\Scutum50.sys File not found DRV - (RT73) -- system32\DRIVERS\rt73.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (hwusbdev) -- system32\DRIVERS\ewusbdev.sys File not found DRV - (Changer) -- File not found DRV - (tidnet) -- G:\WINDOWS\system32\drivers\tidnet.sys (Telefónica I+D) DRV - (huawei_enumerator) -- G:\WINDOWS\system32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV - (ewusbnet) -- G:\WINDOWS\system32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV - (hwdatacard) -- G:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (ew_hwusbdev) -- G:\WINDOWS\system32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV - (videX32) -- G:\WINDOWS\system32\drivers\videX32.sys (VIA Technologies, Inc.) DRV - (VIAudio) -- G:\WINDOWS\system32\drivers\viaudios.sys (VIA Technologies, Inc.) DRV - (Vsp) -- G:\WINDOWS\system32\drivers\vsp.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-746137067-796845957-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.freemail.de/ IE - HKU\S-1-5-21-746137067-796845957-725345543-1004\..\SearchScopes,DefaultScope = {5AAB7274-9975-4631-AA45-FE77ED94E63A} IE - HKU\S-1-5-21-746137067-796845957-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-746137067-796845957-725345543-1004\..\SearchScopes\{5AAB7274-9975-4631-AA45-FE77ED94E63A}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKU\S-1-5-21-746137067-796845957-725345543-1004\..\SearchScopes\{AB1C411B-8B44-4977-8766-349558B79345}: "URL" = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms} IE - HKU\S-1-5-21-746137067-796845957-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: G:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: G:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: G:\Programme\VLC Media Player\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: G:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: G:\Programme\Firefox\components [2012.10.20 11:17:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: G:\Programme\Firefox\plugins [2012.10.20 11:40:41 | 000,000,000 | ---D | M] (No name found) -- G:\Dokumente und Einstellungen\Janine\Anwendungsdaten\Mozilla\Extensions O1 HOSTS File: ([2013.02.07 22:25:09 | 000,000,098 | ---- | M]) - G:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - G:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O4 - HKLM..\Run: [Adobe ARM] G:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Conime] G:\WINDOWS\system32\conime.exe (Microsoft Corporation) O4 - HKLM..\Run: [EKAIO2StatusMonitor] G:\WINDOWS\system32\spool\drivers\w32x86\3\EKAiO2MUI.exe (Eastman Kodak Company) O4 - HKLM..\Run: [GrooveMonitor] D:\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [NWEReboot] File not found O4 - Startup: G:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AudioDeck.lnk = G:\Programme\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-746137067-796845957-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKU\S-1-5-21-746137067-796845957-725345543-1004\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites) O15 - HKU\S-1-5-21-746137067-796845957-725345543-1004\..Trusted Domains: com.tw ([global.msi] http in Trusted sites) O15 - HKU\S-1-5-21-746137067-796845957-725345543-1004\..Trusted Domains: com.tw ([www.msi] http in Trusted sites) O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab (WebSDev Control) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43CAE0E6-7EB3-4CCC-BEF1-C42CAACFE07F}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - G:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - G:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - G:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (G:\WINDOWS\system32\userinit.exe) - G:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: G:\Dokumente und Einstellungen\Janine\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: G:\Dokumente und Einstellungen\Janine\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{33a56c05-1803-11e0-bbce-001109cfa233}\Shell - "" = AutoRun O33 - MountPoints2\{33a56c05-1803-11e0-bbce-001109cfa233}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{33a56c05-1803-11e0-bbce-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{6f3252ce-6d57-11e2-bc28-001109cfa233}\Shell - "" = AutoRun O33 - MountPoints2\{6f3252ce-6d57-11e2-bc28-001109cfa233}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{6f3252ce-6d57-11e2-bc28-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{8237859c-17df-11e0-bbcb-001109cfa233}\Shell - "" = AutoRun O33 - MountPoints2\{8237859c-17df-11e0-bbcb-001109cfa233}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{8237859c-17df-11e0-bbcb-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{8cc78f6c-71fa-11e2-bc2f-001109cfa233}\Shell - "" = AutoRun O33 - MountPoints2\{8cc78f6c-71fa-11e2-bc2f-001109cfa233}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{8cc78f6c-71fa-11e2-bc2f-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{ac726b18-17e1-11e0-bbcd-001109cfa233}\Shell - "" = AutoRun O33 - MountPoints2\{ac726b18-17e1-11e0-bbcd-001109cfa233}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{ac726b18-17e1-11e0-bbcd-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{ac726b1c-17e1-11e0-bbcd-001109cfa233}\Shell - "" = AutoRun O33 - MountPoints2\{ac726b1c-17e1-11e0-bbcd-001109cfa233}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{ac726b1c-17e1-11e0-bbcd-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{e093a88c-5a7a-11df-bb68-001109cfa233}\Shell - "" = AutoRun O33 - MountPoints2\{e093a88c-5a7a-11df-bb68-001109cfa233}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e093a88c-5a7a-11df-bb68-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{e3c5463a-0a86-11df-bb12-001109cfa233}\Shell - "" = AutoRun O33 - MountPoints2\{e3c5463a-0a86-11df-bb12-001109cfa233}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e3c5463a-0a86-11df-bb12-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{e3c5463e-0a86-11df-bb12-001109cfa233}\Shell - "" = AutoRun O33 - MountPoints2\{e3c5463e-0a86-11df-bb12-001109cfa233}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e3c5463e-0a86-11df-bb12-001109cfa233}\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.02.10 20:20:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- G:\OTL.exe [2013.02.07 22:25:07 | 002,237,440 | R--- | C] (OldTimer Tools) -- G:\OTLPE.exe [2013.02.07 22:25:06 | 000,000,000 | ---D | C] -- G:\_OTL [2013.02.07 17:07:30 | 000,000,000 | RH-D | C] -- G:\Dokumente und Einstellungen\Janine\Recent [2013.02.07 16:58:57 | 000,000,000 | ---D | C] -- G:\WINDOWS\Prefetch [2013.02.07 16:49:57 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1btxx.sys [2013.02.07 16:49:57 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1raxx.sys [2013.02.07 16:49:57 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1pdxx.sys [2013.02.07 16:49:57 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1mdxx.sys [2013.02.07 16:49:57 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv01nt5.dll [2013.02.07 16:49:57 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv02nt5.dll [2013.02.07 16:49:57 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv11nt5.dll [2013.02.07 16:49:57 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv09nt5.dll [2013.02.07 16:49:57 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv07nt5.dll [2013.02.07 16:49:57 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv05nt5.dll [2013.02.07 16:49:57 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\adv08nt5.dll [2013.02.07 16:49:56 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati2mtag.sys [2013.02.07 16:49:56 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati2mtaa.sys [2013.02.07 16:49:56 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinrvxx.sys [2013.02.07 16:49:56 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atintuxx.sys [2013.02.07 16:49:56 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1rvxx.sys [2013.02.07 16:49:56 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinxsxx.sys [2013.02.07 16:49:56 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinbtxx.sys [2013.02.07 16:49:56 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinraxx.sys [2013.02.07 16:49:56 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1tuxx.sys [2013.02.07 16:49:56 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1xsxx.sys [2013.02.07 16:49:56 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinxbxx.sys [2013.02.07 16:49:56 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1xbxx.sys [2013.02.07 16:49:56 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinsnxx.sys [2013.02.07 16:49:56 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1snxx.sys [2013.02.07 16:49:56 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\atv04nt5.dll [2013.02.07 16:49:56 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\ati1ttxx.sys [2013.02.07 16:49:56 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\atv01nt5.dll [2013.02.07 16:49:56 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\atv10nt5.dll [2013.02.07 16:49:56 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinpdxx.sys [2013.02.07 16:49:56 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\atv06nt5.dll [2013.02.07 16:49:56 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinttxx.sys [2013.02.07 16:49:56 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\drivers\atinmdxx.sys [2013.02.07 16:49:56 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\atv02nt5.dll [2013.02.07 16:49:55 | 000,035,456 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\drivers\bthprint.sys [2013.02.07 16:49:55 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\ch7xxnt5.dll [2013.02.07 16:49:54 | 001,309,184 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\mtlstrm.sys [2013.02.07 16:49:54 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- G:\WINDOWS\System32\drivers\mtxparhm.sys [2013.02.07 16:49:54 | 000,180,360 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\ntmtlfax.sys [2013.02.07 16:49:54 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- G:\WINDOWS\System32\drivers\s3gnbm.sys [2013.02.07 16:49:54 | 000,129,535 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\slnt7554.sys [2013.02.07 16:49:54 | 000,126,686 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\mtlmnt5.sys [2013.02.07 16:49:54 | 000,030,080 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\drivers\rndismpx.sys [2013.02.07 16:49:54 | 000,013,776 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\recagent.sys [2013.02.07 16:49:54 | 000,012,672 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\drivers\mutohpen.sys [2013.02.07 16:49:54 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\siint5.dll [2013.02.07 16:49:53 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- G:\WINDOWS\System32\ati3d1ag.dll [2013.02.07 16:49:53 | 000,404,990 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\slntamr.sys [2013.02.07 16:49:53 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ati2dvaa.dll [2013.02.07 16:49:53 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ati2cqag.dll [2013.02.07 16:49:53 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ati2dvag.dll [2013.02.07 16:49:53 | 000,095,424 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\slnthal.sys [2013.02.07 16:49:53 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\watv10nt.sys [2013.02.07 16:49:53 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\watv06nt.sys [2013.02.07 16:49:53 | 000,013,240 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\drivers\slwdmsup.sys [2013.02.07 16:49:53 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\wadv11nt.sys [2013.02.07 16:49:53 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\wadv09nt.sys [2013.02.07 16:49:53 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\wadv07nt.sys [2013.02.07 16:49:53 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\vchnt5.dll [2013.02.07 16:49:53 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- G:\WINDOWS\System32\drivers\wadv08nt.sys [2013.02.07 16:49:53 | 000,006,016 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\drivers\smbali.sys [2013.02.07 16:49:52 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- G:\WINDOWS\System32\ati3duag.dll [2013.02.07 16:49:52 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- G:\WINDOWS\System32\mtxparhd.dll [2013.02.07 16:49:52 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- G:\WINDOWS\System32\ativvaxx.dll [2013.02.07 16:49:52 | 000,086,016 | ---- | C] (Conexant) -- G:\WINDOWS\System32\mdmxsdk.dll [2013.02.07 16:49:52 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ativtmxx.dll [2013.02.07 16:49:52 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- G:\WINDOWS\System32\hsfcisp2.dll [2013.02.07 16:49:52 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ativmvxx.ax [2013.02.07 16:49:52 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- G:\WINDOWS\System32\ativdaxx.ax [2013.02.07 16:49:51 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- G:\WINDOWS\System32\s3gnb.dll [2013.02.07 16:49:51 | 000,286,792 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\slextspk.dll [2013.02.07 16:49:51 | 000,188,508 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\slgen.dll [2013.02.07 16:49:51 | 000,073,832 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\slcoinst.dll [2013.02.07 16:49:51 | 000,073,796 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\slserv.exe [2013.02.07 16:49:51 | 000,032,866 | ---- | C] (Smart Link) -- G:\WINDOWS\System32\slrundll.exe [2013.02.07 16:49:51 | 000,032,866 | ---- | C] (Smart Link) -- G:\WINDOWS\slrundll.exe [2013.02.07 16:49:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\vidcap.ax [2013.02.07 16:46:49 | 000,000,000 | ---D | C] -- G:\WINDOWS\ServicePackFiles [2013.02.07 16:44:50 | 000,000,000 | ---D | C] -- G:\WINDOWS\EHome [2013.02.07 16:40:34 | 000,000,000 | ---D | C] -- G:\Programme\Service Pack 2 [2013.02.02 17:43:18 | 000,000,000 | ---D | C] -- G:\Dokumente und Einstellungen\Janine\Anwendungsdaten\Telefónica [2013.02.02 17:42:29 | 001,112,288 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\wdfcoinstaller01007.dll [2013.02.02 17:42:29 | 001,112,288 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\drivers\WdfCoInstaller01007.dll [2013.02.02 17:42:13 | 000,000,000 | ---D | C] -- G:\Programme\HUAWEI Modem Driver [2013.02.02 17:41:46 | 000,000,000 | ---D | C] -- G:\Dokumente und Einstellungen\All Users\Startmenü\Programme\o2 [2013.02.02 17:41:39 | 000,000,000 | ---D | C] -- G:\Programme\o2 [1 G:\WINDOWS\System32\*.tmp files -> G:\WINDOWS\System32\*.tmp -> ] [1 G:\WINDOWS\*.tmp files -> G:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.02.10 20:26:10 | 095,023,320 | ---- | M] () -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\netdislw.pad [2013.02.10 20:26:02 | 000,013,646 | ---- | M] () -- G:\WINDOWS\System32\wpa.dbl [2013.02.10 20:26:01 | 000,002,048 | --S- | M] () -- G:\WINDOWS\bootstat.dat [2013.02.10 20:25:59 | 536,399,872 | -HS- | M] () -- G:\hiberfil.sys [2013.02.10 20:23:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\OTL.exe [2013.02.07 16:58:38 | 000,264,616 | ---- | M] () -- G:\WINDOWS\System32\FNTCACHE.DAT [2013.02.07 16:55:52 | 000,000,210 | RHS- | M] () -- G:\boot.ini [2013.02.07 16:29:48 | 000,003,206 | ---- | M] () -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\netdislw.js [2013.02.07 16:29:48 | 000,000,804 | ---- | M] () -- G:\Dokumente und Einstellungen\Janine\Startmenü\Programme\Autostart\runctf.lnk [2013.02.02 17:43:14 | 000,001,717 | ---- | M] () -- G:\Dokumente und Einstellungen\All Users\Desktop\Mobile Connection Manager.lnk [2013.02.02 17:42:48 | 000,000,000 | -H-- | M] () -- G:\WINDOWS\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf [1 G:\WINDOWS\System32\*.tmp files -> G:\WINDOWS\System32\*.tmp -> ] [1 G:\WINDOWS\*.tmp files -> G:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.02.07 17:00:11 | 000,000,718 | ---- | C] () -- G:\Dokumente und Einstellungen\Janine\Startmenü\Programme\Outlook Express.lnk [2013.02.07 16:49:56 | 000,064,352 | ---- | C] () -- G:\WINDOWS\System32\drivers\ativmc20.cod [2013.02.07 16:49:55 | 000,129,045 | ---- | C] () -- G:\WINDOWS\System32\drivers\cxthsfs2.cty [2013.02.07 16:49:54 | 000,067,866 | ---- | C] () -- G:\WINDOWS\System32\drivers\netwlan5.img [2013.02.07 16:49:52 | 000,081,920 | ---- | C] () -- G:\WINDOWS\System32\ieencode.dll [2013.02.07 16:29:48 | 000,003,206 | ---- | C] () -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\netdislw.js [2013.02.07 16:29:48 | 000,000,804 | ---- | C] () -- G:\Dokumente und Einstellungen\Janine\Startmenü\Programme\Autostart\runctf.lnk [2013.02.07 16:29:30 | 095,023,320 | ---- | C] () -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\netdislw.pad [2013.02.02 19:43:28 | 536,399,872 | -HS- | C] () -- G:\hiberfil.sys [2013.02.02 17:43:14 | 000,001,717 | ---- | C] () -- G:\Dokumente und Einstellungen\All Users\Desktop\Mobile Connection Manager.lnk [2013.02.02 17:42:48 | 000,000,000 | -H-- | C] () -- G:\WINDOWS\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf [2011.07.27 09:28:01 | 000,000,125 | -HS- | C] () -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib [2010.01.25 17:24:21 | 000,058,880 | ---- | C] () -- G:\Dokumente und Einstellungen\Janine\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2011.07.26 15:47:23 | 000,000,227 | RHS- | M] () -- G:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009.01.07 18:20:26 | 001,497,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = G:\WINDOWS\system32\wbem\fastprox.dll -- [2004.08.04 13:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = G:\WINDOWS\system32\wbem\wbemess.dll -- [2004.08.04 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 10.02.2013 20:43:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = G:\
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
511,48 Mb Total Physical Memory | 299,76 Mb Available Physical Memory | 58,61% Memory free
1,22 Gb Paging File | 1,03 Gb Available in Paging File | 84,69% Paging File free
Paging file location(s): G:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Programme
Drive C: | 3,77 Gb Total Space | 3,75 Gb Free Space | 99,68% Space Free | Partition Type: FAT32
Drive D: | 14,88 Gb Total Space | 13,12 Gb Free Space | 88,16% Space Free | Partition Type: FAT32
Drive G: | 23,45 Gb Total Space | 17,99 Gb Free Space | 76,72% Space Free | Partition Type: NTFS
Computer Name: NINE | User Name: Janine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "G:\Programme\VLC Media Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "G:\Programme\VLC Media Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery
"5353:UDP" = 5353:UDP:*:Enabled:Bonjour Port 5353
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Office12\OUTLOOK.EXE" = D:\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Office12\groove.exe" = D:\Office12\groove.exe:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Office12\ONENOTE.EXE" = D:\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"G:\Programme\Internet Explorer\iexplore.exe" = G:\Programme\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer -- (Microsoft Corporation)
"G:\Programme\Kodak\AiO\Center\AiOHomeCenter.exe" = G:\Programme\Kodak\AiO\Center\AiOHomeCenter.exe:*:Enabled:Kodak.AiO.HomeCenter -- (Eastman Kodak Company)
"G:\Programme\Kodak\AiO\Center\Kodak.Statistics.exe" = G:\Programme\Kodak\AiO\Center\Kodak.Statistics.exe:*:Enabled:Kodak.AiO.Statistics -- (Eastman Kodak Company)
"G:\Programme\Kodak\AiO\Center\NetworkPrinterDiscovery.exe" = G:\Programme\Kodak\AiO\Center\NetworkPrinterDiscovery.exe:*:Enabled:Kodak.AiO.SetupUtility -- (Eastman Kodak Company)
"G:\Programme\Kodak\AiO\Firmware\KodakAiOUpdater.exe" = G:\Programme\Kodak\AiO\Firmware\KodakAiOUpdater.exe:*:Enabled:Kodak.AiO.FwUpdater -- (Eastman Kodak Company)
"G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kodak\Installer\Setup.exe" = G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kodak\Installer\Setup.exe:*:Enabled:Kodak.AiO.Installer -- (Eastman Kodak Company)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CCleaner" = CCleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.20.12.00
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"Lexmark Supplies Monitor" = Lexmark Supplies Monitor
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"o2DE" = Mobile Connection Manager
"ULTIMATER" = Microsoft Office Ultimate 2007
"VIA Audio Driver Setup Program" = VIA Audio Driver Setup Program
"VLC media player" = VLC media player 2.0.4
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.08.2010 08:48:00 | Computer Name = NINE | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 29.08.2010 08:48:15 | Computer Name = NINE | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
Error - 04.09.2010 05:01:36 | Computer Name = NINE | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 04.09.2010 05:01:36 | Computer Name = NINE | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 04.09.2010 05:01:51 | Computer Name = NINE | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
Error - 19.09.2010 07:25:52 | Computer Name = NINE | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung WINWORD.EXE, Version 12.0.4518.1014, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 19.09.2010 07:25:52 | Computer Name = NINE | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung WINWORD.EXE, Version 12.0.4518.1014, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 19.09.2010 12:26:48 | Computer Name = NINE | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 19.09.2010 12:26:48 | Computer Name = NINE | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 19.09.2010 12:27:03 | Computer Name = NINE | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
[ System Events ]
Error - 07.02.2013 11:55:29 | Computer Name = NINE | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 07.02.2013 11:59:20 | Computer Name = NINE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Scutum50 NDIS Protocol Driver" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 08.02.2013 09:16:58 | Computer Name = NINE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Scutum50 NDIS Protocol Driver" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 08.02.2013 10:24:23 | Computer Name = NINE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Scutum50 NDIS Protocol Driver" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 08.02.2013 10:25:20 | Computer Name = NINE | Source = Cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom2 gefunden.
Error - 08.02.2013 10:25:21 | Computer Name = NINE | Source = Cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom2 gefunden.
Error - 08.02.2013 10:26:27 | Computer Name = NINE | Source = Cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom2 gefunden.
Error - 08.02.2013 10:26:55 | Computer Name = NINE | Source = Cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom2 gefunden.
Error - 08.02.2013 10:28:24 | Computer Name = NINE | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\D gefunden.
Error - 10.02.2013 15:26:05 | Computer Name = NINE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Scutum50 NDIS Protocol Driver" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
< End of report >
[/CODE] [/CODE] |
|
11.02.2013, 09:35
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus. Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.02.2013, 18:49
| #11 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus [CODE] GMER Logfile: Code:
ATTFilter GMER 2.0.18454 - hxxp://www.gmer.net
Rootkit scan 2013-02-11 16:57:05
Windows 5.1.2600 Service Pack 2 \Device\Harddisk1\DR3 -> \Device\Ide\IdePort0 ________ rev.1100 0,00MB
Running: gmer_2.0.18454.exe; Driver: G:\DOKUME~1\Janine\LOKALE~1\Temp\pxtdqpow.sys
---- User code sections - GMER 2.0 ----
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[356] USER32.dll!CreateWindowExW 77D21AD5 5 Bytes JMP 01234832 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[356] USER32.dll!DialogBoxParamW 77D26702 5 Bytes JMP 01159315 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[356] USER32.dll!DialogBoxParamA 77D288E1 5 Bytes JMP 0134DFBE G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[356] USER32.dll!DialogBoxIndirectParamW 77D32598 5 Bytes JMP 0134E021 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[356] USER32.dll!MessageBoxIndirectA 77D3AEF1 5 Bytes JMP 0134DF51 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[356] USER32.dll!MessageBoxExW 77D50559 5 Bytes JMP 0134DE22 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[356] USER32.dll!MessageBoxExA 77D5057D 5 Bytes JMP 0134DE84 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[356] USER32.dll!DialogBoxIndirectParamA 77D56CED 5 Bytes JMP 0134E084 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[356] USER32.dll!MessageBoxIndirectW 77D660B7 5 Bytes JMP 0134DEE6 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!CallNextHookEx 77D1ED6E 5 Bytes JMP 0122DD81 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!CreateWindowExW 77D21AD5 5 Bytes JMP 01234832 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!DialogBoxParamW 77D26702 5 Bytes JMP 01159315 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!DialogBoxParamA 77D288E1 5 Bytes JMP 0134DFBE G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!DialogBoxIndirectParamW 77D32598 5 Bytes JMP 0134E021 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!MessageBoxIndirectA 77D3AEF1 5 Bytes JMP 0134DF51 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!SetWindowsHookExW 77D3E621 5 Bytes JMP 0122DBCB G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!UnhookWindowsHookEx 77D3F29F 5 Bytes JMP 01191CA2 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!MessageBoxExW 77D50559 5 Bytes JMP 0134DE22 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!MessageBoxExA 77D5057D 5 Bytes JMP 0134DE84 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!DialogBoxIndirectParamA 77D56CED 5 Bytes JMP 0134E084 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] USER32.dll!MessageBoxIndirectW 77D660B7 5 Bytes JMP 0134DEE6 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] ole32.dll!CoCreateInstance 774F6009 5 Bytes JMP 0123488E G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- User IAT/EAT - GMER 2.0 ----
IAT G:\Programme\Internet Explorer\IEXPLORE.EXE[1348] @ G:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00C718FD] G:\Programme\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
---- Disk sectors - GMER 2.0 ----
Disk \Device\Harddisk1\DR3 sector 00: rootkit-like behavior
---- EOF - GMER 2.0 ----
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-11 17:23:39
-----------------------------
17:23:39.687 OS Version: Windows 5.1.2600 Service Pack 2
17:23:39.687 Number of processors: 1 586 0x602
17:23:39.687 ComputerName: NINE UserName:
17:23:40.156 Initialize success
18:26:52.318 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:26:52.318 Disk 0 Vendor: IC35L040AVVN07-0 VA2OAF0C Size: 39266MB BusType: 3
18:26:52.318 Disk 1 MBR read successfully
18:26:52.318 Disk 1 MBR scan
18:26:52.318 Disk 1 Windows XP default MBR code
18:26:52.318 Disk 1 MBR hidden
18:26:52.334 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 24011 MB offset 63
18:26:52.334 Disk 1 Partition - 00 0F Extended LBA 15249 MB offset 49174965
18:26:52.349 Disk 1 Partition 2 00 0B FAT32 MSWIN4.1 15249 MB offset 49175028
18:26:52.412 Disk 1 scanning G:\WINDOWS\system32\drivers
18:27:00.553 Service scanning
18:27:15.224 Modules scanning
18:28:08.099 Disk 1 trace - called modules:
18:28:08.099 ntoskrnl.exe CLASSPNP.SYS disk.sys hal.dll
18:28:08.631 1 nt!IofCallDriver -> \Device\Harddisk1\DR5[0x81f05030]
18:28:08.631 Scan finished successfully
18:33:55.287 Disk 1 MBR has been saved successfully to "G:\Dokumente und Einstellungen\Janine\Desktop\MBR.dat"
18:33:55.287 The log file has been saved successfully to "G:\Dokumente und Einstellungen\Janine\Desktop\aswMBR.txt"
|
|
11.02.2013, 23:35
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Hm, bitte mal den TDSS-Killer starten: Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.02.2013, 21:13
| #13 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus no threats found! |
|
13.02.2013, 10:58
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Log von meinen angewiesenen Tools bitte immer komplett und in CODE-Tags posten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.02.2013, 11:20
| #15 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten ModusCode:
ATTFilter 21:09:11.0718 2360 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:09:11.0750 2360 ============================================================
21:09:11.0750 2360 Current date / time: 2013/02/12 21:09:11.0750
21:09:11.0750 2360 SystemInfo:
21:09:11.0750 2360
21:09:11.0750 2360 OS Version: 5.1.2600 ServicePack: 2.0
21:09:11.0750 2360 Product type: Workstation
21:09:11.0750 2360 ComputerName: NINE
21:09:11.0750 2360 UserName: Janine
21:09:11.0750 2360 Windows directory: G:\WINDOWS
21:09:11.0750 2360 System windows directory: G:\WINDOWS
21:09:11.0750 2360 Processor architecture: Intel x86
21:09:11.0750 2360 Number of processors: 1
21:09:11.0750 2360 Page size: 0x1000
21:09:11.0750 2360 Boot type: Normal boot
21:09:11.0750 2360 ============================================================
21:09:13.0265 2360 Drive \Device\Harddisk0\DR0 - Size: 0x9962B8000 (38.35 Gb), SectorSize: 0x200, Cylinders: 0x138D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:09:13.0265 2360 Drive \Device\Harddisk1\DR3 - Size: 0xF1800000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:09:13.0281 2360 ============================================================
21:09:13.0281 2360 \Device\Harddisk0\DR0:
21:09:13.0281 2360 MBR partitions:
21:09:13.0281 2360 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2EE5976
21:09:13.0296 2360 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x2EE59F4, BlocksNum 0x1DC8959
21:09:13.0296 2360 \Device\Harddisk1\DR3:
21:09:13.0296 2360 MBR partitions:
21:09:13.0296 2360 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x78BFC1
21:09:13.0296 2360 ============================================================
21:09:13.0296 2360 D: <-> \Device\Harddisk0\DR0\Partition2
21:09:13.0359 2360 G: <-> \Device\Harddisk0\DR0\Partition1
21:09:13.0359 2360 ============================================================
21:09:13.0359 2360 Initialize success
21:09:13.0359 2360 ============================================================
21:09:19.0781 2384 ============================================================
21:09:19.0781 2384 Scan started
21:09:19.0781 2384 Mode: Manual;
21:09:19.0781 2384 ============================================================
21:09:20.0078 2384 ================ Scan system memory ========================
21:09:21.0921 2384 System memory - ok
21:09:21.0937 2384 ================ Scan services =============================
21:09:22.0140 2384 Abiosdsk - ok
21:09:22.0156 2384 abp480n5 - ok
21:09:22.0234 2384 [ 94B4741D2CF9ED38140B831293D1601A ] ACPI G:\WINDOWS\system32\DRIVERS\ACPI.sys
21:09:22.0234 2384 ACPI - ok
21:09:22.0296 2384 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC G:\WINDOWS\system32\drivers\ACPIEC.sys
21:09:22.0296 2384 ACPIEC - ok
21:09:22.0343 2384 adpu160m - ok
21:09:22.0406 2384 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec G:\WINDOWS\system32\drivers\aec.sys
21:09:22.0406 2384 aec - ok
21:09:22.0484 2384 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD G:\WINDOWS\System32\drivers\afd.sys
21:09:22.0484 2384 AFD - ok
21:09:22.0515 2384 Aha154x - ok
21:09:22.0546 2384 aic78u2 - ok
21:09:22.0578 2384 aic78xx - ok
21:09:22.0640 2384 [ 1AAB6C5F8376357CB9B16C38C42C4076 ] Alerter G:\WINDOWS\system32\alrsvc.dll
21:09:22.0640 2384 Alerter - ok
21:09:22.0687 2384 [ 6596DD260FFDE1BDC994C1DF236307BB ] ALG G:\WINDOWS\System32\alg.exe
21:09:22.0687 2384 ALG - ok
21:09:22.0734 2384 AliIde - ok
21:09:22.0765 2384 [ FBF9FFB0B638DF1448821BD0ACEEB780 ] AmdK7 G:\WINDOWS\system32\DRIVERS\amdk7.sys
21:09:22.0765 2384 AmdK7 - ok
21:09:22.0828 2384 amsint - ok
21:09:22.0859 2384 AppMgmt - ok
21:09:22.0890 2384 asc - ok
21:09:22.0921 2384 asc3350p - ok
21:09:22.0953 2384 asc3550 - ok
21:09:23.0078 2384 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:09:23.0109 2384 aspnet_state - ok
21:09:23.0171 2384 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac G:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:09:23.0171 2384 AsyncMac - ok
21:09:23.0250 2384 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi G:\WINDOWS\system32\DRIVERS\atapi.sys
21:09:23.0250 2384 atapi - ok
21:09:23.0281 2384 Atdisk - ok
21:09:23.0343 2384 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc G:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:09:23.0343 2384 Atmarpc - ok
21:09:23.0406 2384 [ E98B8250398F6637B335A76BA8DFB602 ] AudioSrv G:\WINDOWS\System32\audiosrv.dll
21:09:23.0406 2384 AudioSrv - ok
21:09:23.0468 2384 [ D9F724AA26C010A217C97606B160ED68 ] audstub G:\WINDOWS\system32\DRIVERS\audstub.sys
21:09:23.0468 2384 audstub - ok
21:09:23.0546 2384 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep G:\WINDOWS\system32\drivers\Beep.sys
21:09:23.0546 2384 Beep - ok
21:09:23.0625 2384 [ 3A5E54A9AB96EF2D273B58136FB58EFE ] BITS G:\WINDOWS\system32\qmgr.dll
21:09:23.0640 2384 BITS - ok
21:09:23.0687 2384 [ D8653DCD80CF2EBB333FC4FCC43A7DEF ] Browser G:\WINDOWS\System32\browser.dll
21:09:23.0687 2384 Browser - ok
21:09:23.0750 2384 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k G:\WINDOWS\system32\drivers\cbidf2k.sys
21:09:23.0750 2384 cbidf2k - ok
21:09:23.0781 2384 cd20xrnt - ok
21:09:23.0859 2384 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio G:\WINDOWS\system32\drivers\Cdaudio.sys
21:09:23.0859 2384 Cdaudio - ok
21:09:23.0921 2384 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs G:\WINDOWS\system32\drivers\Cdfs.sys
21:09:23.0937 2384 Cdfs - ok
21:09:23.0984 2384 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom G:\WINDOWS\system32\DRIVERS\cdrom.sys
21:09:23.0984 2384 Cdrom - ok
21:09:24.0015 2384 Changer - ok
21:09:24.0078 2384 [ 234D52C63C67A8CF4AF9BECCE43BFB4A ] CiSvc G:\WINDOWS\system32\cisvc.exe
21:09:24.0078 2384 CiSvc - ok
21:09:24.0109 2384 [ 0461868578D29DC18FB1C79933C5158A ] ClipSrv G:\WINDOWS\system32\clipsrv.exe
21:09:24.0109 2384 ClipSrv - ok
21:09:24.0187 2384 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 G:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:09:24.0234 2384 clr_optimization_v2.0.50727_32 - ok
21:09:24.0312 2384 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:09:24.0375 2384 clr_optimization_v4.0.30319_32 - ok
21:09:24.0406 2384 CmdIde - ok
21:09:24.0437 2384 COMSysApp - ok
21:09:24.0500 2384 Cpqarray - ok
21:09:24.0562 2384 [ 1A5F9DB98DF7955B4C7CBDBF2C638238 ] CryptSvc G:\WINDOWS\System32\cryptsvc.dll
21:09:24.0562 2384 CryptSvc - ok
21:09:24.0609 2384 dac2w2k - ok
21:09:24.0640 2384 dac960nt - ok
21:09:24.0718 2384 [ 9F28FF58D6D67B123272869D89D14004 ] DcomLaunch G:\WINDOWS\system32\rpcss.dll
21:09:24.0734 2384 DcomLaunch - ok
21:09:24.0859 2384 [ CC8B5C964B777F4EC3E89F13B4B5FF0F ] DCService.exe G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\DCService.exe
21:09:24.0875 2384 DCService.exe - ok
21:09:24.0937 2384 [ 69F986B2688BA95A0D9362B0E233D5FF ] Dhcp G:\WINDOWS\System32\dhcpcsvc.dll
21:09:24.0937 2384 Dhcp - ok
21:09:24.0984 2384 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk G:\WINDOWS\system32\DRIVERS\disk.sys
21:09:24.0984 2384 Disk - ok
21:09:25.0015 2384 dmadmin - ok
21:09:25.0093 2384 [ 5789B83BA87FC84C3568CF86CACEF8CE ] dmboot G:\WINDOWS\system32\drivers\dmboot.sys
21:09:25.0125 2384 dmboot - ok
21:09:25.0171 2384 [ 084EB0A50A4F7B4705C8A57F234E5291 ] dmio G:\WINDOWS\system32\drivers\dmio.sys
21:09:25.0187 2384 dmio - ok
21:09:25.0234 2384 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload G:\WINDOWS\system32\drivers\dmload.sys
21:09:25.0234 2384 dmload - ok
21:09:25.0281 2384 [ FA2D9D1A9F6B5A88D01E1685CE2378BA ] dmserver G:\WINDOWS\System32\dmserver.dll
21:09:25.0281 2384 dmserver - ok
21:09:25.0343 2384 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic G:\WINDOWS\system32\drivers\DMusic.sys
21:09:25.0343 2384 DMusic - ok
21:09:25.0421 2384 [ D1F5B71BBAEEE07B78980DBD878C0BC7 ] Dnscache G:\WINDOWS\System32\dnsrslvr.dll
21:09:25.0421 2384 Dnscache - ok
21:09:25.0453 2384 dpti2o - ok
21:09:25.0484 2384 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud G:\WINDOWS\system32\drivers\drmkaud.sys
21:09:25.0484 2384 drmkaud - ok
21:09:25.0531 2384 [ 877A4512CC9074D6954776AF47021766 ] ERSvc G:\WINDOWS\System32\ersvc.dll
21:09:25.0546 2384 ERSvc - ok
21:09:25.0578 2384 [ EDB6B81761BD60F32F740BBC40AFB676 ] Eventlog G:\WINDOWS\system32\services.exe
21:09:25.0593 2384 Eventlog - ok
21:09:25.0640 2384 [ 4E1A8645EE77CB9454FFE53C59620A25 ] EventSystem G:\WINDOWS\system32\es.dll
21:09:25.0656 2384 EventSystem - ok
21:09:25.0718 2384 [ A52794C010C6DF5B4BC70C4AB5E04088 ] ewusbnet G:\WINDOWS\system32\DRIVERS\ewusbnet.sys
21:09:25.0718 2384 ewusbnet - ok
21:09:25.0765 2384 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev G:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
21:09:25.0765 2384 ew_hwusbdev - ok
21:09:25.0843 2384 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat G:\WINDOWS\system32\drivers\Fastfat.sys
21:09:25.0859 2384 Fastfat - ok
21:09:25.0921 2384 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] FastUserSwitchingCompatibility G:\WINDOWS\System32\shsvcs.dll
21:09:25.0953 2384 FastUserSwitchingCompatibility - ok
21:09:26.0000 2384 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc G:\WINDOWS\system32\DRIVERS\fdc.sys
21:09:26.0000 2384 Fdc - ok
21:09:26.0062 2384 [ 8787449F8EF116DB0E8E06C3555746A7 ] FET5X86V G:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
21:09:26.0062 2384 FET5X86V - ok
21:09:26.0125 2384 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS G:\WINDOWS\system32\DRIVERS\fetnd5.sys
21:09:26.0125 2384 FETNDIS - ok
21:09:26.0203 2384 [ 9E9AF89F9B14AA6249065C309CE73BD8 ] Fips G:\WINDOWS\system32\drivers\Fips.sys
21:09:26.0203 2384 Fips - ok
21:09:26.0265 2384 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk G:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:09:26.0265 2384 Flpydisk - ok
21:09:26.0343 2384 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr G:\WINDOWS\system32\drivers\fltmgr.sys
21:09:26.0343 2384 FltMgr - ok
21:09:26.0375 2384 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec G:\WINDOWS\system32\drivers\Fs_Rec.sys
21:09:26.0375 2384 Fs_Rec - ok
21:09:26.0421 2384 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk G:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:09:26.0437 2384 Ftdisk - ok
21:09:26.0468 2384 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc G:\WINDOWS\system32\DRIVERS\msgpc.sys
21:09:26.0468 2384 Gpc - ok
21:09:26.0531 2384 [ BA85BCF1A2BCF927C3600574173403E0 ] helpsvc G:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:09:26.0531 2384 helpsvc - ok
21:09:26.0593 2384 [ B647CA198B9C73056ABFB0A9D8F4916D ] HidServ G:\WINDOWS\System32\hidserv.dll
21:09:26.0593 2384 HidServ - ok
21:09:26.0640 2384 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb G:\WINDOWS\system32\DRIVERS\hidusb.sys
21:09:26.0640 2384 hidusb - ok
21:09:26.0687 2384 hpn - ok
21:09:26.0765 2384 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP G:\WINDOWS\system32\Drivers\HTTP.sys
21:09:26.0765 2384 HTTP - ok
21:09:26.0812 2384 [ 9EC7E866BBDBF3ECC0E67F4E0A838EB2 ] HTTPFilter G:\WINDOWS\System32\w3ssl.dll
21:09:26.0828 2384 HTTPFilter - ok
21:09:26.0875 2384 [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator G:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
21:09:26.0875 2384 huawei_enumerator - ok
21:09:26.0921 2384 [ 1F40368DC40B17DE3FA0FBE8A9D82F9E ] hwdatacard G:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
21:09:26.0921 2384 hwdatacard - ok
21:09:26.0968 2384 hwusbdev - ok
21:09:27.0000 2384 i2omgmt - ok
21:09:27.0031 2384 i2omp - ok
21:09:27.0078 2384 [ 7C575018D0413440D75432A78B88C899 ] i8042prt G:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:09:27.0078 2384 i8042prt - ok
21:09:27.0140 2384 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi G:\WINDOWS\system32\DRIVERS\imapi.sys
21:09:27.0140 2384 Imapi - ok
21:09:27.0203 2384 [ 57D7267A9ED91ECAF4336B08C9628FCA ] ImapiService G:\WINDOWS\system32\imapi.exe
21:09:27.0203 2384 ImapiService - ok
21:09:27.0250 2384 ini910u - ok
21:09:27.0296 2384 IntelIde - ok
21:09:27.0359 2384 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw G:\WINDOWS\system32\drivers\ip6fw.sys
21:09:27.0359 2384 Ip6Fw - ok
21:09:27.0406 2384 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver G:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:09:27.0421 2384 IpFilterDriver - ok
21:09:27.0421 2384 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp G:\WINDOWS\system32\DRIVERS\ipinip.sys
21:09:27.0437 2384 IpInIp - ok
21:09:27.0484 2384 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat G:\WINDOWS\system32\DRIVERS\ipnat.sys
21:09:27.0500 2384 IpNat - ok
21:09:27.0562 2384 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec G:\WINDOWS\system32\DRIVERS\ipsec.sys
21:09:27.0562 2384 IPSec - ok
21:09:27.0625 2384 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM G:\WINDOWS\system32\DRIVERS\irenum.sys
21:09:27.0625 2384 IRENUM - ok
21:09:27.0703 2384 [ CE9B7AFDF0A3D7DD8D1487262316B959 ] isapnp G:\WINDOWS\system32\DRIVERS\isapnp.sys
21:09:27.0703 2384 isapnp - ok
21:09:27.0765 2384 [ B128FC0A5CD83F669D5DE4B58F77C7D6 ] Kbdclass G:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:09:27.0765 2384 Kbdclass - ok
21:09:27.0843 2384 [ 7EC877AA899323B92874FE62C7DDCDE7 ] kbdhid G:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:09:27.0843 2384 kbdhid - ok
21:09:27.0890 2384 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer G:\WINDOWS\system32\drivers\kmixer.sys
21:09:27.0906 2384 kmixer - ok
21:09:28.0093 2384 [ 613CC08496F1FA91FB43303FB65D37C6 ] Kodak AiO Network Discovery Service G:\Programme\Kodak\AiO\Center\EKAiOHostService.exe
21:09:28.0109 2384 Kodak AiO Network Discovery Service - ok
21:09:28.0156 2384 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD G:\WINDOWS\system32\drivers\KSecDD.sys
21:09:28.0171 2384 KSecDD - ok
21:09:28.0218 2384 [ F8170AA51CD202BC062B8A0983F361B7 ] lanmanserver G:\WINDOWS\System32\srvsvc.dll
21:09:28.0234 2384 lanmanserver - ok
21:09:28.0281 2384 [ 36D74668F5448D55887FA3958488DC06 ] lanmanworkstation G:\WINDOWS\System32\wkssvc.dll
21:09:28.0296 2384 lanmanworkstation - ok
21:09:28.0328 2384 lbrtfdc - ok
21:09:28.0390 2384 [ 4C25FADD7FE1D5BD779B20D3D0EB8D7C ] LmHosts G:\WINDOWS\System32\lmhsvc.dll
21:09:28.0390 2384 LmHosts - ok
21:09:28.0453 2384 [ E5215AB942C5AC5F7EB0E54871D7A27C ] Messenger G:\WINDOWS\System32\msgsvc.dll
21:09:28.0453 2384 Messenger - ok
21:09:28.0546 2384 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service D:\Office12\GrooveAuditService.exe
21:09:28.0546 2384 Microsoft Office Groove Audit Service - ok
21:09:28.0609 2384 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd G:\WINDOWS\system32\drivers\mnmdd.sys
21:09:28.0609 2384 mnmdd - ok
21:09:28.0671 2384 [ BB2470D20405B272EA47CA5E18F1C58E ] mnmsrvc G:\WINDOWS\system32\mnmsrvc.exe
21:09:28.0671 2384 mnmsrvc - ok
21:09:28.0703 2384 [ 91A3DA4B12F6F1D760463A7F7857F748 ] Modem G:\WINDOWS\system32\drivers\Modem.sys
21:09:28.0703 2384 Modem - ok
21:09:28.0734 2384 [ 71E15CA47FD947552054AFB28536268F ] Mouclass G:\WINDOWS\system32\DRIVERS\mouclass.sys
21:09:28.0750 2384 Mouclass - ok
21:09:28.0796 2384 [ 66A6F73C74E1791464160A7065CE711A ] mouhid G:\WINDOWS\system32\DRIVERS\mouhid.sys
21:09:28.0796 2384 mouhid - ok
21:09:28.0828 2384 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr G:\WINDOWS\system32\drivers\MountMgr.sys
21:09:28.0828 2384 MountMgr - ok
21:09:28.0859 2384 mraid35x - ok
21:09:28.0890 2384 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV G:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:09:28.0906 2384 MRxDAV - ok
21:09:28.0953 2384 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb G:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:09:28.0968 2384 MRxSmb - ok
21:09:29.0046 2384 [ D059F9C7752EF461476E83180DAA5C62 ] MSDTC G:\WINDOWS\system32\msdtc.exe
21:09:29.0046 2384 MSDTC - ok
21:09:29.0125 2384 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs G:\WINDOWS\system32\drivers\Msfs.sys
21:09:29.0125 2384 Msfs - ok
21:09:29.0140 2384 MSIServer - ok
21:09:29.0187 2384 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV G:\WINDOWS\system32\drivers\MSKSSRV.sys
21:09:29.0187 2384 MSKSSRV - ok
21:09:29.0234 2384 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK G:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:09:29.0234 2384 MSPCLOCK - ok
21:09:29.0265 2384 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM G:\WINDOWS\system32\drivers\MSPQM.sys
21:09:29.0265 2384 MSPQM - ok
21:09:29.0328 2384 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios G:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:09:29.0328 2384 mssmbios - ok
21:09:29.0375 2384 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup G:\WINDOWS\system32\drivers\Mup.sys
21:09:29.0375 2384 Mup - ok
21:09:29.0421 2384 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS G:\WINDOWS\system32\drivers\NDIS.sys
21:09:29.0421 2384 NDIS - ok
21:09:29.0453 2384 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi G:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:09:29.0453 2384 NdisTapi - ok
21:09:29.0531 2384 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio G:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:09:29.0531 2384 Ndisuio - ok
21:09:29.0562 2384 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan G:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:09:29.0562 2384 NdisWan - ok
21:09:29.0593 2384 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy G:\WINDOWS\system32\drivers\NDProxy.sys
21:09:29.0593 2384 NDProxy - ok
21:09:29.0625 2384 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS G:\WINDOWS\system32\DRIVERS\netbios.sys
21:09:29.0625 2384 NetBIOS - ok
21:09:29.0656 2384 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT G:\WINDOWS\system32\DRIVERS\netbt.sys
21:09:29.0671 2384 NetBT - ok
21:09:29.0718 2384 [ F4EFF57254F565F39B6029150414A0D5 ] NetDDE G:\WINDOWS\system32\netdde.exe
21:09:29.0718 2384 NetDDE - ok
21:09:29.0750 2384 [ F4EFF57254F565F39B6029150414A0D5 ] NetDDEdsdm G:\WINDOWS\system32\netdde.exe
21:09:29.0765 2384 NetDDEdsdm - ok
21:09:29.0796 2384 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] Netlogon G:\WINDOWS\system32\lsass.exe
21:09:29.0812 2384 Netlogon - ok
21:09:29.0859 2384 [ CDF4DA6B518105343FE9E8AFBBF8FBF4 ] Netman G:\WINDOWS\System32\netman.dll
21:09:29.0859 2384 Netman - ok
21:09:29.0906 2384 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:09:29.0906 2384 NetTcpPortSharing - ok
21:09:29.0968 2384 [ B36E08F680BAE4DFC5C24D00A2DFC9E7 ] Nla G:\WINDOWS\System32\mswsock.dll
21:09:29.0968 2384 Nla - ok
21:09:30.0015 2384 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs G:\WINDOWS\system32\drivers\Npfs.sys
21:09:30.0015 2384 Npfs - ok
21:09:30.0093 2384 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs G:\WINDOWS\system32\drivers\Ntfs.sys
21:09:30.0109 2384 Ntfs - ok
21:09:30.0140 2384 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] NtLmSsp G:\WINDOWS\system32\lsass.exe
21:09:30.0140 2384 NtLmSsp - ok
21:09:30.0234 2384 [ 428AA946A8D9F32DBB4260C8E6E13377 ] NtmsSvc G:\WINDOWS\system32\ntmssvc.dll
21:09:30.0250 2384 NtmsSvc - ok
21:09:30.0296 2384 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null G:\WINDOWS\system32\drivers\Null.sys
21:09:30.0296 2384 Null - ok
21:09:30.0421 2384 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv G:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:09:30.0500 2384 nv - ok
21:09:30.0562 2384 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt G:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:09:30.0562 2384 NwlnkFlt - ok
21:09:30.0593 2384 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd G:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:09:30.0593 2384 NwlnkFwd - ok
21:09:30.0687 2384 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv G:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
21:09:30.0703 2384 odserv - ok
21:09:30.0781 2384 [ 5A432A042DAE460ABE7199B758E8606C ] ose G:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:09:30.0781 2384 ose - ok
21:09:30.0875 2384 [ B2F17A2EDB5450E61973A037F63A595B ] Parport G:\WINDOWS\system32\DRIVERS\parport.sys
21:09:30.0890 2384 Parport - ok
21:09:30.0921 2384 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr G:\WINDOWS\system32\drivers\PartMgr.sys
21:09:30.0921 2384 PartMgr - ok
21:09:30.0984 2384 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm G:\WINDOWS\system32\drivers\ParVdm.sys
21:09:30.0984 2384 ParVdm - ok
21:09:31.0031 2384 [ 6FB463E5B243FBD6F3D3C83F914D94FB ] PCI G:\WINDOWS\system32\DRIVERS\pci.sys
21:09:31.0031 2384 PCI - ok
21:09:31.0062 2384 PCIDump - ok
21:09:31.0109 2384 PCIIde - ok
21:09:31.0171 2384 [ E2363F4C1DAFF89ABEE5F593E13D8A05 ] Pcmcia G:\WINDOWS\system32\drivers\Pcmcia.sys
21:09:31.0171 2384 Pcmcia - ok
21:09:31.0187 2384 PDCOMP - ok
21:09:31.0218 2384 PDFRAME - ok
21:09:31.0250 2384 PDRELI - ok
21:09:31.0281 2384 PDRFRAME - ok
21:09:31.0312 2384 perc2 - ok
21:09:31.0343 2384 perc2hib - ok
21:09:31.0437 2384 [ EDB6B81761BD60F32F740BBC40AFB676 ] PlugPlay G:\WINDOWS\system32\services.exe
21:09:31.0453 2384 PlugPlay - ok
21:09:31.0484 2384 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] PolicyAgent G:\WINDOWS\system32\lsass.exe
21:09:31.0484 2384 PolicyAgent - ok
21:09:31.0515 2384 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport G:\WINDOWS\system32\DRIVERS\raspptp.sys
21:09:31.0515 2384 PptpMiniport - ok
21:09:31.0546 2384 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] ProtectedStorage G:\WINDOWS\system32\lsass.exe
21:09:31.0546 2384 ProtectedStorage - ok
21:09:31.0578 2384 [ 48671F327553DCF1D27F6197F622A668 ] PSched G:\WINDOWS\system32\DRIVERS\psched.sys
21:09:31.0578 2384 PSched - ok
21:09:31.0609 2384 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink G:\WINDOWS\system32\DRIVERS\ptilink.sys
21:09:31.0625 2384 Ptilink - ok
21:09:31.0640 2384 ql1080 - ok
21:09:31.0656 2384 Ql10wnt - ok
21:09:31.0687 2384 ql12160 - ok
21:09:31.0718 2384 ql1240 - ok
21:09:31.0750 2384 ql1280 - ok
21:09:31.0812 2384 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd G:\WINDOWS\system32\DRIVERS\rasacd.sys
21:09:31.0812 2384 RasAcd - ok
21:09:31.0906 2384 [ E3C6E87C1F84584A773D7C3DD205DBFF ] RasAuto G:\WINDOWS\System32\rasauto.dll
21:09:31.0906 2384 RasAuto - ok
21:09:31.0968 2384 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp G:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:09:31.0968 2384 Rasl2tp - ok
21:09:32.0015 2384 [ A5D2D745A2AEFA327DCA6DA317B5FD70 ] RasMan G:\WINDOWS\System32\rasmans.dll
21:09:32.0015 2384 RasMan - ok
21:09:32.0046 2384 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe G:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:09:32.0046 2384 RasPppoe - ok
21:09:32.0093 2384 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti G:\WINDOWS\system32\DRIVERS\raspti.sys
21:09:32.0093 2384 Raspti - ok
21:09:32.0140 2384 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss G:\WINDOWS\system32\DRIVERS\rdbss.sys
21:09:32.0156 2384 Rdbss - ok
21:09:32.0187 2384 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD G:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:09:32.0187 2384 RDPCDD - ok
21:09:32.0296 2384 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD G:\WINDOWS\system32\drivers\RDPWD.sys
21:09:32.0312 2384 RDPWD - ok
21:09:32.0359 2384 [ AEC159942DF64A9890072D7BB1797762 ] RDSessMgr G:\WINDOWS\system32\sessmgr.exe
21:09:32.0359 2384 RDSessMgr - ok
21:09:32.0421 2384 [ AA56702E230860565CB8D43680F57F33 ] redbook G:\WINDOWS\system32\DRIVERS\redbook.sys
21:09:32.0421 2384 redbook - ok
21:09:32.0500 2384 [ EBA80CDF25E02084857957E820004934 ] RemoteAccess G:\WINDOWS\System32\mprdim.dll
21:09:32.0500 2384 RemoteAccess - ok
21:09:32.0562 2384 [ DA23F9F3F1B1871120F980A6879581AC ] RpcLocator G:\WINDOWS\system32\locator.exe
21:09:32.0562 2384 RpcLocator - ok
21:09:32.0609 2384 [ 9F28FF58D6D67B123272869D89D14004 ] RpcSs G:\WINDOWS\system32\rpcss.dll
21:09:32.0625 2384 RpcSs - ok
21:09:32.0687 2384 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP G:\WINDOWS\system32\rsvp.exe
21:09:32.0687 2384 RSVP - ok
21:09:32.0734 2384 RT73 - ok
21:09:32.0781 2384 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] SamSs G:\WINDOWS\system32\lsass.exe
21:09:32.0781 2384 SamSs - ok
21:09:32.0843 2384 [ B4CF7B42DE6CFA6FDE7D6AF4DAA55F57 ] SCardSvr G:\WINDOWS\System32\SCardSvr.exe
21:09:32.0859 2384 SCardSvr - ok
21:09:32.0921 2384 [ D5E73842F38E24457C63FEF8CEFFBE19 ] Schedule G:\WINDOWS\system32\schedsvc.dll
21:09:32.0937 2384 Schedule - ok
21:09:32.0984 2384 Scutum50 - ok
21:09:33.0031 2384 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv G:\WINDOWS\system32\DRIVERS\secdrv.sys
21:09:33.0046 2384 Secdrv - ok
21:09:33.0093 2384 [ FED544B43903FB801B106F062110358A ] seclogon G:\WINDOWS\System32\seclogon.dll
21:09:33.0093 2384 seclogon - ok
21:09:33.0109 2384 [ AB74D986C1DD0D0C95B6AD37EC1E9F4F ] SENS G:\WINDOWS\system32\sens.dll
21:09:33.0109 2384 SENS - ok
21:09:33.0156 2384 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum G:\WINDOWS\system32\DRIVERS\serenum.sys
21:09:33.0156 2384 serenum - ok
21:09:33.0187 2384 [ CD5B9995AFCDB466C9EFC048D167E3BE ] Serial G:\WINDOWS\system32\DRIVERS\serial.sys
21:09:33.0203 2384 Serial - ok
21:09:33.0265 2384 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy G:\WINDOWS\system32\drivers\Sfloppy.sys
21:09:33.0265 2384 Sfloppy - ok
21:09:33.0312 2384 [ 9245420422E409A25C1410ACB4244060 ] SharedAccess G:\WINDOWS\System32\ipnathlp.dll
21:09:33.0328 2384 SharedAccess - ok
21:09:33.0375 2384 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] ShellHWDetection G:\WINDOWS\System32\shsvcs.dll
21:09:33.0375 2384 ShellHWDetection - ok
21:09:33.0406 2384 Simbad - ok
21:09:33.0453 2384 Sparrow - ok
21:09:33.0515 2384 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter G:\WINDOWS\system32\drivers\splitter.sys
21:09:33.0515 2384 splitter - ok
21:09:33.0562 2384 [ 54E7113A4BD696E430919BCAF5C65E06 ] Spooler G:\WINDOWS\system32\spoolsv.exe
21:09:33.0562 2384 Spooler - ok
21:09:33.0625 2384 [ E4200CB2F418D8FC4ACDD7E38C419D6A ] sr G:\WINDOWS\system32\DRIVERS\sr.sys
21:09:33.0640 2384 sr - ok
21:09:33.0703 2384 [ 015F302C4CF961F20C3F98F3A7CA7917 ] srservice G:\WINDOWS\system32\srsvc.dll
21:09:33.0703 2384 srservice - ok
21:09:33.0765 2384 [ 20B7E396720353E4117D64D9DCB926CA ] Srv G:\WINDOWS\system32\DRIVERS\srv.sys
21:09:33.0765 2384 Srv - ok
21:09:33.0828 2384 [ 6FA03B462B2FFFE2627171B7FE73EE29 ] SSDPSRV G:\WINDOWS\System32\ssdpsrv.dll
21:09:33.0843 2384 SSDPSRV - ok
21:09:33.0906 2384 [ 7E751068ADA60FC77638622E86A7CD9E ] stisvc G:\WINDOWS\system32\wiaservc.dll
21:09:33.0921 2384 stisvc - ok
21:09:33.0953 2384 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum G:\WINDOWS\system32\DRIVERS\swenum.sys
21:09:33.0953 2384 swenum - ok
21:09:34.0015 2384 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi G:\WINDOWS\system32\drivers\swmidi.sys
21:09:34.0015 2384 swmidi - ok
21:09:34.0031 2384 SwPrv - ok
21:09:34.0078 2384 symc810 - ok
21:09:34.0109 2384 symc8xx - ok
21:09:34.0140 2384 sym_hi - ok
21:09:34.0171 2384 sym_u3 - ok
21:09:34.0203 2384 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio G:\WINDOWS\system32\drivers\sysaudio.sys
21:09:34.0218 2384 sysaudio - ok
21:09:34.0265 2384 [ 6D0C43DF9D3A7C5A9B4F94772CBD5DDC ] SysmonLog G:\WINDOWS\system32\smlogsvc.exe
21:09:34.0265 2384 SysmonLog - ok
21:09:34.0328 2384 [ 4584E2A5FE662AB3E7C32936E1449043 ] TapiSrv G:\WINDOWS\System32\tapisrv.dll
21:09:34.0328 2384 TapiSrv - ok
21:09:34.0390 2384 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip G:\WINDOWS\system32\DRIVERS\tcpip.sys
21:09:34.0406 2384 Tcpip - ok
21:09:34.0468 2384 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE G:\WINDOWS\system32\drivers\TDPIPE.sys
21:09:34.0468 2384 TDPIPE - ok
21:09:34.0515 2384 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP G:\WINDOWS\system32\drivers\TDTCP.sys
21:09:34.0515 2384 TDTCP - ok
21:09:34.0578 2384 [ A540A99C281D933F3D69D55E48727F47 ] TermDD G:\WINDOWS\system32\DRIVERS\termdd.sys
21:09:34.0578 2384 TermDD - ok
21:09:34.0640 2384 [ 1850BC10DE5DCCCEDE063FC2D0F2CEDA ] TermService G:\WINDOWS\System32\termsrv.dll
21:09:34.0656 2384 TermService - ok
21:09:34.0734 2384 [ 46B389E1A1C8E66D877402FC0821A371 ] TGCM_ImportWiFiSvc G:\Programme\o2\Mobile Connection Manager\ImpWiFiSvc.exe
21:09:34.0750 2384 TGCM_ImportWiFiSvc - ok
21:09:34.0796 2384 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] Themes G:\WINDOWS\System32\shsvcs.dll
21:09:34.0796 2384 Themes - ok
21:09:34.0875 2384 [ E27982D1C30AE1DD7EB8EB5CAF8D20C6 ] tidnet G:\WINDOWS\system32\DRIVERS\tidnet.sys
21:09:34.0875 2384 tidnet - ok
21:09:34.0906 2384 TosIde - ok
21:09:34.0953 2384 [ A34E894201D66E380E1FA96FE11B587E ] TrkWks G:\WINDOWS\system32\trkwks.dll
21:09:34.0968 2384 TrkWks - ok
21:09:35.0046 2384 [ 49C805D42D75EDDC9B6A7130999C9054 ] uagp35 G:\WINDOWS\system32\DRIVERS\uagp35.sys
21:09:35.0046 2384 uagp35 - ok
21:09:35.0093 2384 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs G:\WINDOWS\system32\drivers\Udfs.sys
21:09:35.0093 2384 Udfs - ok
21:09:35.0125 2384 ultra - ok
21:09:35.0218 2384 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update G:\WINDOWS\system32\DRIVERS\update.sys
21:09:35.0218 2384 Update - ok
21:09:35.0265 2384 [ 09D4A2D7C5A8ABEC227D118765FAADDF ] upnphost G:\WINDOWS\System32\upnphost.dll
21:09:35.0281 2384 upnphost - ok
21:09:35.0312 2384 [ A99F867E76CFDAA28EE305B93F70E84F ] UPS G:\WINDOWS\System32\ups.exe
21:09:35.0312 2384 UPS - ok
21:09:35.0375 2384 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp G:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:09:35.0375 2384 usbccgp - ok
21:09:35.0453 2384 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci G:\WINDOWS\system32\DRIVERS\usbehci.sys
21:09:35.0468 2384 usbehci - ok
21:09:35.0531 2384 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub G:\WINDOWS\system32\DRIVERS\usbhub.sys
21:09:35.0531 2384 usbhub - ok
21:09:35.0593 2384 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint G:\WINDOWS\system32\DRIVERS\usbprint.sys
21:09:35.0593 2384 usbprint - ok
21:09:35.0640 2384 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan G:\WINDOWS\system32\DRIVERS\usbscan.sys
21:09:35.0640 2384 usbscan - ok
21:09:35.0703 2384 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:09:35.0703 2384 usbstor - ok
21:09:35.0750 2384 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci G:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:09:35.0750 2384 usbuhci - ok
21:09:35.0781 2384 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave G:\WINDOWS\System32\drivers\vga.sys
21:09:35.0781 2384 VgaSave - ok
21:09:35.0843 2384 [ 59CB1338AD3654417BEA49636457F65D ] ViaIde G:\WINDOWS\system32\DRIVERS\viaide.sys
21:09:35.0843 2384 ViaIde - ok
21:09:35.0937 2384 [ EC14FEDCFC97F0AF98215CE385AFEC23 ] VIAudio G:\WINDOWS\system32\drivers\viaudios.sys
21:09:35.0937 2384 VIAudio - ok
21:09:36.0015 2384 [ F95C0FCFBCBDA6D8F202D2DF4052F88D ] videX32 G:\WINDOWS\system32\DRIVERS\videX32.sys
21:09:36.0015 2384 videX32 - ok
21:09:36.0062 2384 [ D6888520FF56D72A50437E371CA25FC9 ] VolSnap G:\WINDOWS\system32\drivers\VolSnap.sys
21:09:36.0062 2384 VolSnap - ok
21:09:36.0125 2384 [ AAF94BC88ECDF0AE0586805DAD1E59C4 ] Vsp G:\WINDOWS\system32\drivers\Vsp.sys
21:09:36.0125 2384 Vsp - ok
21:09:36.0171 2384 [ 6635ECBF0D8090DC3A452D0D072B5D5B ] VSS G:\WINDOWS\System32\vssvc.exe
21:09:36.0187 2384 VSS - ok
21:09:36.0265 2384 [ C6D874CD2A5B83CD11CDEBD28A638584 ] W32Time G:\WINDOWS\system32\w32time.dll
21:09:36.0265 2384 W32Time - ok
21:09:36.0328 2384 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp G:\WINDOWS\system32\DRIVERS\wanarp.sys
21:09:36.0328 2384 Wanarp - ok
21:09:36.0406 2384 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 G:\WINDOWS\system32\Drivers\wdf01000.sys
21:09:36.0406 2384 Wdf01000 - ok
21:09:36.0453 2384 WDICA - ok
21:09:36.0515 2384 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud G:\WINDOWS\system32\drivers\wdmaud.sys
21:09:36.0515 2384 wdmaud - ok
21:09:36.0546 2384 [ 1EB51FEEA9D3208EAE60604F4346C02E ] WebClient G:\WINDOWS\System32\webclnt.dll
21:09:36.0546 2384 WebClient - ok
21:09:36.0640 2384 [ DA2DADB42916E59C6E4BBA593BCCDA73 ] winmgmt G:\WINDOWS\system32\wbem\WMIsvc.dll
21:09:36.0656 2384 winmgmt - ok
21:09:36.0750 2384 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN G:\WINDOWS\system32\mspmsnsv.dll
21:09:36.0765 2384 WmdmPmSN - ok
21:09:36.0843 2384 [ 042A78FCD1ADFB0FBA9865D55C6F5CC1 ] WmiApSrv G:\WINDOWS\system32\wbem\wmiapsrv.exe
21:09:36.0843 2384 WmiApSrv - ok
21:09:36.0968 2384 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc G:\Programme\Windows Media Player\WMPNetwk.exe
21:09:36.0984 2384 WMPNetworkSvc - ok
21:09:37.0046 2384 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb G:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:09:37.0046 2384 WpdUsb - ok
21:09:37.0125 2384 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:09:37.0156 2384 WPFFontCache_v0400 - ok
21:09:37.0250 2384 [ BD3561AAE748150CF51C2CA876449EA7 ] wscsvc G:\WINDOWS\system32\wscsvc.dll
21:09:37.0250 2384 wscsvc - ok
21:09:37.0328 2384 [ 1EDDD5C0ECF3FA6EDFD8A25B2B4E7DF6 ] wuauserv G:\WINDOWS\system32\wuauserv.dll
21:09:37.0328 2384 wuauserv - ok
21:09:37.0406 2384 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf G:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:09:37.0406 2384 WudfPf - ok
21:09:37.0437 2384 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd G:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:09:37.0437 2384 WudfRd - ok
21:09:37.0484 2384 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc G:\WINDOWS\System32\WUDFSvc.dll
21:09:37.0484 2384 WudfSvc - ok
21:09:37.0593 2384 [ AE83ADA96575DACF533C2BCB1FC163DC ] WZCSVC G:\WINDOWS\System32\wzcsvc.dll
21:09:37.0609 2384 WZCSVC - ok
21:09:37.0671 2384 [ 8302DE1C64618D72346DD0034DBC5D9B ] xmlprov G:\WINDOWS\System32\xmlprov.dll
21:09:37.0687 2384 xmlprov - ok
21:09:37.0734 2384 ================ Scan global ===============================
21:09:37.0781 2384 [ 1B91BAC6996731EE8925F58205DCB016 ] G:\WINDOWS\system32\basesrv.dll
21:09:37.0812 2384 [ 6D4006EF6E45030BCA14CBFE8893E9B9 ] G:\WINDOWS\system32\winsrv.dll
21:09:37.0843 2384 [ 6D4006EF6E45030BCA14CBFE8893E9B9 ] G:\WINDOWS\system32\winsrv.dll
21:09:37.0875 2384 [ EDB6B81761BD60F32F740BBC40AFB676 ] G:\WINDOWS\system32\services.exe
21:09:37.0890 2384 [Global] - ok
21:09:37.0906 2384 ================ Scan MBR ==================================
21:09:37.0937 2384 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:09:38.0109 2384 \Device\Harddisk0\DR0 - ok
21:09:38.0140 2384 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
21:09:41.0625 2384 \Device\Harddisk1\DR3 - ok
21:09:41.0640 2384 ================ Scan VBR ==================================
21:09:41.0656 2384 [ 7767DD76ED07D454C8DB40C296EE48F1 ] \Device\Harddisk0\DR0\Partition1
21:09:41.0656 2384 \Device\Harddisk0\DR0\Partition1 - ok
21:09:41.0687 2384 [ 3E57A3E1ACC2759C5D5471AE388F0FE2 ] \Device\Harddisk0\DR0\Partition2
21:09:41.0687 2384 \Device\Harddisk0\DR0\Partition2 - ok
21:09:41.0734 2384 [ F0A7C68AAB2DAB44E1D8973DD1AE2B87 ] \Device\Harddisk1\DR3\Partition1
21:09:41.0734 2384 \Device\Harddisk1\DR3\Partition1 - ok
21:09:41.0750 2384 ============================================================
21:09:41.0750 2384 Scan finished
21:09:41.0750 2384 ============================================================
21:09:41.0796 2376 Detected object count: 0
21:09:41.0796 2376 Actual detected object count: 0
21:10:27.0640 2400 ============================================================
21:10:27.0640 2400 Scan started
21:10:27.0640 2400 Mode: Manual;
21:10:27.0640 2400 ============================================================
21:10:27.0796 2400 ================ Scan system memory ========================
21:10:28.0125 2400 System memory - ok
21:10:28.0156 2400 ================ Scan services =============================
21:10:28.0328 2400 Abiosdsk - ok
21:10:28.0359 2400 abp480n5 - ok
21:10:28.0453 2400 [ 94B4741D2CF9ED38140B831293D1601A ] ACPI G:\WINDOWS\system32\DRIVERS\ACPI.sys
21:10:28.0453 2400 ACPI - ok
21:10:28.0500 2400 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC G:\WINDOWS\system32\drivers\ACPIEC.sys
21:10:28.0500 2400 ACPIEC - ok
21:10:28.0546 2400 adpu160m - ok
21:10:28.0593 2400 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec G:\WINDOWS\system32\drivers\aec.sys
21:10:28.0609 2400 aec - ok
21:10:28.0656 2400 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD G:\WINDOWS\System32\drivers\afd.sys
21:10:28.0656 2400 AFD - ok
21:10:28.0687 2400 Aha154x - ok
21:10:28.0718 2400 aic78u2 - ok
21:10:28.0750 2400 aic78xx - ok
21:10:28.0828 2400 [ 1AAB6C5F8376357CB9B16C38C42C4076 ] Alerter G:\WINDOWS\system32\alrsvc.dll
21:10:28.0828 2400 Alerter - ok
21:10:28.0875 2400 [ 6596DD260FFDE1BDC994C1DF236307BB ] ALG G:\WINDOWS\System32\alg.exe
21:10:28.0875 2400 ALG - ok
21:10:28.0890 2400 AliIde - ok
21:10:28.0937 2400 [ FBF9FFB0B638DF1448821BD0ACEEB780 ] AmdK7 G:\WINDOWS\system32\DRIVERS\amdk7.sys
21:10:28.0937 2400 AmdK7 - ok
21:10:28.0968 2400 amsint - ok
21:10:29.0000 2400 AppMgmt - ok
21:10:29.0031 2400 asc - ok
21:10:29.0046 2400 asc3350p - ok
21:10:29.0078 2400 asc3550 - ok
21:10:29.0234 2400 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:10:29.0234 2400 aspnet_state - ok
21:10:29.0296 2400 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac G:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:10:29.0296 2400 AsyncMac - ok
21:10:29.0359 2400 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi G:\WINDOWS\system32\DRIVERS\atapi.sys
21:10:29.0359 2400 atapi - ok
21:10:29.0390 2400 Atdisk - ok
21:10:29.0468 2400 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc G:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:10:29.0468 2400 Atmarpc - ok
21:10:29.0500 2400 [ E98B8250398F6637B335A76BA8DFB602 ] AudioSrv G:\WINDOWS\System32\audiosrv.dll
21:10:29.0500 2400 AudioSrv - ok
21:10:29.0562 2400 [ D9F724AA26C010A217C97606B160ED68 ] audstub G:\WINDOWS\system32\DRIVERS\audstub.sys
21:10:29.0578 2400 audstub - ok
21:10:29.0640 2400 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep G:\WINDOWS\system32\drivers\Beep.sys
21:10:29.0640 2400 Beep - ok
21:10:29.0718 2400 [ 3A5E54A9AB96EF2D273B58136FB58EFE ] BITS G:\WINDOWS\system32\qmgr.dll
21:10:29.0734 2400 BITS - ok
21:10:29.0781 2400 [ D8653DCD80CF2EBB333FC4FCC43A7DEF ] Browser G:\WINDOWS\System32\browser.dll
21:10:29.0781 2400 Browser - ok
21:10:29.0843 2400 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k G:\WINDOWS\system32\drivers\cbidf2k.sys
21:10:29.0843 2400 cbidf2k - ok
21:10:29.0859 2400 cd20xrnt - ok
21:10:29.0921 2400 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio G:\WINDOWS\system32\drivers\Cdaudio.sys
21:10:29.0921 2400 Cdaudio - ok
21:10:29.0968 2400 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs G:\WINDOWS\system32\drivers\Cdfs.sys
21:10:29.0968 2400 Cdfs - ok
21:10:30.0031 2400 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom G:\WINDOWS\system32\DRIVERS\cdrom.sys
21:10:30.0031 2400 Cdrom - ok
21:10:30.0062 2400 Changer - ok
21:10:30.0125 2400 [ 234D52C63C67A8CF4AF9BECCE43BFB4A ] CiSvc G:\WINDOWS\system32\cisvc.exe
21:10:30.0125 2400 CiSvc - ok
21:10:30.0171 2400 [ 0461868578D29DC18FB1C79933C5158A ] ClipSrv G:\WINDOWS\system32\clipsrv.exe
21:10:30.0171 2400 ClipSrv - ok
21:10:30.0234 2400 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 G:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:10:30.0234 2400 clr_optimization_v2.0.50727_32 - ok
21:10:30.0296 2400 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:10:30.0296 2400 clr_optimization_v4.0.30319_32 - ok
21:10:30.0328 2400 CmdIde - ok
21:10:30.0359 2400 COMSysApp - ok
21:10:30.0437 2400 Cpqarray - ok
21:10:30.0500 2400 [ 1A5F9DB98DF7955B4C7CBDBF2C638238 ] CryptSvc G:\WINDOWS\System32\cryptsvc.dll
21:10:30.0500 2400 CryptSvc - ok
21:10:30.0531 2400 dac2w2k - ok
21:10:30.0578 2400 dac960nt - ok
21:10:30.0625 2400 [ 9F28FF58D6D67B123272869D89D14004 ] DcomLaunch G:\WINDOWS\system32\rpcss.dll
21:10:30.0640 2400 DcomLaunch - ok
21:10:30.0765 2400 [ CC8B5C964B777F4EC3E89F13B4B5FF0F ] DCService.exe G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\DCService.exe
21:10:30.0765 2400 DCService.exe - ok
21:10:30.0843 2400 [ 69F986B2688BA95A0D9362B0E233D5FF ] Dhcp G:\WINDOWS\System32\dhcpcsvc.dll
21:10:30.0843 2400 Dhcp - ok
21:10:30.0875 2400 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk G:\WINDOWS\system32\DRIVERS\disk.sys
21:10:30.0875 2400 Disk - ok
21:10:30.0906 2400 dmadmin - ok
21:10:31.0000 2400 [ 5789B83BA87FC84C3568CF86CACEF8CE ] dmboot G:\WINDOWS\system32\drivers\dmboot.sys
21:10:31.0015 2400 dmboot - ok
21:10:31.0078 2400 [ 084EB0A50A4F7B4705C8A57F234E5291 ] dmio G:\WINDOWS\system32\drivers\dmio.sys
21:10:31.0078 2400 dmio - ok
21:10:31.0125 2400 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload G:\WINDOWS\system32\drivers\dmload.sys
21:10:31.0125 2400 dmload - ok
21:10:31.0171 2400 [ FA2D9D1A9F6B5A88D01E1685CE2378BA ] dmserver G:\WINDOWS\System32\dmserver.dll
21:10:31.0171 2400 dmserver - ok
21:10:31.0234 2400 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic G:\WINDOWS\system32\drivers\DMusic.sys
21:10:31.0234 2400 DMusic - ok
21:10:31.0296 2400 [ D1F5B71BBAEEE07B78980DBD878C0BC7 ] Dnscache G:\WINDOWS\System32\dnsrslvr.dll
21:10:31.0296 2400 Dnscache - ok
21:10:31.0328 2400 dpti2o - ok
21:10:31.0359 2400 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud G:\WINDOWS\system32\drivers\drmkaud.sys
21:10:31.0359 2400 drmkaud - ok
21:10:31.0421 2400 [ 877A4512CC9074D6954776AF47021766 ] ERSvc G:\WINDOWS\System32\ersvc.dll
21:10:31.0421 2400 ERSvc - ok
21:10:31.0468 2400 [ EDB6B81761BD60F32F740BBC40AFB676 ] Eventlog G:\WINDOWS\system32\services.exe
21:10:31.0468 2400 Eventlog - ok
21:10:31.0500 2400 [ 4E1A8645EE77CB9454FFE53C59620A25 ] EventSystem G:\WINDOWS\system32\es.dll
21:10:31.0515 2400 EventSystem - ok
21:10:31.0578 2400 [ A52794C010C6DF5B4BC70C4AB5E04088 ] ewusbnet G:\WINDOWS\system32\DRIVERS\ewusbnet.sys
21:10:31.0578 2400 ewusbnet - ok
21:10:31.0640 2400 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev G:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
21:10:31.0656 2400 ew_hwusbdev - ok
21:10:31.0718 2400 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat G:\WINDOWS\system32\drivers\Fastfat.sys
21:10:31.0718 2400 Fastfat - ok
21:10:31.0781 2400 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] FastUserSwitchingCompatibility G:\WINDOWS\System32\shsvcs.dll
21:10:31.0781 2400 FastUserSwitchingCompatibility - ok
21:10:31.0843 2400 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc G:\WINDOWS\system32\DRIVERS\fdc.sys
21:10:31.0843 2400 Fdc - ok
21:10:31.0906 2400 [ 8787449F8EF116DB0E8E06C3555746A7 ] FET5X86V G:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
21:10:31.0906 2400 FET5X86V - ok
21:10:31.0968 2400 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS G:\WINDOWS\system32\DRIVERS\fetnd5.sys
21:10:31.0968 2400 FETNDIS - ok
21:10:32.0031 2400 [ 9E9AF89F9B14AA6249065C309CE73BD8 ] Fips G:\WINDOWS\system32\drivers\Fips.sys
21:10:32.0046 2400 Fips - ok
21:10:32.0109 2400 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk G:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:10:32.0109 2400 Flpydisk - ok
21:10:32.0156 2400 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr G:\WINDOWS\system32\drivers\fltmgr.sys
21:10:32.0156 2400 FltMgr - ok
21:10:32.0187 2400 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec G:\WINDOWS\system32\drivers\Fs_Rec.sys
21:10:32.0187 2400 Fs_Rec - ok
21:10:32.0234 2400 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk G:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:10:32.0234 2400 Ftdisk - ok
21:10:32.0265 2400 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc G:\WINDOWS\system32\DRIVERS\msgpc.sys
21:10:32.0265 2400 Gpc - ok
21:10:32.0343 2400 [ BA85BCF1A2BCF927C3600574173403E0 ] helpsvc G:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:10:32.0343 2400 helpsvc - ok
21:10:32.0406 2400 [ B647CA198B9C73056ABFB0A9D8F4916D ] HidServ G:\WINDOWS\System32\hidserv.dll
21:10:32.0406 2400 HidServ - ok
21:10:32.0437 2400 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb G:\WINDOWS\system32\DRIVERS\hidusb.sys
21:10:32.0453 2400 hidusb - ok
21:10:32.0500 2400 hpn - ok
21:10:32.0562 2400 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP G:\WINDOWS\system32\Drivers\HTTP.sys
21:10:32.0578 2400 HTTP - ok
21:10:32.0625 2400 [ 9EC7E866BBDBF3ECC0E67F4E0A838EB2 ] HTTPFilter G:\WINDOWS\System32\w3ssl.dll
21:10:32.0625 2400 HTTPFilter - ok
21:10:32.0687 2400 [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator G:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
21:10:32.0687 2400 huawei_enumerator - ok
21:10:32.0750 2400 [ 1F40368DC40B17DE3FA0FBE8A9D82F9E ] hwdatacard G:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
21:10:32.0750 2400 hwdatacard - ok
21:10:32.0796 2400 hwusbdev - ok
21:10:32.0843 2400 i2omgmt - ok
21:10:32.0875 2400 i2omp - ok
21:10:32.0906 2400 [ 7C575018D0413440D75432A78B88C899 ] i8042prt G:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:10:32.0921 2400 i8042prt - ok
21:10:32.0968 2400 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi G:\WINDOWS\system32\DRIVERS\imapi.sys
21:10:32.0968 2400 Imapi - ok
21:10:33.0031 2400 [ 57D7267A9ED91ECAF4336B08C9628FCA ] ImapiService G:\WINDOWS\system32\imapi.exe
21:10:33.0031 2400 ImapiService - ok
21:10:33.0078 2400 ini910u - ok
21:10:33.0125 2400 IntelIde - ok
21:10:33.0187 2400 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw G:\WINDOWS\system32\drivers\ip6fw.sys
21:10:33.0187 2400 Ip6Fw - ok
21:10:33.0234 2400 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver G:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:10:33.0234 2400 IpFilterDriver - ok
21:10:33.0296 2400 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp G:\WINDOWS\system32\DRIVERS\ipinip.sys
21:10:33.0296 2400 IpInIp - ok
21:10:33.0343 2400 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat G:\WINDOWS\system32\DRIVERS\ipnat.sys
21:10:33.0343 2400 IpNat - ok
21:10:33.0406 2400 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec G:\WINDOWS\system32\DRIVERS\ipsec.sys
21:10:33.0406 2400 IPSec - ok
21:10:33.0468 2400 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM G:\WINDOWS\system32\DRIVERS\irenum.sys
21:10:33.0468 2400 IRENUM - ok
21:10:33.0546 2400 [ CE9B7AFDF0A3D7DD8D1487262316B959 ] isapnp G:\WINDOWS\system32\DRIVERS\isapnp.sys
21:10:33.0546 2400 isapnp - ok
21:10:33.0609 2400 [ B128FC0A5CD83F669D5DE4B58F77C7D6 ] Kbdclass G:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:10:33.0609 2400 Kbdclass - ok
21:10:33.0671 2400 [ 7EC877AA899323B92874FE62C7DDCDE7 ] kbdhid G:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:10:33.0671 2400 kbdhid - ok
21:10:33.0718 2400 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer G:\WINDOWS\system32\drivers\kmixer.sys
21:10:33.0718 2400 kmixer - ok
21:10:33.0906 2400 [ 613CC08496F1FA91FB43303FB65D37C6 ] Kodak AiO Network Discovery Service G:\Programme\Kodak\AiO\Center\EKAiOHostService.exe
21:10:33.0921 2400 Kodak AiO Network Discovery Service - ok
21:10:33.0968 2400 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD G:\WINDOWS\system32\drivers\KSecDD.sys
21:10:33.0968 2400 KSecDD - ok
21:10:34.0031 2400 [ F8170AA51CD202BC062B8A0983F361B7 ] lanmanserver G:\WINDOWS\System32\srvsvc.dll
21:10:34.0046 2400 lanmanserver - ok
21:10:34.0078 2400 [ 36D74668F5448D55887FA3958488DC06 ] lanmanworkstation G:\WINDOWS\System32\wkssvc.dll
21:10:34.0078 2400 lanmanworkstation - ok
21:10:34.0109 2400 lbrtfdc - ok
21:10:34.0171 2400 [ 4C25FADD7FE1D5BD779B20D3D0EB8D7C ] LmHosts G:\WINDOWS\System32\lmhsvc.dll
21:10:34.0171 2400 LmHosts - ok
21:10:34.0203 2400 [ E5215AB942C5AC5F7EB0E54871D7A27C ] Messenger G:\WINDOWS\System32\msgsvc.dll
21:10:34.0218 2400 Messenger - ok
21:10:34.0296 2400 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service D:\Office12\GrooveAuditService.exe
21:10:34.0296 2400 Microsoft Office Groove Audit Service - ok
21:10:34.0359 2400 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd G:\WINDOWS\system32\drivers\mnmdd.sys
21:10:34.0359 2400 mnmdd - ok
21:10:34.0421 2400 [ BB2470D20405B272EA47CA5E18F1C58E ] mnmsrvc G:\WINDOWS\system32\mnmsrvc.exe
21:10:34.0421 2400 mnmsrvc - ok
21:10:34.0468 2400 [ 91A3DA4B12F6F1D760463A7F7857F748 ] Modem G:\WINDOWS\system32\drivers\Modem.sys
21:10:34.0468 2400 Modem - ok
21:10:34.0500 2400 [ 71E15CA47FD947552054AFB28536268F ] Mouclass G:\WINDOWS\system32\DRIVERS\mouclass.sys
21:10:34.0500 2400 Mouclass - ok
21:10:34.0578 2400 [ 66A6F73C74E1791464160A7065CE711A ] mouhid G:\WINDOWS\system32\DRIVERS\mouhid.sys
21:10:34.0578 2400 mouhid - ok
21:10:34.0609 2400 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr G:\WINDOWS\system32\drivers\MountMgr.sys
21:10:34.0609 2400 MountMgr - ok
21:10:34.0640 2400 mraid35x - ok
21:10:34.0687 2400 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV G:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:10:34.0687 2400 MRxDAV - ok
21:10:34.0734 2400 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb G:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:10:34.0750 2400 MRxSmb - ok
21:10:34.0812 2400 [ D059F9C7752EF461476E83180DAA5C62 ] MSDTC G:\WINDOWS\system32\msdtc.exe
21:10:34.0828 2400 MSDTC - ok
21:10:34.0890 2400 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs G:\WINDOWS\system32\drivers\Msfs.sys
21:10:34.0890 2400 Msfs - ok
21:10:34.0921 2400 MSIServer - ok
21:10:34.0968 2400 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV G:\WINDOWS\system32\drivers\MSKSSRV.sys
21:10:34.0968 2400 MSKSSRV - ok
21:10:35.0015 2400 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK G:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:10:35.0015 2400 MSPCLOCK - ok
21:10:35.0062 2400 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM G:\WINDOWS\system32\drivers\MSPQM.sys
21:10:35.0062 2400 MSPQM - ok
21:10:35.0109 2400 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios G:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:10:35.0109 2400 mssmbios - ok
21:10:35.0156 2400 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup G:\WINDOWS\system32\drivers\Mup.sys
21:10:35.0156 2400 Mup - ok
21:10:35.0203 2400 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS G:\WINDOWS\system32\drivers\NDIS.sys
21:10:35.0203 2400 NDIS - ok
21:10:35.0250 2400 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi G:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:10:35.0250 2400 NdisTapi - ok
21:10:35.0312 2400 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio G:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:10:35.0312 2400 Ndisuio - ok
21:10:35.0343 2400 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan G:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:10:35.0343 2400 NdisWan - ok
21:10:35.0390 2400 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy G:\WINDOWS\system32\drivers\NDProxy.sys
21:10:35.0390 2400 NDProxy - ok
21:10:35.0437 2400 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS G:\WINDOWS\system32\DRIVERS\netbios.sys
21:10:35.0437 2400 NetBIOS - ok
21:10:35.0468 2400 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT G:\WINDOWS\system32\DRIVERS\netbt.sys
21:10:35.0468 2400 NetBT - ok
21:10:35.0546 2400 [ F4EFF57254F565F39B6029150414A0D5 ] NetDDE G:\WINDOWS\system32\netdde.exe
21:10:35.0578 2400 NetDDE - ok
21:10:35.0609 2400 [ F4EFF57254F565F39B6029150414A0D5 ] NetDDEdsdm G:\WINDOWS\system32\netdde.exe
21:10:35.0609 2400 NetDDEdsdm - ok
21:10:35.0640 2400 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] Netlogon G:\WINDOWS\system32\lsass.exe
21:10:35.0656 2400 Netlogon - ok
21:10:35.0703 2400 [ CDF4DA6B518105343FE9E8AFBBF8FBF4 ] Netman G:\WINDOWS\System32\netman.dll
21:10:35.0703 2400 Netman - ok
21:10:35.0750 2400 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:10:35.0750 2400 NetTcpPortSharing - ok
21:10:35.0812 2400 [ B36E08F680BAE4DFC5C24D00A2DFC9E7 ] Nla G:\WINDOWS\System32\mswsock.dll
21:10:35.0812 2400 Nla - ok
21:10:35.0859 2400 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs G:\WINDOWS\system32\drivers\Npfs.sys
21:10:35.0859 2400 Npfs - ok
21:10:35.0937 2400 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs G:\WINDOWS\system32\drivers\Ntfs.sys
21:10:35.0937 2400 Ntfs - ok
21:10:35.0984 2400 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] NtLmSsp G:\WINDOWS\system32\lsass.exe
21:10:35.0984 2400 NtLmSsp - ok
21:10:36.0046 2400 [ 428AA946A8D9F32DBB4260C8E6E13377 ] NtmsSvc G:\WINDOWS\system32\ntmssvc.dll
21:10:36.0062 2400 NtmsSvc - ok
21:10:36.0109 2400 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null G:\WINDOWS\system32\drivers\Null.sys
21:10:36.0109 2400 Null - ok
21:10:36.0234 2400 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv G:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:10:36.0265 2400 nv - ok
21:10:36.0312 2400 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt G:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:10:36.0312 2400 NwlnkFlt - ok
21:10:36.0328 2400 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd G:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:10:36.0328 2400 NwlnkFwd - ok
21:10:36.0453 2400 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv G:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
21:10:36.0468 2400 odserv - ok
21:10:36.0531 2400 [ 5A432A042DAE460ABE7199B758E8606C ] ose G:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:10:36.0531 2400 ose - ok
21:10:36.0578 2400 [ B2F17A2EDB5450E61973A037F63A595B ] Parport G:\WINDOWS\system32\DRIVERS\parport.sys
21:10:36.0578 2400 Parport - ok
21:10:36.0640 2400 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr G:\WINDOWS\system32\drivers\PartMgr.sys
21:10:36.0640 2400 PartMgr - ok
21:10:36.0687 2400 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm G:\WINDOWS\system32\drivers\ParVdm.sys
21:10:36.0687 2400 ParVdm - ok
21:10:36.0718 2400 [ 6FB463E5B243FBD6F3D3C83F914D94FB ] PCI G:\WINDOWS\system32\DRIVERS\pci.sys
21:10:36.0718 2400 PCI - ok
21:10:36.0750 2400 PCIDump - ok
21:10:36.0781 2400 PCIIde - ok
21:10:36.0843 2400 [ E2363F4C1DAFF89ABEE5F593E13D8A05 ] Pcmcia G:\WINDOWS\system32\drivers\Pcmcia.sys
21:10:36.0859 2400 Pcmcia - ok
21:10:36.0890 2400 PDCOMP - ok
21:10:36.0921 2400 PDFRAME - ok
21:10:36.0953 2400 PDRELI - ok
21:10:36.0984 2400 PDRFRAME - ok
21:10:37.0015 2400 perc2 - ok
21:10:37.0046 2400 perc2hib - ok
21:10:37.0140 2400 [ EDB6B81761BD60F32F740BBC40AFB676 ] PlugPlay G:\WINDOWS\system32\services.exe
21:10:37.0156 2400 PlugPlay - ok
21:10:37.0171 2400 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] PolicyAgent G:\WINDOWS\system32\lsass.exe
21:10:37.0171 2400 PolicyAgent - ok
21:10:37.0218 2400 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport G:\WINDOWS\system32\DRIVERS\raspptp.sys
21:10:37.0218 2400 PptpMiniport - ok
21:10:37.0234 2400 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] ProtectedStorage G:\WINDOWS\system32\lsass.exe
21:10:37.0234 2400 ProtectedStorage - ok
21:10:37.0265 2400 [ 48671F327553DCF1D27F6197F622A668 ] PSched G:\WINDOWS\system32\DRIVERS\psched.sys
21:10:37.0281 2400 PSched - ok
21:10:37.0312 2400 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink G:\WINDOWS\system32\DRIVERS\ptilink.sys
21:10:37.0312 2400 Ptilink - ok
21:10:37.0343 2400 ql1080 - ok
21:10:37.0375 2400 Ql10wnt - ok
21:10:37.0390 2400 ql12160 - ok
21:10:37.0421 2400 ql1240 - ok
21:10:37.0453 2400 ql1280 - ok
21:10:37.0484 2400 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd G:\WINDOWS\system32\DRIVERS\rasacd.sys
21:10:37.0484 2400 RasAcd - ok
21:10:37.0546 2400 [ E3C6E87C1F84584A773D7C3DD205DBFF ] RasAuto G:\WINDOWS\System32\rasauto.dll
21:10:37.0546 2400 RasAuto - ok
21:10:37.0578 2400 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp G:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:10:37.0578 2400 Rasl2tp - ok
21:10:37.0625 2400 [ A5D2D745A2AEFA327DCA6DA317B5FD70 ] RasMan G:\WINDOWS\System32\rasmans.dll
21:10:37.0625 2400 RasMan - ok
21:10:37.0656 2400 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe G:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:10:37.0656 2400 RasPppoe - ok
21:10:37.0703 2400 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti G:\WINDOWS\system32\DRIVERS\raspti.sys
21:10:37.0703 2400 Raspti - ok
21:10:37.0734 2400 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss G:\WINDOWS\system32\DRIVERS\rdbss.sys
21:10:37.0750 2400 Rdbss - ok
21:10:37.0765 2400 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD G:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:10:37.0765 2400 RDPCDD - ok
21:10:37.0875 2400 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD G:\WINDOWS\system32\drivers\RDPWD.sys
21:10:37.0875 2400 RDPWD - ok
21:10:37.0921 2400 [ AEC159942DF64A9890072D7BB1797762 ] RDSessMgr G:\WINDOWS\system32\sessmgr.exe
21:10:37.0921 2400 RDSessMgr - ok
21:10:37.0953 2400 [ AA56702E230860565CB8D43680F57F33 ] redbook G:\WINDOWS\system32\DRIVERS\redbook.sys
21:10:37.0953 2400 redbook - ok
21:10:38.0015 2400 [ EBA80CDF25E02084857957E820004934 ] RemoteAccess G:\WINDOWS\System32\mprdim.dll
21:10:38.0015 2400 RemoteAccess - ok
21:10:38.0046 2400 [ DA23F9F3F1B1871120F980A6879581AC ] RpcLocator G:\WINDOWS\system32\locator.exe
21:10:38.0046 2400 RpcLocator - ok
21:10:38.0109 2400 [ 9F28FF58D6D67B123272869D89D14004 ] RpcSs G:\WINDOWS\system32\rpcss.dll
21:10:38.0109 2400 RpcSs - ok
21:10:38.0187 2400 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP G:\WINDOWS\system32\rsvp.exe
21:10:38.0187 2400 RSVP - ok
21:10:38.0218 2400 RT73 - ok
21:10:38.0250 2400 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] SamSs G:\WINDOWS\system32\lsass.exe
21:10:38.0250 2400 SamSs - ok
21:10:38.0312 2400 [ B4CF7B42DE6CFA6FDE7D6AF4DAA55F57 ] SCardSvr G:\WINDOWS\System32\SCardSvr.exe
21:10:38.0312 2400 SCardSvr - ok
21:10:38.0375 2400 [ D5E73842F38E24457C63FEF8CEFFBE19 ] Schedule G:\WINDOWS\system32\schedsvc.dll
21:10:38.0375 2400 Schedule - ok
21:10:38.0421 2400 Scutum50 - ok
21:10:38.0484 2400 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv G:\WINDOWS\system32\DRIVERS\secdrv.sys
21:10:38.0484 2400 Secdrv - ok
21:10:38.0531 2400 [ FED544B43903FB801B106F062110358A ] seclogon G:\WINDOWS\System32\seclogon.dll
21:10:38.0546 2400 seclogon - ok
21:10:38.0578 2400 [ AB74D986C1DD0D0C95B6AD37EC1E9F4F ] SENS G:\WINDOWS\system32\sens.dll
21:10:38.0578 2400 SENS - ok
21:10:38.0609 2400 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum G:\WINDOWS\system32\DRIVERS\serenum.sys
21:10:38.0609 2400 serenum - ok
21:10:38.0640 2400 [ CD5B9995AFCDB466C9EFC048D167E3BE ] Serial G:\WINDOWS\system32\DRIVERS\serial.sys
21:10:38.0656 2400 Serial - ok
21:10:38.0750 2400 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy G:\WINDOWS\system32\drivers\Sfloppy.sys
21:10:38.0750 2400 Sfloppy - ok
21:10:38.0812 2400 [ 9245420422E409A25C1410ACB4244060 ] SharedAccess G:\WINDOWS\System32\ipnathlp.dll
21:10:38.0812 2400 SharedAccess - ok
21:10:38.0859 2400 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] ShellHWDetection G:\WINDOWS\System32\shsvcs.dll
21:10:38.0875 2400 ShellHWDetection - ok
21:10:38.0906 2400 Simbad - ok
21:10:38.0953 2400 Sparrow - ok
21:10:39.0015 2400 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter G:\WINDOWS\system32\drivers\splitter.sys
21:10:39.0015 2400 splitter - ok
21:10:39.0046 2400 [ 54E7113A4BD696E430919BCAF5C65E06 ] Spooler G:\WINDOWS\system32\spoolsv.exe
21:10:39.0062 2400 Spooler - ok
21:10:39.0125 2400 [ E4200CB2F418D8FC4ACDD7E38C419D6A ] sr G:\WINDOWS\system32\DRIVERS\sr.sys
21:10:39.0125 2400 sr - ok
21:10:39.0171 2400 [ 015F302C4CF961F20C3F98F3A7CA7917 ] srservice G:\WINDOWS\system32\srsvc.dll
21:10:39.0171 2400 srservice - ok
21:10:39.0218 2400 [ 20B7E396720353E4117D64D9DCB926CA ] Srv G:\WINDOWS\system32\DRIVERS\srv.sys
21:10:39.0234 2400 Srv - ok
21:10:39.0296 2400 [ 6FA03B462B2FFFE2627171B7FE73EE29 ] SSDPSRV G:\WINDOWS\System32\ssdpsrv.dll
21:10:39.0296 2400 SSDPSRV - ok
21:10:39.0375 2400 [ 7E751068ADA60FC77638622E86A7CD9E ] stisvc G:\WINDOWS\system32\wiaservc.dll
21:10:39.0375 2400 stisvc - ok
21:10:39.0421 2400 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum G:\WINDOWS\system32\DRIVERS\swenum.sys
21:10:39.0421 2400 swenum - ok
21:10:39.0500 2400 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi G:\WINDOWS\system32\drivers\swmidi.sys
21:10:39.0500 2400 swmidi - ok
21:10:39.0531 2400 SwPrv - ok
21:10:39.0578 2400 symc810 - ok
21:10:39.0609 2400 symc8xx - ok
21:10:39.0640 2400 sym_hi - ok
21:10:39.0671 2400 sym_u3 - ok
21:10:39.0734 2400 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio G:\WINDOWS\system32\drivers\sysaudio.sys
21:10:39.0734 2400 sysaudio - ok
21:10:39.0781 2400 [ 6D0C43DF9D3A7C5A9B4F94772CBD5DDC ] SysmonLog G:\WINDOWS\system32\smlogsvc.exe
21:10:39.0781 2400 SysmonLog - ok
21:10:39.0828 2400 [ 4584E2A5FE662AB3E7C32936E1449043 ] TapiSrv G:\WINDOWS\System32\tapisrv.dll
21:10:39.0843 2400 TapiSrv - ok
21:10:39.0890 2400 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip G:\WINDOWS\system32\DRIVERS\tcpip.sys
21:10:39.0906 2400 Tcpip - ok
21:10:39.0953 2400 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE G:\WINDOWS\system32\drivers\TDPIPE.sys
21:10:39.0953 2400 TDPIPE - ok
21:10:39.0984 2400 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP G:\WINDOWS\system32\drivers\TDTCP.sys
21:10:39.0984 2400 TDTCP - ok
21:10:40.0046 2400 [ A540A99C281D933F3D69D55E48727F47 ] TermDD G:\WINDOWS\system32\DRIVERS\termdd.sys
21:10:40.0046 2400 TermDD - ok
21:10:40.0125 2400 [ 1850BC10DE5DCCCEDE063FC2D0F2CEDA ] TermService G:\WINDOWS\System32\termsrv.dll
21:10:40.0125 2400 TermService - ok
21:10:40.0203 2400 [ 46B389E1A1C8E66D877402FC0821A371 ] TGCM_ImportWiFiSvc G:\Programme\o2\Mobile Connection Manager\ImpWiFiSvc.exe
21:10:40.0203 2400 TGCM_ImportWiFiSvc - ok
21:10:40.0265 2400 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] Themes G:\WINDOWS\System32\shsvcs.dll
21:10:40.0265 2400 Themes - ok
21:10:40.0343 2400 [ E27982D1C30AE1DD7EB8EB5CAF8D20C6 ] tidnet G:\WINDOWS\system32\DRIVERS\tidnet.sys
21:10:40.0343 2400 tidnet - ok
21:10:40.0375 2400 TosIde - ok
21:10:40.0406 2400 [ A34E894201D66E380E1FA96FE11B587E ] TrkWks G:\WINDOWS\system32\trkwks.dll
21:10:40.0421 2400 TrkWks - ok
21:10:40.0500 2400 [ 49C805D42D75EDDC9B6A7130999C9054 ] uagp35 G:\WINDOWS\system32\DRIVERS\uagp35.sys
21:10:40.0500 2400 uagp35 - ok
21:10:40.0562 2400 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs G:\WINDOWS\system32\drivers\Udfs.sys
21:10:40.0562 2400 Udfs - ok
21:10:40.0593 2400 ultra - ok
21:10:40.0671 2400 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update G:\WINDOWS\system32\DRIVERS\update.sys
21:10:40.0671 2400 Update - ok
21:10:40.0718 2400 [ 09D4A2D7C5A8ABEC227D118765FAADDF ] upnphost G:\WINDOWS\System32\upnphost.dll
21:10:40.0734 2400 upnphost - ok
21:10:40.0765 2400 [ A99F867E76CFDAA28EE305B93F70E84F ] UPS G:\WINDOWS\System32\ups.exe
21:10:40.0765 2400 UPS - ok
21:10:40.0828 2400 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp G:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:10:40.0828 2400 usbccgp - ok
21:10:40.0906 2400 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci G:\WINDOWS\system32\DRIVERS\usbehci.sys
21:10:40.0906 2400 usbehci - ok
21:10:40.0953 2400 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub G:\WINDOWS\system32\DRIVERS\usbhub.sys
21:10:40.0953 2400 usbhub - ok
21:10:41.0015 2400 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint G:\WINDOWS\system32\DRIVERS\usbprint.sys
21:10:41.0015 2400 usbprint - ok
21:10:41.0062 2400 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan G:\WINDOWS\system32\DRIVERS\usbscan.sys
21:10:41.0062 2400 usbscan - ok
21:10:41.0093 2400 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:10:41.0109 2400 usbstor - ok
21:10:41.0140 2400 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci G:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:10:41.0140 2400 usbuhci - ok
21:10:41.0171 2400 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave G:\WINDOWS\System32\drivers\vga.sys
21:10:41.0171 2400 VgaSave - ok
21:10:41.0218 2400 [ 59CB1338AD3654417BEA49636457F65D ] ViaIde G:\WINDOWS\system32\DRIVERS\viaide.sys
21:10:41.0218 2400 ViaIde - ok
21:10:41.0312 2400 [ EC14FEDCFC97F0AF98215CE385AFEC23 ] VIAudio G:\WINDOWS\system32\drivers\viaudios.sys
21:10:41.0312 2400 VIAudio - ok
21:10:41.0375 2400 [ F95C0FCFBCBDA6D8F202D2DF4052F88D ] videX32 G:\WINDOWS\system32\DRIVERS\videX32.sys
21:10:41.0375 2400 videX32 - ok
21:10:41.0437 2400 [ D6888520FF56D72A50437E371CA25FC9 ] VolSnap G:\WINDOWS\system32\drivers\VolSnap.sys
21:10:41.0437 2400 VolSnap - ok
21:10:41.0484 2400 [ AAF94BC88ECDF0AE0586805DAD1E59C4 ] Vsp G:\WINDOWS\system32\drivers\Vsp.sys
21:10:41.0484 2400 Vsp - ok
21:10:41.0562 2400 [ 6635ECBF0D8090DC3A452D0D072B5D5B ] VSS G:\WINDOWS\System32\vssvc.exe
21:10:41.0562 2400 VSS - ok
21:10:41.0640 2400 [ C6D874CD2A5B83CD11CDEBD28A638584 ] W32Time G:\WINDOWS\system32\w32time.dll
21:10:41.0640 2400 W32Time - ok
21:10:41.0703 2400 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp G:\WINDOWS\system32\DRIVERS\wanarp.sys
21:10:41.0703 2400 Wanarp - ok
21:10:41.0781 2400 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 G:\WINDOWS\system32\Drivers\wdf01000.sys
21:10:41.0796 2400 Wdf01000 - ok
21:10:41.0828 2400 WDICA - ok
21:10:41.0875 2400 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud G:\WINDOWS\system32\drivers\wdmaud.sys
21:10:41.0875 2400 wdmaud - ok
21:10:41.0953 2400 [ 1EB51FEEA9D3208EAE60604F4346C02E ] WebClient G:\WINDOWS\System32\webclnt.dll
21:10:41.0953 2400 WebClient - ok
21:10:42.0062 2400 [ DA2DADB42916E59C6E4BBA593BCCDA73 ] winmgmt G:\WINDOWS\system32\wbem\WMIsvc.dll
21:10:42.0062 2400 winmgmt - ok
21:10:42.0171 2400 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN G:\WINDOWS\system32\mspmsnsv.dll
21:10:42.0171 2400 WmdmPmSN - ok
21:10:42.0281 2400 [ 042A78FCD1ADFB0FBA9865D55C6F5CC1 ] WmiApSrv G:\WINDOWS\system32\wbem\wmiapsrv.exe
21:10:42.0281 2400 WmiApSrv - ok
21:10:42.0375 2400 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc G:\Programme\Windows Media Player\WMPNetwk.exe
21:10:42.0390 2400 WMPNetworkSvc - ok
21:10:42.0453 2400 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb G:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:10:42.0453 2400 WpdUsb - ok
21:10:42.0546 2400 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:10:42.0546 2400 WPFFontCache_v0400 - ok
21:10:42.0625 2400 [ BD3561AAE748150CF51C2CA876449EA7 ] wscsvc G:\WINDOWS\system32\wscsvc.dll
21:10:42.0625 2400 wscsvc - ok
21:10:42.0687 2400 [ 1EDDD5C0ECF3FA6EDFD8A25B2B4E7DF6 ] wuauserv G:\WINDOWS\system32\wuauserv.dll
21:10:42.0687 2400 wuauserv - ok
21:10:42.0750 2400 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf G:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:10:42.0750 2400 WudfPf - ok
21:10:42.0796 2400 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd G:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:10:42.0796 2400 WudfRd - ok
21:10:42.0843 2400 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc G:\WINDOWS\System32\WUDFSvc.dll
21:10:42.0859 2400 WudfSvc - ok
21:10:42.0937 2400 [ AE83ADA96575DACF533C2BCB1FC163DC ] WZCSVC G:\WINDOWS\System32\wzcsvc.dll
21:10:42.0937 2400 WZCSVC - ok
21:10:42.0984 2400 [ 8302DE1C64618D72346DD0034DBC5D9B ] xmlprov G:\WINDOWS\System32\xmlprov.dll
21:10:43.0000 2400 xmlprov - ok
21:10:43.0078 2400 ================ Scan global ===============================
21:10:43.0140 2400 [ 1B91BAC6996731EE8925F58205DCB016 ] G:\WINDOWS\system32\basesrv.dll
21:10:43.0171 2400 [ 6D4006EF6E45030BCA14CBFE8893E9B9 ] G:\WINDOWS\system32\winsrv.dll
21:10:43.0203 2400 [ 6D4006EF6E45030BCA14CBFE8893E9B9 ] G:\WINDOWS\system32\winsrv.dll
21:10:43.0234 2400 [ EDB6B81761BD60F32F740BBC40AFB676 ] G:\WINDOWS\system32\services.exe
21:10:43.0234 2400 [Global] - ok
21:10:43.0234 2400 ================ Scan MBR ==================================
21:10:43.0265 2400 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:10:43.0437 2400 \Device\Harddisk0\DR0 - ok
21:10:43.0468 2400 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
21:10:46.0968 2400 \Device\Harddisk1\DR3 - ok
21:10:46.0984 2400 ================ Scan VBR ==================================
21:10:47.0015 2400 [ 7767DD76ED07D454C8DB40C296EE48F1 ] \Device\Harddisk0\DR0\Partition1
21:10:47.0015 2400 \Device\Harddisk0\DR0\Partition1 - ok
21:10:47.0046 2400 [ 3E57A3E1ACC2759C5D5471AE388F0FE2 ] \Device\Harddisk0\DR0\Partition2
21:10:47.0046 2400 \Device\Harddisk0\DR0\Partition2 - ok
21:10:47.0078 2400 [ F0A7C68AAB2DAB44E1D8973DD1AE2B87 ] \Device\Harddisk1\DR3\Partition1
21:10:47.0093 2400 \Device\Harddisk1\DR3\Partition1 - ok
21:10:47.0093 2400 ============================================================
21:10:47.0093 2400 Scan finished
21:10:47.0093 2400 ============================================================
21:10:47.0156 2392 Detected object count: 0
21:10:47.0156 2392 Actual detected object count: 0
21:10:57.0203 2356 Deinitialize success
|
|
| Themen zu BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus |
| abgesicherte, abgesicherten, abgesicherten modus, aktualisierung, bka trojaner, bka trojaner xp, desktop, guten, modus, programmes, rechner, sperrbildschirm, sperrung, troja, trojaner, virenprogrammes |
Linear-Darstellung
