Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Bundestrojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 24.02.2013, 11:50   #1
einrapunzel
 
Bundestrojaner - Standard

Bundestrojaner



Habe mir Otl runtergeladen und den Scan sowie den Fix gemacht, wie geh ich jetzt weiter vor?

Alt 24.02.2013, 19:48   #2
markusg
/// Malware-holic
 
Bundestrojaner - Standard

Bundestrojaner



hi klicke in otl auf scan und poste ds Log noch mal bitte
__________________

__________________

Alt 24.02.2013, 22:47   #3
einrapunzel
 
Bundestrojaner - Standard

Bundestrojaner



Code:
ATTFilter
OTL logfile created on: 24.02.2013 21:08:03 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\user\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 65,13% Memory free
3,33 Gb Paging File | 2,70 Gb Available in Paging File | 81,06% Paging File free
Paging file location(s): C:\pagefile.sys 1522 1522 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 80,01 Gb Total Space | 58,23 Gb Free Space | 72,77% Space Free | Partition Type: NTFS
Drive D: | 69,00 Gb Total Space | 68,03 Gb Free Space | 98,60% Space Free | Partition Type: NTFS
Drive G: | 7,52 Gb Total Space | 0,70 Gb Free Space | 9,36% Space Free | Partition Type: FAT32
 
Computer Name: NAME-FD00PZU2N3 | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\user\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
PRC - C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe ()
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Programme\Elantech\ETDCTRL.EXE (ELANTECH Devices Corp.)
PRC - C:\Programme\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\Programme\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\PSIService.exe ()
PRC - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
MOD - C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\btwicons.dll ()
MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Programme\Avira\AntiVir PersonalEdition Classic\sqlite3.dll ()
MOD - C:\WINDOWS\system32\PSIService.exe ()
 
 
========== Services (SafeList) ==========
 
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (ALDITALKVerbindungsassistent_Service) -- C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe ()
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (AntiVirScheduler) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (IviRegMgr) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (ewusbnet) -- C:\WINDOWS\system32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (Netaapl) -- C:\WINDOWS\system32\drivers\netaapl.sys (Apple Inc.)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (RT80x86) -- C:\WINDOWS\system32\drivers\rt2860.sys (Ralink Technology, Corp.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (L1e) -- C:\WINDOWS\system32\drivers\l1e51x86.sys (Atheros Communications, Inc.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (archlp) -- C:\WINDOWS\system32\drivers\archlp.sys ()
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (AsusACPI) -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS (ASUSTeK Computer Inc.)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
 
IE - HKU\.DEFAULT\..\SearchScopes\{24A62A83-6394-48FC-BF6C-EF6ABED09DC7}: "URL" = hxxp://www.zumie.com/?prt=ZUMIE152&keywords={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes\{24A62A83-6394-48FC-BF6C-EF6ABED09DC7}: "URL" = hxxp://www.zumie.com/?prt=ZUMIE152&keywords={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.windowsxlive.net
IE - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}&Form=IE8SRC
IE - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\..\SearchScopes\{94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E}: "URL" = hxxp://www.zumie.com/?prt=ZumFreez&keywords={searchTerms}
IE - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: moveplayer%40movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 50970
FF - prefs.js..network.proxy.type: 4
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Programme\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Programme\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.08.09 10:01:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Programme\Java\jre6\lib\deploy\jqs\ff [2009.03.28 00:47:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\html5video [2011.06.04 15:57:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Programme\DivX\DivX Plus Web Player\firefox\wpa [2011.06.04 15:57:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.02.20 13:43:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.02.21 12:44:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.02.20 13:43:22 | 000,000,000 | ---D | M]
 
[2009.05.18 06:57:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Extensions
[2009.05.18 06:57:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.02.24 03:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\psifmf1e.default\extensions
[2009.09.02 20:26:28 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\psifmf1e.default\extensions\moveplayer@movenetworks.com
[2013.02.24 03:17:20 | 000,020,591 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Mozilla\Firefox\Profiles\psifmf1e.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013.02.13 04:20:51 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.02.21 12:44:29 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.02.21 12:44:28 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2009.07.25 04:23:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeploytk.dll
[2013.02.20 13:43:22 | 000,153,296 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\mozilla firefox\plugins\nppl3260.dll
[2013.02.15 23:11:31 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin.dll
[2013.02.15 23:11:31 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin2.dll
[2013.02.15 23:11:31 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin3.dll
[2013.02.15 23:11:31 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin4.dll
[2013.02.15 23:11:31 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin5.dll
[2013.02.15 23:11:31 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin6.dll
[2013.02.15 23:11:32 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin7.dll
[2013.02.20 13:43:07 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Programme\mozilla firefox\plugins\nprpplugin.dll
[2013.02.01 20:33:32 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.01 20:33:32 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2013.02.01 20:33:32 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.01 20:33:32 | 000,002,669 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\google.xml
[2013.02.01 20:33:32 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.01 20:33:32 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.01 20:33:32 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U15 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Programme\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX HiQ = C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: Grass = C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla\1.0_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
 
O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\..\Toolbar\ShellBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\..\Toolbar\ShellBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\..\Toolbar\WebBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Programme\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Programme\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Programme\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [conhost] C:\Dokumente und Einstellungen\user\Anwendungsdaten\Microsoft\conhost.exe File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCTRL.EXE (ELANTECH Devices Corp.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Programme\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\Rthdcpl.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [5863D912] C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ppwmy\ffnttmkl.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [Agiqmo] C:\Dokumente und Einstellungen\user\Anwendungsdaten\Onco\awep.exe ()
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [cnvztmkl] C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ccwyy\avuggetmkl.exe ()
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [Google Update] C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [ilkjspnm] C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\Zbshrzl\sbsshrispnm.exe ()
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [KB00938642.exe] C:\Dokumente und Einstellungen\user\Anwendungsdaten\KB00938642.exe (Exiland Software)
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [MSMSGS] C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [Personal Desktop] C:\PROGRA~1\SA269F~1.D\PERSON~1\pdesk.exe File not found
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [Real Desktop] "C:\Programme\Real Desktop\Real Desktop.exe" File not found
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [RocketDock] "C:\Programme\RocketDock\RocketDock.exe" File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Launcher.lnk = C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SuperHybridEngine.lnk = C:\Programme\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\user\Startmenü\Programme\Autostart\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
F3 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006 WinNT: Load - (C:\DOKUME~1\user\LOKALE~1\Temp\csrss.exe) -  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CC471DC-772E-43A9-B69D-86059A69626F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006 Winlogon: Shell - (C:\Dokumente und Einstellungen\user\Anwendungsdaten\dwm.exe) -  File not found
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\msconfig.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\regedit.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.02.19 22:23:28 | 000,000,000 | ---D | M] - G:\Autogenes Training -- [ FAT32 ]
O33 - MountPoints2\{08a809ce-f624-11dd-a0b2-002243253210}\Shell\AutoRun\command - "" = wscript.exe open_website.vbs
O33 - MountPoints2\{3e8d110a-72c4-11e2-a3d9-002243aff40f}\Shell - "" = AutoRun
O33 - MountPoints2\{3e8d110a-72c4-11e2-a3d9-002243aff40f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3e8d110a-72c4-11e2-a3d9-002243aff40f}\Shell\AutoRun\command - "" = E:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{3fdb1364-737a-11e2-a3da-002243aff40f}\Shell - "" = AutoRun
O33 - MountPoints2\{3fdb1364-737a-11e2-a3da-002243aff40f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3fdb1364-737a-11e2-a3da-002243aff40f}\Shell\AutoRun\command - "" = E:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{5c2904a4-5e8f-11e2-a3b3-002243aff40f}\Shell - "" = AutoRun
O33 - MountPoints2\{5c2904a4-5e8f-11e2-a3b3-002243aff40f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5c2904a4-5e8f-11e2-a3b3-002243aff40f}\Shell\AutoRun\command - "" = E:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{710c01b0-7090-11e2-a3d4-002243aff40f}\Shell - "" = AutoRun
O33 - MountPoints2\{710c01b0-7090-11e2-a3d4-002243aff40f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{710c01b0-7090-11e2-a3d4-002243aff40f}\Shell\AutoRun\command - "" = E:\.\Setup.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.24 11:22:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.02.24 01:55:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ppwmy
[2013.02.22 22:19:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2013.02.22 22:17:57 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2013.02.22 22:17:49 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2013.02.22 22:17:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.02.22 18:04:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Seofu
[2013.02.22 18:04:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Hukea
[2013.02.22 18:04:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Guikab
[2013.02.22 15:00:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Weas
[2013.02.22 15:00:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Fiulon
[2013.02.22 15:00:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Edihox
[2013.02.20 23:14:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Zura
[2013.02.20 23:14:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Irihku
[2013.02.20 23:14:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Axhute
[2013.02.20 13:44:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\RealNetworks
[2013.02.20 13:43:51 | 000,000,000 | ---D | C] -- C:\Programme\RealNetworks
[2013.02.20 13:43:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks
[2013.02.20 13:43:33 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\xing shared
[2013.02.20 13:43:22 | 000,201,424 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013.02.20 13:43:20 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Symantec Shared
[2013.02.20 13:43:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS
[2013.02.20 13:43:08 | 000,000,000 | ---D | C] -- C:\Programme\Norton Security Scan
[2013.02.20 13:43:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton Security Scan
[2013.02.20 13:43:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS\0307020.00A
[2013.02.20 13:43:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
[2013.02.20 13:43:02 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013.02.20 13:43:01 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013.02.20 13:43:01 | 000,000,000 | ---D | C] -- C:\Programme\NortonInstaller
[2013.02.20 13:43:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
[2013.02.20 13:42:59 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013.02.20 13:42:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\RealNetworks
[2013.02.20 13:42:41 | 000,000,000 | ---D | C] -- C:\Programme\Real
[2013.02.20 13:41:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\Real
[2013.02.20 13:41:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Real
[2013.02.20 13:40:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real
[2013.02.15 23:11:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuickTime
[2013.02.15 23:10:53 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2013.02.14 00:25:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Desktop\Valentinstag sonder Mp3
[2013.02.14 00:24:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Desktop\14.2
[2013.02.13 10:21:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Viufka
[2013.02.13 10:21:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Puyhv
[2013.02.13 10:21:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Fynen
[2013.02.13 04:21:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla
[2013.02.13 04:21:39 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service
[2013.02.11 23:11:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Desktop\11.2
[2013.02.11 17:58:14 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\4518C85B
[2013.02.11 17:57:10 | 000,098,205 | ---- | C] (Exiland Software) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\KB00938642.exe
[2013.02.11 17:46:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ufdu
[2013.02.11 17:46:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Onco
[2013.02.11 17:46:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Iqzada
[2013.02.10 13:07:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\ALDITALKVerbindungsassistent
[2013.02.10 13:07:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ALDI TALK Verbindungsassistent
[2013.02.10 13:07:18 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01007.dll
[2013.02.10 13:07:18 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WdfCoInstaller01007.dll
[2013.02.10 13:07:18 | 000,860,928 | ---- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys
[2013.02.10 13:07:18 | 000,051,456 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcecm.sys
[2013.02.10 13:07:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccid.sys
[2013.02.10 13:07:18 | 000,026,496 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_juextctrl.sys
[2013.02.10 13:07:18 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys
[2013.02.10 13:07:17 | 000,117,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2013.02.10 13:07:17 | 000,106,496 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2013.02.10 13:07:17 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_hwusbdev.sys
[2013.02.10 13:07:17 | 000,082,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcacm.sys
[2013.02.10 13:07:17 | 000,072,576 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jubusenum.sys
[2013.02.10 13:07:17 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2013.02.10 13:07:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\ALDITALKVerbindungsassistent
[2013.02.10 13:06:56 | 000,000,000 | ---D | C] -- C:\Programme\ALDITALKVerbindungsassistent
[2013.02.06 20:59:20 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Yywyp
[2013.02.06 20:48:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ccwyy
[2013.02.06 20:05:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Temp
[2013.02.05 23:12:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Desktop\5.2
[2013.02.04 22:34:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Desktop\4.2
[2010.07.10 19:31:14 | 015,523,560 | ---- | C] (Macrovision Corporation) -- C:\Programme\U1 Setup.exe
[2 C:\Programme\*.tmp files -> C:\Programme\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.24 18:30:00 | 000,001,206 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3444825471-2230824147-3614265266-1006UA.job
[2013.02.24 11:45:54 | 000,098,205 | ---- | M] (Exiland Software) -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\KB00938642.exe
[2013.02.24 02:52:37 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3444825471-2230824147-3614265266-1006.job
[2013.02.24 02:52:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.02.24 01:55:11 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3444825471-2230824147-3614265266-1006.job
[2013.02.22 22:19:05 | 000,001,522 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2013.02.22 19:16:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.02.22 16:35:00 | 000,001,154 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3444825471-2230824147-3614265266-1006Core.job
[2013.02.20 13:44:04 | 000,000,999 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer.lnk
[2013.02.20 13:43:22 | 000,201,424 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013.02.20 13:43:20 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for user.job
[2013.02.20 13:43:14 | 000,000,951 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton Security Scan.lnk
[2013.02.20 13:43:02 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013.02.20 13:43:01 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013.02.20 13:42:59 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013.02.18 08:37:01 | 000,013,247 | ---- | M] () -- C:\Dokumente und Einstellungen\user\Eigene Dateien\view_pix.aspx
[2013.02.18 08:36:29 | 000,013,247 | ---- | M] () -- C:\Dokumente und Einstellungen\user\Eigene Dateien\saarstr.16-18.aspx
[2013.02.15 23:11:18 | 000,001,584 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2013.02.13 04:21:42 | 000,000,696 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2013.02.10 13:07:28 | 000,001,862 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ALDI TALK Verbindungsassistent.lnk
[2013.02.10 13:07:11 | 000,001,899 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Launcher.lnk
[2013.02.10 13:07:06 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01007.dll
[2013.02.10 13:07:06 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WdfCoInstaller01007.dll
[2013.02.10 13:07:06 | 000,860,928 | ---- | M] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys
[2013.02.10 13:07:06 | 000,082,816 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcacm.sys
[2013.02.10 13:07:06 | 000,051,456 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcecm.sys
[2013.02.10 13:07:06 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccid.sys
[2013.02.10 13:07:06 | 000,026,496 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_juextctrl.sys
[2013.02.10 13:07:06 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys
[2013.02.10 13:07:05 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2013.02.10 13:07:05 | 000,106,496 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2013.02.10 13:07:05 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_hwusbdev.sys
[2013.02.10 13:07:05 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jubusenum.sys
[2013.02.10 13:07:05 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2013.02.07 09:00:00 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\rpc.job
[2013.02.06 20:37:33 | 000,002,357 | ---- | M] () -- C:\Dokumente und Einstellungen\user\Desktop\Google Chrome.lnk
[2013.02.05 22:34:35 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.31 16:23:00 | 000,459,844 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.01.31 16:23:00 | 000,441,906 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.01.31 16:23:00 | 000,085,170 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.01.31 16:23:00 | 000,071,842 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2 C:\Programme\*.tmp files -> C:\Programme\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.22 22:19:05 | 000,001,522 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2013.02.20 22:59:33 | 000,000,268 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3444825471-2230824147-3614265266-1006.job
[2013.02.20 13:44:38 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3444825471-2230824147-3614265266-1006.job
[2013.02.20 13:44:04 | 000,000,999 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer.lnk
[2013.02.20 13:43:20 | 000,000,430 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Security Scan for user.job
[2013.02.20 13:43:14 | 000,000,951 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton Security Scan.lnk
[2013.02.20 13:43:08 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NSS\0307020.00A\isolate.ini
[2013.02.18 08:37:01 | 000,013,247 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Eigene Dateien\view_pix.aspx
[2013.02.18 08:36:28 | 000,013,247 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Eigene Dateien\saarstr.16-18.aspx
[2013.02.15 23:11:18 | 000,001,584 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2013.02.13 04:21:42 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2013.02.13 04:21:42 | 000,000,696 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2013.02.10 13:07:28 | 000,001,862 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ALDI TALK Verbindungsassistent.lnk
[2013.02.10 13:07:11 | 000,001,899 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Launcher.lnk
[2012.03.16 16:54:23 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.05.20 21:23:55 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe
[2011.04.18 07:45:16 | 000,000,216 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011.03.23 07:46:03 | 000,011,862 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\4F46.7B5
[2010.02.07 18:08:30 | 000,366,212 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\mdbu.bin
[2008.10.20 15:38:45 | 000,044,544 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.13 23:32:56 | 000,000,960 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\wklnhst.dat
[2008.10.13 21:07:37 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2010.07.10 18:59:50 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.12.19 09:53:33 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.02.22 22:18:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2009.11.21 11:51:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Aldi Sued Fotoservice
[2008.10.14 00:32:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ECAP
[2009.12.04 16:50:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2010.09.01 15:12:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PhotoStitch
[2009.02.20 22:27:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2008.10.23 21:57:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winferno
[2009.03.17 21:30:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010.06.22 06:42:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.09.23 11:09:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.04.10 10:46:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013.02.10 13:07:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\ALDITALKVerbindungsassistent
[2013.02.24 13:43:07 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\4518C85B
[2008.10.26 21:26:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\AD ON Multimedia
[2013.02.11 17:22:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\ALDITALKVerbindungsassistent
[2013.02.20 23:14:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Axhute
[2009.06.23 15:59:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Canon
[2013.02.06 20:48:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ccwyy
[2011.06.04 15:58:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\DDMSettings
[2013.02.22 15:00:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Edihox
[2013.02.22 15:00:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Fiulon
[2013.02.13 10:21:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Fynen
[2013.02.22 18:04:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Guikab
[2013.02.22 18:04:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Hukea
[2008.10.17 02:08:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\InterVideo
[2013.02.11 17:46:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Iqzada
[2013.02.20 23:14:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Irihku
[2009.11.21 11:51:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\MAGIX
[2013.02.11 17:46:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Onco
[2008.10.26 14:11:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Personal Desktop
[2013.02.24 01:55:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ppwmy
[2013.02.13 10:21:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Puyhv
[2011.06.29 21:18:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\SaalDesignSoftware
[2013.02.22 18:04:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Seofu
[2009.03.07 19:51:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\StarOffice8
[2009.03.07 22:18:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Styler
[2008.10.18 10:10:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\T-Online
[2013.02.06 20:05:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Temp
[2008.10.13 23:32:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Template
[2013.02.24 21:03:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ufdu
[2009.02.20 16:56:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ulead Systems
[2013.02.13 10:21:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Viufka
[2013.02.22 15:00:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Weas
[2013.02.06 20:59:20 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Yywyp
[2013.02.20 23:14:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Zura
 
========== Purity Check ==========
 
 

< End of report >
         
__________________

Alt 25.02.2013, 18:04   #4
markusg
/// Malware-holic
 
Bundestrojaner - Standard

Bundestrojaner



Hi,
otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O4 - HKLM..\Run: [conhost] C:\Dokumente und Einstellungen\user\Anwendungsdaten\Microsoft\conhost.exe File not found
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [Agiqmo] C:\Dokumente und Einstellungen\user\Anwendungsdaten\Onco\awep.exe ()
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [cnvztmkl] C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ccwyy\avuggetmkl.exe ()
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [ilkjspnm] C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\Zbshrzl\sbsshrispnm.exe
()
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [KB00938642.exe] C:\Dokumente und Einstellungen\user\Anwendungsdaten\KB00938642.exe (Exiland
Software)
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [Personal Desktop] C:\PROGRA~1\SA269F~1.D\PERSON~1\pdesk.exe File not found
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [Real Desktop] "C:\Programme\Real Desktop\Real Desktop.exe" File not found
O4 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006..\Run: [RocketDock] "C:\Programme\RocketDock\RocketDock.exe" File not found
F3 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006 WinNT: Load - (C:\DOKUME~1\user\LOKALE~1\Temp\csrss.exe) -  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O20 - HKU\S-1-5-21-3444825471-2230824147-3614265266-1006 Winlogon: Shell - (C:\Dokumente und Einstellungen\user\Anwendungsdaten\dwm.exe) -  File not found
O27 - HKLM IFEO\msconfig.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\regedit.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found
[2013.02.22 18:04:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Seofu
[2013.02.22 18:04:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Hukea
[2013.02.22 18:04:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Guikab
[2013.02.22 15:00:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Weas
[2013.02.22 15:00:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Fiulon
[2013.02.22 15:00:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Edihox
[2013.02.20 23:14:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Zura
[2013.02.20 23:14:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Irihku
[2013.02.20 23:14:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user\Anwendungsdaten\Axhute
:files
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Onco
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ccwyy
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\Zbshrzl
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread



starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 25.02.2013, 22:34   #5
einrapunzel
 
Bundestrojaner - Standard

Bundestrojaner



Hey Markus, hier das Textdokument
Code:
ATTFilter
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\conhost not found.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\Software\Microsoft\Windows\CurrentVersion\Run\\Agiqmo not found.
File C:\Dokumente und Einstellungen\user\Anwendungsdaten\Onco\awep.exe not found.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\Software\Microsoft\Windows\CurrentVersion\Run\\cnvztmkl deleted successfully.
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ccwyy\avuggetmkl.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\Software\Microsoft\Windows\CurrentVersion\Run\\ilkjspnm not found.
File C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\Zbshrzl\sbsshrispnm.exe not found.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\Software\Microsoft\Windows\CurrentVersion\Run\\KB00938642.exe not found.
File C:\Dokumente und Einstellungen\user\Anwendungsdaten\KB00938642.exe (Exiland not found.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\Software\Microsoft\Windows\CurrentVersion\Run\\Personal Desktop deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\Software\Microsoft\Windows\CurrentVersion\Run\\Real Desktop deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\Software\Microsoft\Windows\CurrentVersion\Run\\RocketDock deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegedit not found.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegedit not found.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3444825471-2230824147-3614265266-1006\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe\ deleted successfully.
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Seofu folder moved successfully.
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Hukea folder moved successfully.
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Guikab folder moved successfully.
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Weas folder moved successfully.
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Fiulon folder moved successfully.
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Edihox folder moved successfully.
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Zura folder moved successfully.
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Irihku folder moved successfully.
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Axhute folder moved successfully.
========== FILES ==========
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Onco folder moved successfully.
C:\Dokumente und Einstellungen\user\Anwendungsdaten\Ccwyy folder moved successfully.
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\Zbshrzl folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 56468 bytes
 
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32969 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 120330117 bytes
 
User: user
->Temp folder emptied: 988740289 bytes
->Temporary Internet Files folder emptied: 402564916 bytes
->Java cache emptied: 67252614 bytes
->FireFox cache emptied: 55948828 bytes
->Google Chrome cache emptied: 318749883 bytes
->Apple Safari cache emptied: 13829120 bytes
->Flash cache emptied: 56473 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13186577 bytes
RecycleBin emptied: 2121101036 bytes
 
Total Files Cleaned = 3.912,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 02252013_221544

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
Upload hat auch einwandfrei geklappt, danke schonmal


Alt 25.02.2013, 22:40   #6
markusg
/// Malware-holic
 
Bundestrojaner - Standard

Bundestrojaner



Danke.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Bundestrojaner

Alt 25.02.2013, 22:47   #7
einrapunzel
 
Bundestrojaner - Standard

Bundestrojaner



Keine infizierten Objekte gefunden, hier der logfile
Code:
ATTFilter
22:46:30.0515 2364  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:46:30.0859 2364  ============================================================
22:46:30.0859 2364  Current date / time: 2013/02/25 22:46:30.0859
22:46:30.0859 2364  SystemInfo:
22:46:30.0859 2364  
22:46:30.0859 2364  OS Version: 5.1.2600 ServicePack: 3.0
22:46:30.0859 2364  Product type: Workstation
22:46:30.0859 2364  ComputerName: NAME-FD00PZU2N3
22:46:30.0859 2364  UserName: user
22:46:30.0859 2364  Windows directory: C:\WINDOWS
22:46:30.0859 2364  System windows directory: C:\WINDOWS
22:46:30.0859 2364  Processor architecture: Intel x86
22:46:30.0859 2364  Number of processors: 2
22:46:30.0859 2364  Page size: 0x1000
22:46:30.0859 2364  Boot type: Normal boot
22:46:30.0859 2364  ============================================================
22:46:32.0906 2364  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:46:32.0906 2364  ============================================================
22:46:32.0906 2364  \Device\Harddisk0\DR0:
22:46:32.0906 2364  MBR partitions:
22:46:32.0906 2364  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xA00684E
22:46:32.0906 2364  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA00688D, BlocksNum 0x89FE86F
22:46:32.0906 2364  ============================================================
22:46:32.0937 2364  C: <-> \Device\Harddisk0\DR0\Partition1
22:46:32.0968 2364  D: <-> \Device\Harddisk0\DR0\Partition2
22:46:32.0968 2364  ============================================================
22:46:32.0968 2364  Initialize success
22:46:32.0968 2364  ============================================================
22:46:42.0140 2824  ============================================================
22:46:42.0140 2824  Scan started
22:46:42.0140 2824  Mode: Manual; 
22:46:42.0140 2824  ============================================================
22:46:43.0296 2824  ================ Scan system memory ========================
22:46:43.0296 2824  System memory - ok
22:46:43.0312 2824  ================ Scan services =============================
22:46:43.0468 2824  Abiosdsk - ok
22:46:43.0500 2824  abp480n5 - ok
22:46:43.0625 2824  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
22:46:43.0640 2824  ACDaemon - ok
22:46:43.0687 2824  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:46:43.0703 2824  ACPI - ok
22:46:43.0734 2824  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:46:43.0734 2824  ACPIEC - ok
22:46:43.0750 2824  adpu160m - ok
22:46:43.0843 2824  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
22:46:43.0843 2824  aec - ok
22:46:43.0906 2824  [ A7B8A3A79D35215D798A300DF49ED23F ] Afc             C:\WINDOWS\system32\drivers\Afc.sys
22:46:43.0906 2824  Afc - ok
22:46:43.0953 2824  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
22:46:43.0953 2824  AFD - ok
22:46:43.0984 2824  Aha154x - ok
22:46:44.0000 2824  aic78u2 - ok
22:46:44.0015 2824  aic78xx - ok
22:46:44.0109 2824  [ 7067AC22EB74C2E3D4C950050CBB1AC0 ] ALDITALKVerbindungsassistent_Service C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
22:46:44.0140 2824  ALDITALKVerbindungsassistent_Service - ok
22:46:44.0187 2824  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
22:46:44.0187 2824  Alerter - ok
22:46:44.0250 2824  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
22:46:44.0250 2824  ALG - ok
22:46:44.0265 2824  AliIde - ok
22:46:44.0281 2824  amsint - ok
22:46:44.0375 2824  [ D6C8942BEA3698A2E7559BD423BFA5D7 ] AntiVirScheduler C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
22:46:44.0375 2824  AntiVirScheduler - ok
22:46:44.0406 2824  [ 335A142923FE7F97E8C8388ACD067568 ] AntiVirService  C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
22:46:44.0421 2824  AntiVirService - ok
22:46:44.0484 2824  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:46:44.0484 2824  Apple Mobile Device - ok
22:46:44.0500 2824  AppMgmt - ok
22:46:44.0562 2824  [ 57C1ACB60AA2AEE0D61FAC52E9DD6D9F ] archlp          C:\WINDOWS\system32\drivers\archlp.sys
22:46:44.0562 2824  archlp - ok
22:46:44.0578 2824  asc - ok
22:46:44.0609 2824  asc3350p - ok
22:46:44.0640 2824  asc3550 - ok
22:46:44.0750 2824  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:46:44.0796 2824  aspnet_state - ok
22:46:44.0843 2824  [ 784FCB197F9A50A419D8CE4980655AE4 ] AsusACPI        C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
22:46:44.0843 2824  AsusACPI - ok
22:46:44.0890 2824  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:46:44.0921 2824  AsyncMac - ok
22:46:44.0953 2824  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
22:46:44.0953 2824  atapi - ok
22:46:44.0968 2824  Atdisk - ok
22:46:45.0031 2824  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:46:45.0031 2824  Atmarpc - ok
22:46:45.0078 2824  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
22:46:45.0078 2824  AudioSrv - ok
22:46:45.0156 2824  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
22:46:45.0156 2824  audstub - ok
22:46:45.0171 2824  [ 87828ECD657F81503465AC705E845076 ] avgio           C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys
22:46:45.0171 2824  avgio - ok
22:46:45.0203 2824  [ FCB30820BED1D3FEB55E3DD55A3F947F ] avgntflt        C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
22:46:45.0203 2824  avgntflt - ok
22:46:45.0281 2824  [ 0B09DF022250FB7BA91FB932EAC6EA9B ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
22:46:45.0281 2824  avipbb - ok
22:46:45.0328 2824  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:46:45.0328 2824  Beep - ok
22:46:45.0406 2824  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
22:46:45.0500 2824  BITS - ok
22:46:45.0593 2824  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
22:46:45.0609 2824  Bonjour Service - ok
22:46:45.0671 2824  [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser         C:\WINDOWS\System32\browser.dll
22:46:45.0671 2824  Browser - ok
22:46:45.0750 2824  [ FABA1418646A2B433C0BDED6FF92D2FA ] btaudio         C:\WINDOWS\system32\drivers\btaudio.sys
22:46:45.0765 2824  btaudio - ok
22:46:45.0812 2824  [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver        C:\WINDOWS\system32\DRIVERS\btport.sys
22:46:45.0828 2824  BTDriver - ok
22:46:45.0937 2824  [ AEF038061BC1CAFB4865D43A85BEB1A1 ] BTKRNL          C:\WINDOWS\system32\DRIVERS\btkrnl.sys
22:46:45.0968 2824  BTKRNL - ok
22:46:46.0062 2824  [ F20629FF9ED48EFA98FDC5D99919E8C0 ] btwdins         C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:46:46.0093 2824  btwdins - ok
22:46:46.0125 2824  [ 80F61DE965C116051614AC2F04222FF7 ] BTWDNDIS        C:\WINDOWS\system32\DRIVERS\btwdndis.sys
22:46:46.0140 2824  BTWDNDIS - ok
22:46:46.0171 2824  [ 949ECA9C56F657C06D3166D51F3226C7 ] btwhid          C:\WINDOWS\system32\DRIVERS\btwhid.sys
22:46:46.0187 2824  btwhid - ok
22:46:46.0218 2824  [ 179A37C86FD2B9CC28EB93D093D394C7 ] BTWUSB          C:\WINDOWS\system32\Drivers\btwusb.sys
22:46:46.0218 2824  BTWUSB - ok
22:46:46.0281 2824  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
22:46:46.0281 2824  cbidf2k - ok
22:46:46.0328 2824  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:46:46.0328 2824  CCDECODE - ok
22:46:46.0343 2824  cd20xrnt - ok
22:46:46.0390 2824  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
22:46:46.0390 2824  Cdaudio - ok
22:46:46.0453 2824  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
22:46:46.0453 2824  Cdfs - ok
22:46:46.0500 2824  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:46:46.0515 2824  Cdrom - ok
22:46:46.0531 2824  Changer - ok
22:46:46.0562 2824  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe
22:46:46.0578 2824  CiSvc - ok
22:46:46.0625 2824  [ AA29A9B4B06FBEBC5918D697A97A8AC6 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
22:46:46.0640 2824  ClipSrv - ok
22:46:46.0671 2824  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:46:46.0765 2824  clr_optimization_v2.0.50727_32 - ok
22:46:46.0812 2824  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:46:46.0812 2824  CmBatt - ok
22:46:46.0828 2824  CmdIde - ok
22:46:46.0859 2824  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:46:46.0859 2824  Compbatt - ok
22:46:46.0906 2824  COMSysApp - ok
22:46:46.0937 2824  Cpqarray - ok
22:46:47.0000 2824  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
22:46:47.0000 2824  CryptSvc - ok
22:46:47.0015 2824  dac2w2k - ok
22:46:47.0031 2824  dac960nt - ok
22:46:47.0093 2824  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
22:46:47.0125 2824  DcomLaunch - ok
22:46:47.0171 2824  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
22:46:47.0171 2824  Dhcp - ok
22:46:47.0234 2824  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
22:46:47.0234 2824  Disk - ok
22:46:47.0265 2824  dmadmin - ok
22:46:47.0328 2824  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
22:46:47.0375 2824  dmboot - ok
22:46:47.0437 2824  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
22:46:47.0453 2824  dmio - ok
22:46:47.0484 2824  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
22:46:47.0484 2824  dmload - ok
22:46:47.0515 2824  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
22:46:47.0531 2824  dmserver - ok
22:46:47.0562 2824  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
22:46:47.0562 2824  DMusic - ok
22:46:47.0609 2824  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
22:46:47.0609 2824  Dnscache - ok
22:46:47.0671 2824  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:46:47.0671 2824  Dot3svc - ok
22:46:47.0703 2824  dpti2o - ok
22:46:47.0734 2824  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
22:46:47.0750 2824  drmkaud - ok
22:46:47.0781 2824  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
22:46:47.0812 2824  EapHost - ok
22:46:47.0828 2824  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
22:46:47.0828 2824  ERSvc - ok
22:46:47.0890 2824  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
22:46:47.0906 2824  Eventlog - ok
22:46:47.0953 2824  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll
22:46:47.0953 2824  EventSystem - ok
22:46:48.0031 2824  [ A52794C010C6DF5B4BC70C4AB5E04088 ] ewusbnet        C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
22:46:48.0031 2824  ewusbnet - ok
22:46:48.0093 2824  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev     C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
22:46:48.0093 2824  ew_hwusbdev - ok
22:46:48.0140 2824  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
22:46:48.0140 2824  Fastfat - ok
22:46:48.0203 2824  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:46:48.0203 2824  FastUserSwitchingCompatibility - ok
22:46:48.0296 2824  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
22:46:48.0296 2824  Fdc - ok
22:46:48.0343 2824  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
22:46:48.0343 2824  Fips - ok
22:46:48.0375 2824  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
22:46:48.0375 2824  Flpydisk - ok
22:46:48.0453 2824  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:46:48.0453 2824  FltMgr - ok
22:46:48.0515 2824  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:46:48.0515 2824  FontCache3.0.0.0 - ok
22:46:48.0578 2824  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:46:48.0578 2824  Fs_Rec - ok
22:46:48.0625 2824  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:46:48.0625 2824  Ftdisk - ok
22:46:48.0687 2824  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:46:48.0687 2824  GEARAspiWDM - ok
22:46:48.0734 2824  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:46:48.0734 2824  Gpc - ok
22:46:48.0796 2824  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:46:48.0812 2824  HDAudBus - ok
22:46:48.0890 2824  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:46:48.0906 2824  helpsvc - ok
22:46:48.0968 2824  [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ         C:\WINDOWS\System32\hidserv.dll
22:46:48.0968 2824  HidServ - ok
22:46:49.0000 2824  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:46:49.0000 2824  HidUsb - ok
22:46:49.0046 2824  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
22:46:49.0062 2824  hkmsvc - ok
22:46:49.0078 2824  hpn - ok
22:46:49.0140 2824  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
22:46:49.0140 2824  HTTP - ok
22:46:49.0187 2824  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
22:46:49.0203 2824  HTTPFilter - ok
22:46:49.0234 2824  [ 1F40368DC40B17DE3FA0FBE8A9D82F9E ] hwdatacard      C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
22:46:49.0234 2824  hwdatacard - ok
22:46:49.0250 2824  i2omgmt - ok
22:46:49.0281 2824  i2omp - ok
22:46:49.0343 2824  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:46:49.0359 2824  i8042prt - ok
22:46:49.0703 2824  [ 0F68E2EC713F132FFB19E45415B09679 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
22:46:49.0921 2824  ialm - ok
22:46:50.0000 2824  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:46:50.0031 2824  idsvc - ok
22:46:50.0062 2824  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
22:46:50.0078 2824  Imapi - ok
22:46:50.0109 2824  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
22:46:50.0125 2824  ImapiService - ok
22:46:50.0171 2824  ini910u - ok
22:46:50.0437 2824  [ 47C79F7E330CBB829934D00F64D55FC9 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:46:50.0515 2824  IntcAzAudAddService - ok
22:46:50.0546 2824  IntelIde - ok
22:46:50.0609 2824  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:46:50.0609 2824  intelppm - ok
22:46:50.0656 2824  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:46:50.0656 2824  Ip6Fw - ok
22:46:50.0671 2824  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:46:50.0671 2824  IpFilterDriver - ok
22:46:50.0687 2824  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:46:50.0687 2824  IpInIp - ok
22:46:50.0734 2824  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:46:50.0734 2824  IpNat - ok
22:46:50.0796 2824  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Programme\iPod\bin\iPodService.exe
22:46:50.0812 2824  iPod Service - ok
22:46:50.0875 2824  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:46:50.0875 2824  IPSec - ok
22:46:50.0906 2824  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
22:46:50.0906 2824  IRENUM - ok
22:46:50.0953 2824  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:46:50.0953 2824  isapnp - ok
22:46:51.0015 2824  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
22:46:51.0015 2824  IviRegMgr - ok
22:46:51.0125 2824  [ 112325F53AB720CA77825726D427FBDC ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
22:46:51.0125 2824  JavaQuickStarterService - ok
22:46:51.0187 2824  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:46:51.0187 2824  Kbdclass - ok
22:46:51.0218 2824  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
22:46:51.0218 2824  kmixer - ok
22:46:51.0265 2824  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
22:46:51.0296 2824  KSecDD - ok
22:46:51.0312 2824  [ 9EA9D6BA04629CB14260F46FF8BBD65A ] Ktp             C:\WINDOWS\system32\DRIVERS\ETD.sys
22:46:51.0312 2824  Ktp - ok
22:46:51.0343 2824  [ 303627228DD739D98289679901A38C8F ] L1e             C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
22:46:51.0343 2824  L1e - ok
22:46:51.0406 2824  [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
22:46:51.0406 2824  LanmanServer - ok
22:46:51.0453 2824  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:46:51.0500 2824  lanmanworkstation - ok
22:46:51.0515 2824  lbrtfdc - ok
22:46:51.0578 2824  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
22:46:51.0578 2824  LmHosts - ok
22:46:51.0609 2824  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
22:46:51.0609 2824  MBAMProtector - ok
22:46:51.0671 2824  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:46:51.0687 2824  MBAMScheduler - ok
22:46:51.0765 2824  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
22:46:51.0796 2824  MBAMService - ok
22:46:51.0828 2824  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
22:46:51.0859 2824  Messenger - ok
22:46:51.0890 2824  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
22:46:51.0890 2824  mnmdd - ok
22:46:51.0921 2824  [ 0F668A65FDE565D0C040FAB3B5B6CAB6 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
22:46:51.0937 2824  mnmsrvc - ok
22:46:51.0968 2824  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
22:46:51.0968 2824  Modem - ok
22:46:52.0000 2824  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:46:52.0031 2824  Mouclass - ok
22:46:52.0046 2824  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:46:52.0046 2824  mouhid - ok
22:46:52.0093 2824  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
22:46:52.0093 2824  MountMgr - ok
22:46:52.0140 2824  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
22:46:52.0156 2824  MozillaMaintenance - ok
22:46:52.0171 2824  mraid35x - ok
22:46:52.0203 2824  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:46:52.0234 2824  MRxDAV - ok
22:46:52.0281 2824  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:46:52.0328 2824  MRxSmb - ok
22:46:52.0359 2824  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
22:46:52.0375 2824  MSDTC - ok
22:46:52.0437 2824  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
22:46:52.0437 2824  Msfs - ok
22:46:52.0453 2824  MSIServer - ok
22:46:52.0484 2824  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:46:52.0484 2824  MSKSSRV - ok
22:46:52.0531 2824  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:46:52.0531 2824  MSPCLOCK - ok
22:46:52.0562 2824  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
22:46:52.0562 2824  MSPQM - ok
22:46:52.0609 2824  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:46:52.0609 2824  mssmbios - ok
22:46:52.0656 2824  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
22:46:52.0656 2824  MSTEE - ok
22:46:52.0703 2824  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
22:46:52.0718 2824  Mup - ok
22:46:52.0765 2824  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:46:52.0765 2824  NABTSFEC - ok
22:46:52.0953 2824  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
22:46:53.0078 2824  napagent - ok
22:46:53.0140 2824  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
22:46:53.0140 2824  NDIS - ok
22:46:53.0171 2824  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:46:53.0171 2824  NdisIP - ok
22:46:53.0218 2824  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:46:53.0218 2824  NdisTapi - ok
22:46:53.0265 2824  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:46:53.0265 2824  Ndisuio - ok
22:46:53.0281 2824  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:46:53.0296 2824  NdisWan - ok
22:46:53.0359 2824  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
22:46:53.0359 2824  NDProxy - ok
22:46:53.0421 2824  [ 1352E1648213551923A0A822E441553C ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl.sys
22:46:53.0421 2824  Netaapl - ok
22:46:53.0468 2824  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
22:46:53.0468 2824  NetBIOS - ok
22:46:53.0515 2824  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
22:46:53.0531 2824  NetBT - ok
22:46:53.0562 2824  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
22:46:53.0578 2824  NetDDE - ok
22:46:53.0609 2824  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
22:46:53.0640 2824  NetDDEdsdm - ok
22:46:53.0687 2824  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
22:46:53.0687 2824  Netlogon - ok
22:46:53.0703 2824  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
22:46:53.0718 2824  Netman - ok
22:46:53.0765 2824  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:46:53.0765 2824  NetTcpPortSharing - ok
22:46:53.0812 2824  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll
22:46:53.0828 2824  Nla - ok
22:46:53.0890 2824  [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm              C:\WINDOWS\system32\DRIVERS\NMnt.sys
22:46:53.0906 2824  nm - ok
22:46:53.0937 2824  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
22:46:53.0937 2824  Npfs - ok
22:46:54.0015 2824  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
22:46:54.0046 2824  Ntfs - ok
22:46:54.0062 2824  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
22:46:54.0078 2824  NtLmSsp - ok
22:46:54.0140 2824  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
22:46:54.0171 2824  NtmsSvc - ok
22:46:54.0218 2824  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
22:46:54.0218 2824  Null - ok
22:46:54.0250 2824  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:46:54.0250 2824  NwlnkFlt - ok
22:46:54.0265 2824  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:46:54.0281 2824  NwlnkFwd - ok
22:46:54.0390 2824  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
22:46:54.0453 2824  odserv - ok
22:46:54.0484 2824  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
22:46:54.0484 2824  ose - ok
22:46:54.0531 2824  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
22:46:54.0531 2824  Parport - ok
22:46:54.0578 2824  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
22:46:54.0578 2824  PartMgr - ok
22:46:54.0609 2824  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
22:46:54.0609 2824  ParVdm - ok
22:46:54.0625 2824  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
22:46:54.0640 2824  PCI - ok
22:46:54.0640 2824  PCIDump - ok
22:46:54.0656 2824  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
22:46:54.0656 2824  PCIIde - ok
22:46:54.0718 2824  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
22:46:54.0718 2824  Pcmcia - ok
22:46:54.0734 2824  PDCOMP - ok
22:46:54.0750 2824  PDFRAME - ok
22:46:54.0765 2824  PDRELI - ok
22:46:54.0781 2824  PDRFRAME - ok
22:46:54.0781 2824  perc2 - ok
22:46:54.0812 2824  perc2hib - ok
22:46:54.0875 2824  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
22:46:54.0875 2824  PlugPlay - ok
22:46:54.0890 2824  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
22:46:54.0890 2824  PolicyAgent - ok
22:46:54.0906 2824  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:46:54.0906 2824  PptpMiniport - ok
22:46:54.0921 2824  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:46:54.0921 2824  ProtectedStorage - ok
22:46:54.0984 2824  [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\WINDOWS\system32\PSIService.exe
22:46:54.0984 2824  ProtexisLicensing - ok
22:46:54.0984 2824  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
22:46:55.0000 2824  PSched - ok
22:46:55.0015 2824  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:46:55.0015 2824  Ptilink - ok
22:46:55.0062 2824  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:46:55.0062 2824  PxHelp20 - ok
22:46:55.0062 2824  ql1080 - ok
22:46:55.0093 2824  Ql10wnt - ok
22:46:55.0109 2824  ql12160 - ok
22:46:55.0125 2824  ql1240 - ok
22:46:55.0140 2824  ql1280 - ok
22:46:55.0156 2824  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:46:55.0156 2824  RasAcd - ok
22:46:55.0203 2824  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
22:46:55.0203 2824  RasAuto - ok
22:46:55.0234 2824  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:46:55.0234 2824  Rasl2tp - ok
22:46:55.0250 2824  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
22:46:55.0265 2824  RasMan - ok
22:46:55.0281 2824  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:46:55.0281 2824  RasPppoe - ok
22:46:55.0312 2824  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
22:46:55.0312 2824  Raspti - ok
22:46:55.0343 2824  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:46:55.0343 2824  Rdbss - ok
22:46:55.0390 2824  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:46:55.0390 2824  RDPCDD - ok
22:46:55.0437 2824  [ 5B3055DAA788BD688594D2F5981F2A83 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
22:46:55.0437 2824  RDPWD - ok
22:46:55.0500 2824  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
22:46:55.0500 2824  RDSessMgr - ok
22:46:55.0546 2824  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
22:46:55.0562 2824  RealNetworks Downloader Resolver Service - ok
22:46:55.0593 2824  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
22:46:55.0593 2824  redbook - ok
22:46:55.0625 2824  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
22:46:55.0640 2824  RemoteAccess - ok
22:46:55.0703 2824  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
22:46:55.0703 2824  ROOTMODEM - ok
22:46:55.0734 2824  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
22:46:55.0750 2824  RpcLocator - ok
22:46:55.0812 2824  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
22:46:55.0812 2824  RpcSs - ok
22:46:55.0843 2824  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
22:46:55.0843 2824  RSVP - ok
22:46:55.0906 2824  [ 162D6AEE49372B9CE17C418CC5CDE7B5 ] RT80x86         C:\WINDOWS\system32\DRIVERS\RT2860.sys
22:46:55.0921 2824  RT80x86 - ok
22:46:55.0953 2824  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
22:46:55.0953 2824  SamSs - ok
22:46:56.0000 2824  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
22:46:56.0031 2824  SCardSvr - ok
22:46:56.0046 2824  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
22:46:56.0046 2824  Schedule - ok
22:46:56.0093 2824  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:46:56.0093 2824  Secdrv - ok
22:46:56.0125 2824  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
22:46:56.0125 2824  seclogon - ok
22:46:56.0187 2824  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
22:46:56.0187 2824  SENS - ok
22:46:56.0218 2824  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
22:46:56.0218 2824  Serial - ok
22:46:56.0250 2824  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
22:46:56.0250 2824  Sfloppy - ok
22:46:56.0312 2824  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
22:46:56.0312 2824  SharedAccess - ok
22:46:56.0359 2824  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:46:56.0359 2824  ShellHWDetection - ok
22:46:56.0375 2824  Simbad - ok
22:46:56.0437 2824  [ 011E958267FEB6ED72F1BFA80072943C ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
22:46:56.0468 2824  SkypeUpdate - ok
22:46:56.0500 2824  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:46:56.0515 2824  SLIP - ok
22:46:56.0531 2824  Sparrow - ok
22:46:56.0578 2824  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
22:46:56.0578 2824  splitter - ok
22:46:56.0609 2824  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
22:46:56.0609 2824  Spooler - ok
22:46:56.0656 2824  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
22:46:56.0656 2824  sr - ok
22:46:56.0687 2824  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll
22:46:56.0687 2824  srservice - ok
22:46:56.0718 2824  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
22:46:56.0765 2824  Srv - ok
22:46:56.0812 2824  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
22:46:56.0812 2824  SSDPSRV - ok
22:46:56.0859 2824  [ 71D609C5DFF067906D930BDE031C4CFE ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
22:46:56.0859 2824  ssmdrv - ok
22:46:56.0906 2824  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
22:46:56.0921 2824  stisvc - ok
22:46:56.0968 2824  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:46:56.0968 2824  streamip - ok
22:46:57.0000 2824  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
22:46:57.0000 2824  swenum - ok
22:46:57.0062 2824  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
22:46:57.0062 2824  swmidi - ok
22:46:57.0078 2824  SwPrv - ok
22:46:57.0093 2824  symc810 - ok
22:46:57.0093 2824  symc8xx - ok
22:46:57.0109 2824  sym_hi - ok
22:46:57.0125 2824  sym_u3 - ok
22:46:57.0156 2824  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
22:46:57.0156 2824  sysaudio - ok
22:46:57.0218 2824  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
22:46:57.0218 2824  SysmonLog - ok
22:46:57.0250 2824  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
22:46:57.0250 2824  TapiSrv - ok
22:46:57.0296 2824  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:46:57.0312 2824  Tcpip - ok
22:46:57.0343 2824  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
22:46:57.0343 2824  TDPIPE - ok
22:46:57.0359 2824  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
22:46:57.0359 2824  TDTCP - ok
22:46:57.0406 2824  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
22:46:57.0406 2824  TermDD - ok
22:46:57.0437 2824  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
22:46:57.0437 2824  TermService - ok
22:46:57.0468 2824  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
22:46:57.0468 2824  Themes - ok
22:46:57.0500 2824  TosIde - ok
22:46:57.0546 2824  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
22:46:57.0562 2824  TrkWks - ok
22:46:57.0625 2824  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
22:46:57.0625 2824  Udfs - ok
22:46:57.0640 2824  ultra - ok
22:46:57.0687 2824  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
22:46:57.0718 2824  Update - ok
22:46:57.0734 2824  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
22:46:57.0750 2824  upnphost - ok
22:46:57.0765 2824  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
22:46:57.0781 2824  UPS - ok
22:46:57.0828 2824  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
22:46:57.0828 2824  USBAAPL - ok
22:46:57.0875 2824  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:46:57.0875 2824  usbccgp - ok
22:46:57.0937 2824  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:46:57.0937 2824  usbehci - ok
22:46:57.0953 2824  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:46:57.0953 2824  usbhub - ok
22:46:58.0000 2824  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:46:58.0000 2824  usbscan - ok
22:46:58.0031 2824  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:46:58.0031 2824  usbstor - ok
22:46:58.0046 2824  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:46:58.0046 2824  usbuhci - ok
22:46:58.0093 2824  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
22:46:58.0093 2824  usbvideo - ok
22:46:58.0109 2824  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
22:46:58.0125 2824  VgaSave - ok
22:46:58.0156 2824  ViaIde - ok
22:46:58.0187 2824  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
22:46:58.0187 2824  VolSnap - ok
22:46:58.0234 2824  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe
22:46:58.0265 2824  VSS - ok
22:46:58.0296 2824  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll
22:46:58.0296 2824  W32Time - ok
22:46:58.0343 2824  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:46:58.0343 2824  Wanarp - ok
22:46:58.0406 2824  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
22:46:58.0421 2824  Wdf01000 - ok
22:46:58.0453 2824  WDICA - ok
22:46:58.0484 2824  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
22:46:58.0500 2824  wdmaud - ok
22:46:58.0562 2824  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
22:46:58.0562 2824  WebClient - ok
22:46:58.0625 2824  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
22:46:58.0625 2824  winmgmt - ok
22:46:58.0703 2824  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
22:46:58.0718 2824  WmdmPmSN - ok
22:46:58.0750 2824  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:46:58.0750 2824  WmiApSrv - ok
22:46:58.0812 2824  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
22:46:58.0812 2824  wscsvc - ok
22:46:58.0859 2824  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:46:58.0859 2824  WSTCODEC - ok
22:46:58.0921 2824  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
22:46:58.0921 2824  wuauserv - ok
22:46:58.0953 2824  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:46:58.0968 2824  WudfPf - ok
22:46:59.0000 2824  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:46:59.0015 2824  WudfRd - ok
22:46:59.0046 2824  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
22:46:59.0046 2824  WudfSvc - ok
22:46:59.0093 2824  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
22:46:59.0109 2824  WZCSVC - ok
22:46:59.0156 2824  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
22:46:59.0156 2824  xmlprov - ok
22:46:59.0218 2824  ================ Scan global ===============================
22:46:59.0265 2824  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
22:46:59.0281 2824  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
22:46:59.0328 2824  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
22:46:59.0359 2824  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
22:46:59.0390 2824  [Global] - ok
22:46:59.0390 2824  ================ Scan MBR ==================================
22:46:59.0406 2824  [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0
22:46:59.0640 2824  \Device\Harddisk0\DR0 - ok
22:46:59.0640 2824  ================ Scan VBR ==================================
22:46:59.0640 2824  [ 412E605D63C78DBD70CCBB277E9EC288 ] \Device\Harddisk0\DR0\Partition1
22:46:59.0656 2824  \Device\Harddisk0\DR0\Partition1 - ok
22:46:59.0687 2824  [ 57EED6C3A17F27569B640362533DF957 ] \Device\Harddisk0\DR0\Partition2
22:46:59.0687 2824  \Device\Harddisk0\DR0\Partition2 - ok
22:46:59.0687 2824  ============================================================
22:46:59.0687 2824  Scan finished
22:46:59.0687 2824  ============================================================
22:46:59.0718 2772  Detected object count: 0
22:46:59.0718 2772  Actual detected object count: 0
22:47:11.0593 2380  Deinitialize success
         

Alt 25.02.2013, 22:48   #8
markusg
/// Malware-holic
 
Bundestrojaner - Standard

Bundestrojaner



bitte noch mal bilder der Anleitung prüfen und erneut scannen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 25.02.2013, 22:53   #9
einrapunzel
 
Bundestrojaner - Standard

Bundestrojaner



Wo finde ich denn eine bebilderte Anleitung?

Alt 25.02.2013, 22:54   #10
markusg
/// Malware-holic
 
Bundestrojaner - Standard

Bundestrojaner



in dem tdss text von mir oben, da sind 2 links.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 25.02.2013, 22:58   #11
einrapunzel
 
Bundestrojaner - Standard

Bundestrojaner



Ach ja..sorry bin bisschen übermüdet habs gefunden und jetzt richtig gemacht
Code:
ATTFilter
22:53:16.0515 0936  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:53:16.0843 0936  ============================================================
22:53:16.0843 0936  Current date / time: 2013/02/25 22:53:16.0843
22:53:16.0843 0936  SystemInfo:
22:53:16.0843 0936  
22:53:16.0843 0936  OS Version: 5.1.2600 ServicePack: 3.0
22:53:16.0843 0936  Product type: Workstation
22:53:16.0843 0936  ComputerName: NAME-FD00PZU2N3
22:53:16.0843 0936  UserName: user
22:53:16.0843 0936  Windows directory: C:\WINDOWS
22:53:16.0843 0936  System windows directory: C:\WINDOWS
22:53:16.0843 0936  Processor architecture: Intel x86
22:53:16.0843 0936  Number of processors: 2
22:53:16.0843 0936  Page size: 0x1000
22:53:16.0843 0936  Boot type: Normal boot
22:53:16.0843 0936  ============================================================
22:53:18.0890 0936  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:53:18.0890 0936  ============================================================
22:53:18.0890 0936  \Device\Harddisk0\DR0:
22:53:18.0890 0936  MBR partitions:
22:53:18.0890 0936  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xA00684E
22:53:18.0890 0936  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA00688D, BlocksNum 0x89FE86F
22:53:18.0890 0936  ============================================================
22:53:18.0937 0936  C: <-> \Device\Harddisk0\DR0\Partition1
22:53:18.0953 0936  D: <-> \Device\Harddisk0\DR0\Partition2
22:53:18.0953 0936  ============================================================
22:53:18.0953 0936  Initialize success
22:53:18.0953 0936  ============================================================
22:57:52.0515 2404  ============================================================
22:57:52.0515 2404  Scan started
22:57:52.0515 2404  Mode: Manual; SigCheck; TDLFS; 
22:57:52.0531 2404  ============================================================
22:57:52.0984 2404  ================ Scan system memory ========================
22:57:52.0984 2404  System memory - ok
22:57:52.0984 2404  ================ Scan services =============================
22:57:53.0109 2404  Abiosdsk - ok
22:57:53.0140 2404  abp480n5 - ok
22:57:53.0265 2404  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
22:57:53.0625 2404  ACDaemon - ok
22:57:53.0687 2404  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:57:55.0484 2404  ACPI - ok
22:57:55.0562 2404  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:57:55.0859 2404  ACPIEC - ok
22:57:55.0875 2404  adpu160m - ok
22:57:55.0953 2404  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
22:57:56.0265 2404  aec - ok
22:57:56.0359 2404  [ A7B8A3A79D35215D798A300DF49ED23F ] Afc             C:\WINDOWS\system32\drivers\Afc.sys
22:57:56.0406 2404  Afc ( UnsignedFile.Multi.Generic ) - warning
22:57:56.0406 2404  Afc - detected UnsignedFile.Multi.Generic (1)
22:57:56.0437 2404  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
22:57:56.0484 2404  AFD - ok
22:57:56.0500 2404  Aha154x - ok
22:57:56.0515 2404  aic78u2 - ok
22:57:56.0531 2404  aic78xx - ok
22:57:56.0625 2404  [ 7067AC22EB74C2E3D4C950050CBB1AC0 ] ALDITALKVerbindungsassistent_Service C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
22:57:56.0687 2404  ALDITALKVerbindungsassistent_Service - ok
22:57:56.0703 2404  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
22:57:57.0000 2404  Alerter - ok
22:57:57.0078 2404  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
22:57:57.0203 2404  ALG - ok
22:57:57.0234 2404  AliIde - ok
22:57:57.0234 2404  amsint - ok
22:57:57.0296 2404  [ D6C8942BEA3698A2E7559BD423BFA5D7 ] AntiVirScheduler C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
22:57:57.0296 2404  AntiVirScheduler ( UnsignedFile.Multi.Generic ) - warning
22:57:57.0296 2404  AntiVirScheduler - detected UnsignedFile.Multi.Generic (1)
22:57:57.0328 2404  [ 335A142923FE7F97E8C8388ACD067568 ] AntiVirService  C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
22:57:57.0343 2404  AntiVirService ( UnsignedFile.Multi.Generic ) - warning
22:57:57.0343 2404  AntiVirService - detected UnsignedFile.Multi.Generic (1)
22:57:57.0421 2404  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:57:57.0468 2404  Apple Mobile Device - ok
22:57:57.0468 2404  AppMgmt - ok
22:57:57.0500 2404  [ 57C1ACB60AA2AEE0D61FAC52E9DD6D9F ] archlp          C:\WINDOWS\system32\drivers\archlp.sys
22:57:57.0515 2404  archlp - ok
22:57:57.0531 2404  asc - ok
22:57:57.0546 2404  asc3350p - ok
22:57:57.0562 2404  asc3550 - ok
22:57:57.0703 2404  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:57:57.0750 2404  aspnet_state - ok
22:57:57.0781 2404  [ 784FCB197F9A50A419D8CE4980655AE4 ] AsusACPI        C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
22:57:57.0843 2404  AsusACPI - ok
22:57:57.0875 2404  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:57:58.0265 2404  AsyncMac - ok
22:57:58.0328 2404  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
22:57:58.0671 2404  atapi - ok
22:57:58.0671 2404  Atdisk - ok
22:57:58.0765 2404  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:57:59.0046 2404  Atmarpc - ok
22:57:59.0109 2404  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
22:57:59.0390 2404  AudioSrv - ok
22:57:59.0421 2404  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
22:57:59.0687 2404  audstub - ok
22:57:59.0734 2404  [ 87828ECD657F81503465AC705E845076 ] avgio           C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys
22:57:59.0750 2404  avgio - ok
22:57:59.0796 2404  [ FCB30820BED1D3FEB55E3DD55A3F947F ] avgntflt        C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
22:57:59.0796 2404  avgntflt - ok
22:57:59.0828 2404  [ 0B09DF022250FB7BA91FB932EAC6EA9B ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
22:57:59.0843 2404  avipbb - ok
22:57:59.0890 2404  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:58:00.0171 2404  Beep - ok
22:58:00.0265 2404  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
22:58:00.0640 2404  BITS - ok
22:58:00.0750 2404  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
22:58:00.0812 2404  Bonjour Service - ok
22:58:00.0843 2404  [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser         C:\WINDOWS\System32\browser.dll
22:58:01.0140 2404  Browser - ok
22:58:01.0234 2404  [ FABA1418646A2B433C0BDED6FF92D2FA ] btaudio         C:\WINDOWS\system32\drivers\btaudio.sys
22:58:01.0296 2404  btaudio - ok
22:58:01.0375 2404  [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver        C:\WINDOWS\system32\DRIVERS\btport.sys
22:58:01.0390 2404  BTDriver - ok
22:58:01.0468 2404  [ AEF038061BC1CAFB4865D43A85BEB1A1 ] BTKRNL          C:\WINDOWS\system32\DRIVERS\btkrnl.sys
22:58:01.0546 2404  BTKRNL - ok
22:58:01.0640 2404  [ F20629FF9ED48EFA98FDC5D99919E8C0 ] btwdins         C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:58:01.0687 2404  btwdins - ok
22:58:01.0734 2404  [ 80F61DE965C116051614AC2F04222FF7 ] BTWDNDIS        C:\WINDOWS\system32\DRIVERS\btwdndis.sys
22:58:01.0765 2404  BTWDNDIS - ok
22:58:01.0781 2404  [ 949ECA9C56F657C06D3166D51F3226C7 ] btwhid          C:\WINDOWS\system32\DRIVERS\btwhid.sys
22:58:01.0796 2404  btwhid - ok
22:58:01.0843 2404  [ 179A37C86FD2B9CC28EB93D093D394C7 ] BTWUSB          C:\WINDOWS\system32\Drivers\btwusb.sys
22:58:01.0890 2404  BTWUSB - ok
22:58:01.0937 2404  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
22:58:02.0218 2404  cbidf2k - ok
22:58:02.0250 2404  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:58:02.0546 2404  CCDECODE - ok
22:58:02.0578 2404  cd20xrnt - ok
22:58:02.0640 2404  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
22:58:02.0906 2404  Cdaudio - ok
22:58:03.0000 2404  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
22:58:03.0281 2404  Cdfs - ok
22:58:03.0359 2404  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:58:03.0640 2404  Cdrom - ok
22:58:03.0656 2404  Changer - ok
22:58:03.0718 2404  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe
22:58:04.0015 2404  CiSvc - ok
22:58:04.0093 2404  [ AA29A9B4B06FBEBC5918D697A97A8AC6 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
22:58:04.0125 2404  ClipSrv ( UnsignedFile.Multi.Generic ) - warning
22:58:04.0125 2404  ClipSrv - detected UnsignedFile.Multi.Generic (1)
22:58:04.0187 2404  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:58:04.0187 2404  clr_optimization_v2.0.50727_32 - ok
22:58:04.0234 2404  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:58:04.0500 2404  CmBatt - ok
22:58:04.0500 2404  CmdIde - ok
22:58:04.0578 2404  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:58:04.0859 2404  Compbatt - ok
22:58:04.0859 2404  COMSysApp - ok
22:58:04.0875 2404  Cpqarray - ok
22:58:04.0953 2404  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
22:58:05.0265 2404  CryptSvc - ok
22:58:05.0281 2404  dac2w2k - ok
22:58:05.0281 2404  dac960nt - ok
22:58:05.0390 2404  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
22:58:05.0484 2404  DcomLaunch - ok
22:58:05.0531 2404  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
22:58:05.0796 2404  Dhcp - ok
22:58:05.0875 2404  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
22:58:06.0171 2404  Disk - ok
22:58:06.0187 2404  dmadmin - ok
22:58:06.0281 2404  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
22:58:06.0562 2404  dmboot - ok
22:58:06.0640 2404  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
22:58:06.0921 2404  dmio - ok
22:58:06.0984 2404  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
22:58:07.0296 2404  dmload - ok
22:58:07.0359 2404  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
22:58:07.0625 2404  dmserver - ok
22:58:07.0718 2404  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
22:58:08.0015 2404  DMusic - ok
22:58:08.0093 2404  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
22:58:08.0171 2404  Dnscache - ok
22:58:08.0218 2404  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:58:08.0484 2404  Dot3svc - ok
22:58:08.0500 2404  dpti2o - ok
22:58:08.0578 2404  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
22:58:08.0875 2404  drmkaud - ok
22:58:08.0937 2404  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
22:58:09.0234 2404  EapHost - ok
22:58:09.0312 2404  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
22:58:09.0562 2404  ERSvc - ok
22:58:09.0656 2404  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
22:58:09.0718 2404  Eventlog - ok
22:58:09.0750 2404  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll
22:58:09.0812 2404  EventSystem - ok
22:58:09.0859 2404  [ A52794C010C6DF5B4BC70C4AB5E04088 ] ewusbnet        C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
22:58:09.0921 2404  ewusbnet - ok
22:58:09.0937 2404  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev     C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
22:58:10.0031 2404  ew_hwusbdev - ok
22:58:10.0078 2404  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
22:58:10.0406 2404  Fastfat - ok
22:58:10.0500 2404  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:58:10.0562 2404  FastUserSwitchingCompatibility - ok
22:58:10.0609 2404  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
22:58:10.0953 2404  Fdc - ok
22:58:10.0968 2404  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
22:58:11.0343 2404  Fips - ok
22:58:11.0406 2404  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
22:58:11.0671 2404  Flpydisk - ok
22:58:11.0750 2404  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:58:12.0031 2404  FltMgr - ok
22:58:12.0125 2404  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:58:12.0140 2404  FontCache3.0.0.0 - ok
22:58:12.0171 2404  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:58:12.0500 2404  Fs_Rec - ok
22:58:12.0546 2404  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:58:12.0796 2404  Ftdisk - ok
22:58:12.0890 2404  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:58:12.0921 2404  GEARAspiWDM - ok
22:58:12.0968 2404  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:58:13.0312 2404  Gpc - ok
22:58:13.0390 2404  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:58:13.0687 2404  HDAudBus - ok
22:58:13.0781 2404  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:58:14.0046 2404  helpsvc - ok
22:58:14.0125 2404  [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ         C:\WINDOWS\System32\hidserv.dll
22:58:14.0359 2404  HidServ - ok
22:58:14.0453 2404  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:58:14.0734 2404  HidUsb - ok
22:58:14.0812 2404  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
22:58:15.0062 2404  hkmsvc - ok
22:58:15.0062 2404  hpn - ok
22:58:15.0171 2404  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
22:58:15.0234 2404  HTTP - ok
22:58:15.0265 2404  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
22:58:15.0578 2404  HTTPFilter - ok
22:58:15.0625 2404  [ 1F40368DC40B17DE3FA0FBE8A9D82F9E ] hwdatacard      C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
22:58:15.0734 2404  hwdatacard - ok
22:58:15.0750 2404  i2omgmt - ok
22:58:15.0765 2404  i2omp - ok
22:58:15.0796 2404  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:58:16.0125 2404  i8042prt - ok
22:58:16.0437 2404  [ 0F68E2EC713F132FFB19E45415B09679 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
22:58:16.0875 2404  ialm - ok
22:58:16.0953 2404  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:58:17.0078 2404  idsvc - ok
22:58:17.0125 2404  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
22:58:17.0406 2404  Imapi - ok
22:58:17.0453 2404  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
22:58:17.0734 2404  ImapiService - ok
22:58:17.0765 2404  ini910u - ok
22:58:18.0031 2404  [ 47C79F7E330CBB829934D00F64D55FC9 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:58:18.0437 2404  IntcAzAudAddService - ok
22:58:18.0453 2404  IntelIde - ok
22:58:18.0500 2404  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:58:18.0859 2404  intelppm - ok
22:58:18.0921 2404  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:58:19.0218 2404  Ip6Fw - ok
22:58:19.0296 2404  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:58:19.0578 2404  IpFilterDriver - ok
22:58:19.0593 2404  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:58:19.0875 2404  IpInIp - ok
22:58:19.0921 2404  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:58:20.0187 2404  IpNat - ok
22:58:20.0328 2404  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Programme\iPod\bin\iPodService.exe
22:58:20.0390 2404  iPod Service - ok
22:58:20.0421 2404  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:58:20.0718 2404  IPSec - ok
22:58:20.0796 2404  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
22:58:20.0906 2404  IRENUM - ok
22:58:21.0000 2404  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:58:21.0250 2404  isapnp - ok
22:58:21.0359 2404  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
22:58:21.0375 2404  IviRegMgr - ok
22:58:21.0484 2404  [ 112325F53AB720CA77825726D427FBDC ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
22:58:21.0546 2404  JavaQuickStarterService - ok
22:58:21.0609 2404  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:58:21.0968 2404  Kbdclass - ok
22:58:22.0046 2404  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
22:58:22.0328 2404  kmixer - ok
22:58:22.0390 2404  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
22:58:22.0468 2404  KSecDD - ok
22:58:22.0500 2404  [ 9EA9D6BA04629CB14260F46FF8BBD65A ] Ktp             C:\WINDOWS\system32\DRIVERS\ETD.sys
22:58:22.0578 2404  Ktp - ok
22:58:22.0625 2404  [ 303627228DD739D98289679901A38C8F ] L1e             C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
22:58:22.0656 2404  L1e - ok
22:58:22.0703 2404  [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
22:58:22.0765 2404  LanmanServer - ok
22:58:22.0812 2404  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:58:22.0890 2404  lanmanworkstation - ok
22:58:22.0921 2404  lbrtfdc - ok
22:58:23.0015 2404  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
22:58:23.0421 2404  LmHosts - ok
22:58:23.0484 2404  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
22:58:23.0500 2404  MBAMProtector - ok
22:58:23.0578 2404  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:58:23.0859 2404  MBAMScheduler - ok
22:58:23.0875 2404  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
22:58:23.0937 2404  MBAMService - ok
22:58:23.0984 2404  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
22:58:24.0375 2404  Messenger - ok
22:58:24.0437 2404  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
22:58:24.0718 2404  mnmdd - ok
22:58:24.0781 2404  [ 0F668A65FDE565D0C040FAB3B5B6CAB6 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
22:58:24.0781 2404  mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
22:58:24.0781 2404  mnmsrvc - detected UnsignedFile.Multi.Generic (1)
22:58:24.0812 2404  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
22:58:25.0078 2404  Modem - ok
22:58:25.0125 2404  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:58:25.0406 2404  Mouclass - ok
22:58:25.0453 2404  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:58:25.0734 2404  mouhid - ok
22:58:25.0796 2404  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
22:58:26.0078 2404  MountMgr - ok
22:58:26.0187 2404  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
22:58:26.0218 2404  MozillaMaintenance - ok
22:58:26.0218 2404  mraid35x - ok
22:58:26.0281 2404  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:58:26.0546 2404  MRxDAV - ok
22:58:26.0609 2404  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:58:26.0718 2404  MRxSmb - ok
22:58:26.0765 2404  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
22:58:27.0046 2404  MSDTC - ok
22:58:27.0125 2404  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
22:58:27.0406 2404  Msfs - ok
22:58:27.0406 2404  MSIServer - ok
22:58:27.0500 2404  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:58:27.0781 2404  MSKSSRV - ok
22:58:27.0843 2404  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:58:28.0093 2404  MSPCLOCK - ok
22:58:28.0156 2404  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
22:58:28.0468 2404  MSPQM - ok
22:58:28.0546 2404  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:58:28.0828 2404  mssmbios - ok
22:58:28.0890 2404  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
22:58:29.0156 2404  MSTEE - ok
22:58:29.0234 2404  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
22:58:29.0281 2404  Mup - ok
22:58:29.0312 2404  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:58:29.0593 2404  NABTSFEC - ok
22:58:29.0640 2404  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
22:58:29.0953 2404  napagent - ok
22:58:30.0031 2404  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
22:58:30.0343 2404  NDIS - ok
22:58:30.0406 2404  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:58:30.0656 2404  NdisIP - ok
22:58:30.0718 2404  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:58:30.0750 2404  NdisTapi - ok
22:58:30.0796 2404  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:58:31.0078 2404  Ndisuio - ok
22:58:31.0109 2404  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:58:31.0343 2404  NdisWan - ok
22:58:31.0406 2404  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
22:58:31.0484 2404  NDProxy - ok
22:58:31.0531 2404  [ 1352E1648213551923A0A822E441553C ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl.sys
22:58:31.0593 2404  Netaapl - ok
22:58:31.0640 2404  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
22:58:31.0937 2404  NetBIOS - ok
22:58:32.0046 2404  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
22:58:32.0375 2404  NetBT - ok
22:58:32.0437 2404  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
22:58:32.0734 2404  NetDDE - ok
22:58:32.0765 2404  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
22:58:33.0046 2404  NetDDEdsdm - ok
22:58:33.0109 2404  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
22:58:33.0390 2404  Netlogon - ok
22:58:33.0453 2404  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
22:58:33.0734 2404  Netman - ok
22:58:33.0781 2404  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:58:33.0812 2404  NetTcpPortSharing - ok
22:58:33.0859 2404  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll
22:58:33.0906 2404  Nla - ok
22:58:33.0953 2404  [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm              C:\WINDOWS\system32\DRIVERS\NMnt.sys
22:58:34.0203 2404  nm - ok
22:58:34.0265 2404  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
22:58:34.0515 2404  Npfs - ok
22:58:34.0609 2404  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
22:58:34.0906 2404  Ntfs - ok
22:58:34.0968 2404  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
22:58:35.0203 2404  NtLmSsp - ok
22:58:35.0281 2404  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
22:58:35.0562 2404  NtmsSvc - ok
22:58:35.0671 2404  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
22:58:35.0937 2404  Null - ok
22:58:36.0015 2404  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:58:36.0281 2404  NwlnkFlt - ok
22:58:36.0296 2404  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:58:36.0562 2404  NwlnkFwd - ok
22:58:36.0703 2404  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
22:58:36.0750 2404  odserv - ok
22:58:36.0812 2404  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
22:58:36.0843 2404  ose - ok
22:58:36.0859 2404  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
22:58:37.0203 2404  Parport - ok
22:58:37.0281 2404  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
22:58:37.0578 2404  PartMgr - ok
22:58:37.0656 2404  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
22:58:37.0921 2404  ParVdm - ok
22:58:38.0000 2404  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
22:58:38.0265 2404  PCI - ok
22:58:38.0281 2404  PCIDump - ok
22:58:38.0296 2404  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
22:58:38.0546 2404  PCIIde - ok
22:58:38.0640 2404  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
22:58:38.0937 2404  Pcmcia - ok
22:58:38.0937 2404  PDCOMP - ok
22:58:38.0953 2404  PDFRAME - ok
22:58:38.0968 2404  PDRELI - ok
22:58:38.0984 2404  PDRFRAME - ok
22:58:39.0015 2404  perc2 - ok
22:58:39.0015 2404  perc2hib - ok
22:58:39.0093 2404  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
22:58:39.0125 2404  PlugPlay - ok
22:58:39.0140 2404  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
22:58:39.0406 2404  PolicyAgent - ok
22:58:39.0453 2404  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:58:39.0750 2404  PptpMiniport - ok
22:58:39.0796 2404  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:58:40.0078 2404  ProtectedStorage - ok
22:58:40.0140 2404  [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\WINDOWS\system32\PSIService.exe
22:58:40.0171 2404  ProtexisLicensing - ok
22:58:40.0187 2404  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
22:58:40.0437 2404  PSched - ok
22:58:40.0515 2404  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:58:40.0812 2404  Ptilink - ok
22:58:40.0890 2404  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:58:40.0906 2404  PxHelp20 - ok
22:58:40.0921 2404  ql1080 - ok
22:58:40.0937 2404  Ql10wnt - ok
22:58:40.0953 2404  ql12160 - ok
22:58:40.0953 2404  ql1240 - ok
22:58:40.0968 2404  ql1280 - ok
22:58:41.0015 2404  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:58:41.0281 2404  RasAcd - ok
22:58:41.0359 2404  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
22:58:41.0625 2404  RasAuto - ok
22:58:41.0687 2404  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:58:41.0968 2404  Rasl2tp - ok
22:58:42.0046 2404  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
22:58:42.0328 2404  RasMan - ok
22:58:42.0359 2404  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:58:42.0625 2404  RasPppoe - ok
22:58:42.0671 2404  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
22:58:43.0000 2404  Raspti - ok
22:58:43.0093 2404  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:58:43.0453 2404  Rdbss - ok
22:58:43.0484 2404  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:58:43.0843 2404  RDPCDD - ok
22:58:43.0953 2404  [ 5B3055DAA788BD688594D2F5981F2A83 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
22:58:43.0984 2404  RDPWD - ok
22:58:44.0046 2404  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
22:58:44.0328 2404  RDSessMgr - ok
22:58:44.0421 2404  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
22:58:44.0437 2404  RealNetworks Downloader Resolver Service - ok
22:58:44.0500 2404  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
22:58:44.0750 2404  redbook - ok
22:58:44.0843 2404  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
22:58:45.0093 2404  RemoteAccess - ok
22:58:45.0171 2404  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
22:58:45.0437 2404  ROOTMODEM - ok
22:58:45.0500 2404  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
22:58:45.0812 2404  RpcLocator - ok
22:58:45.0906 2404  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
22:58:45.0968 2404  RpcSs - ok
22:58:46.0015 2404  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
22:58:46.0281 2404  RSVP - ok
22:58:46.0390 2404  [ 162D6AEE49372B9CE17C418CC5CDE7B5 ] RT80x86         C:\WINDOWS\system32\DRIVERS\RT2860.sys
22:58:46.0500 2404  RT80x86 - ok
22:58:46.0531 2404  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
22:58:46.0812 2404  SamSs - ok
22:58:46.0875 2404  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
22:58:47.0203 2404  SCardSvr - ok
22:58:47.0312 2404  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
22:58:47.0546 2404  Schedule - ok
22:58:47.0578 2404  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:58:47.0703 2404  Secdrv - ok
22:58:47.0750 2404  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
22:58:48.0015 2404  seclogon - ok
22:58:48.0109 2404  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
22:58:48.0328 2404  SENS - ok
22:58:48.0390 2404  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
22:58:48.0718 2404  Serial - ok
22:58:48.0781 2404  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
22:58:49.0046 2404  Sfloppy - ok
22:58:49.0140 2404  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
22:58:49.0406 2404  SharedAccess - ok
22:58:49.0468 2404  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:58:49.0515 2404  ShellHWDetection - ok
22:58:49.0531 2404  Simbad - ok
22:58:49.0578 2404  [ 011E958267FEB6ED72F1BFA80072943C ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
22:58:49.0609 2404  SkypeUpdate - ok
22:58:49.0656 2404  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:58:49.0937 2404  SLIP - ok
22:58:49.0953 2404  Sparrow - ok
22:58:50.0046 2404  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
22:58:50.0343 2404  splitter - ok
22:58:50.0421 2404  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
22:58:50.0468 2404  Spooler - ok
22:58:50.0515 2404  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
22:58:50.0640 2404  sr - ok
22:58:50.0718 2404  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll
22:58:50.0828 2404  srservice - ok
22:58:50.0921 2404  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
22:58:51.0015 2404  Srv - ok
22:58:51.0062 2404  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
22:58:51.0218 2404  SSDPSRV - ok
22:58:51.0296 2404  [ 71D609C5DFF067906D930BDE031C4CFE ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
22:58:51.0312 2404  ssmdrv ( UnsignedFile.Multi.Generic ) - warning
22:58:51.0312 2404  ssmdrv - detected UnsignedFile.Multi.Generic (1)
22:58:51.0375 2404  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
22:58:51.0687 2404  stisvc - ok
22:58:51.0765 2404  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:58:52.0015 2404  streamip - ok
22:58:52.0093 2404  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
22:58:52.0359 2404  swenum - ok
22:58:52.0421 2404  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
22:58:52.0703 2404  swmidi - ok
22:58:52.0703 2404  SwPrv - ok
22:58:52.0718 2404  symc810 - ok
22:58:52.0734 2404  symc8xx - ok
22:58:52.0750 2404  sym_hi - ok
22:58:52.0765 2404  sym_u3 - ok
22:58:52.0812 2404  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
22:58:53.0062 2404  sysaudio - ok
22:58:53.0125 2404  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
22:58:53.0406 2404  SysmonLog - ok
22:58:53.0500 2404  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
22:58:53.0812 2404  TapiSrv - ok
22:58:53.0859 2404  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:58:53.0890 2404  Tcpip - ok
22:58:53.0937 2404  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
22:58:54.0203 2404  TDPIPE - ok
22:58:54.0218 2404  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
22:58:54.0484 2404  TDTCP - ok
22:58:54.0546 2404  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
22:58:54.0812 2404  TermDD - ok
22:58:54.0875 2404  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
22:58:55.0156 2404  TermService - ok
22:58:55.0234 2404  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
22:58:55.0281 2404  Themes - ok
22:58:55.0296 2404  TosIde - ok
22:58:55.0343 2404  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
22:58:55.0625 2404  TrkWks - ok
22:58:55.0656 2404  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
22:58:55.0953 2404  Udfs - ok
22:58:55.0953 2404  ultra - ok
22:58:56.0062 2404  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
22:58:56.0359 2404  Update - ok
22:58:56.0468 2404  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
22:58:56.0593 2404  upnphost - ok
22:58:56.0609 2404  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
22:58:56.0875 2404  UPS - ok
22:58:56.0953 2404  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
22:58:56.0968 2404  USBAAPL ( UnsignedFile.Multi.Generic ) - warning
22:58:56.0968 2404  USBAAPL - detected UnsignedFile.Multi.Generic (1)
22:58:57.0031 2404  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:58:57.0281 2404  usbccgp - ok
22:58:57.0328 2404  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:58:57.0578 2404  usbehci - ok
22:58:57.0625 2404  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:58:57.0859 2404  usbhub - ok
22:58:57.0921 2404  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:58:58.0187 2404  usbscan - ok
22:58:58.0265 2404  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:58:58.0578 2404  usbstor - ok
22:58:58.0656 2404  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:58:58.0890 2404  usbuhci - ok
22:58:58.0968 2404  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
22:58:59.0234 2404  usbvideo - ok
22:58:59.0281 2404  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
22:58:59.0515 2404  VgaSave - ok
22:58:59.0531 2404  ViaIde - ok
22:58:59.0609 2404  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
22:58:59.0890 2404  VolSnap - ok
22:58:59.0984 2404  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe
22:59:00.0109 2404  VSS - ok
22:59:00.0203 2404  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll
22:59:00.0468 2404  W32Time - ok
22:59:00.0531 2404  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:59:00.0796 2404  Wanarp - ok
22:59:00.0875 2404  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
22:59:00.0921 2404  Wdf01000 - ok
22:59:00.0937 2404  WDICA - ok
22:59:01.0000 2404  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
22:59:01.0296 2404  wdmaud - ok
22:59:01.0359 2404  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
22:59:01.0640 2404  WebClient - ok
22:59:01.0703 2404  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
22:59:01.0984 2404  winmgmt - ok
22:59:02.0078 2404  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
22:59:02.0125 2404  WmdmPmSN - ok
22:59:02.0171 2404  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:59:02.0421 2404  WmiApSrv - ok
22:59:02.0531 2404  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
22:59:02.0796 2404  wscsvc - ok
22:59:02.0875 2404  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:59:03.0140 2404  WSTCODEC - ok
22:59:03.0234 2404  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
22:59:03.0500 2404  wuauserv - ok
22:59:03.0578 2404  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:59:03.0640 2404  WudfPf - ok
22:59:03.0671 2404  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:59:03.0734 2404  WudfRd - ok
22:59:03.0765 2404  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
22:59:03.0796 2404  WudfSvc - ok
22:59:03.0843 2404  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
22:59:04.0156 2404  WZCSVC - ok
22:59:04.0234 2404  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
22:59:04.0546 2404  xmlprov - ok
22:59:04.0578 2404  ================ Scan global ===============================
22:59:04.0687 2404  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
22:59:04.0703 2404  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
22:59:04.0750 2404  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
22:59:04.0765 2404  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
22:59:04.0765 2404  [Global] - ok
22:59:04.0765 2404  ================ Scan MBR ==================================
22:59:04.0796 2404  [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0
22:59:05.0109 2404  \Device\Harddisk0\DR0 - ok
22:59:05.0109 2404  ================ Scan VBR ==================================
22:59:05.0125 2404  [ 412E605D63C78DBD70CCBB277E9EC288 ] \Device\Harddisk0\DR0\Partition1
22:59:05.0125 2404  \Device\Harddisk0\DR0\Partition1 - ok
22:59:05.0171 2404  [ 57EED6C3A17F27569B640362533DF957 ] \Device\Harddisk0\DR0\Partition2
22:59:05.0171 2404  \Device\Harddisk0\DR0\Partition2 - ok
22:59:05.0187 2404  ============================================================
22:59:05.0187 2404  Scan finished
22:59:05.0187 2404  ============================================================
22:59:05.0359 0556  Detected object count: 7
22:59:05.0359 0556  Actual detected object count: 7
22:59:55.0062 0556  Afc ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:55.0062 0556  Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:55.0062 0556  AntiVirScheduler ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:55.0062 0556  AntiVirScheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:55.0062 0556  AntiVirService ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:55.0062 0556  AntiVirService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:55.0078 0556  ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:55.0078 0556  ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:55.0078 0556  mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:55.0078 0556  mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:55.0078 0556  ssmdrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:55.0078 0556  ssmdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:59:55.0093 0556  USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
22:59:55.0093 0556  USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:00:07.0015 2748  Deinitialize success
         

Alt 25.02.2013, 23:00   #12
markusg
/// Malware-holic
 
Bundestrojaner - Standard

Bundestrojaner



hi kannst du deine Dokumente bilder, etc öffnen?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.02.2013, 14:23   #13
einrapunzel
 
Bundestrojaner - Standard

Bundestrojaner



Hey, ja kann alles öffnen.Muss ich jetzt noch irgendwas machen oder beachten?

Alt 26.02.2013, 15:56   #14
markusg
/// Malware-holic
 
Bundestrojaner - Standard

Bundestrojaner



hi
nutzt du das gerät für Onlinebanking, zum einkaufen, für sonstige Zahlungsabwicklungen, oder ähnlich wichtigem, wie beruflichem?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.02.2013, 22:33   #15
einrapunzel
 
Bundestrojaner - Standard

Bundestrojaner



Nee, habs nur leihweise von nem Bekannten, nutz es eigentlich nur für meine Emails

Antwort

Themen zu Bundestrojaner
bundes, bundestrojaner, desktop.ini, fix, runtergeladen, scan




Ähnliche Themen: Bundestrojaner


  1. Bundestrojaner auf 2.ten Pc
    Plagegeister aller Art und deren Bekämpfung - 26.06.2015 (18)
  2. Bundestrojaner ?
    Log-Analyse und Auswertung - 01.01.2015 (1)
  3. Bundestrojaner
    Plagegeister aller Art und deren Bekämpfung - 22.10.2013 (9)
  4. Bundestrojaner
    Plagegeister aller Art und deren Bekämpfung - 13.08.2013 (13)
  5. Bundestrojaner
    Plagegeister aller Art und deren Bekämpfung - 28.01.2013 (27)
  6. GVU Bundestrojaner
    Plagegeister aller Art und deren Bekämpfung - 18.12.2012 (5)
  7. GVU - Bundestrojaner
    Plagegeister aller Art und deren Bekämpfung - 02.12.2012 (15)
  8. Bundestrojaner
    Log-Analyse und Auswertung - 23.11.2012 (2)
  9. Bundestrojaner will 100€
    Log-Analyse und Auswertung - 21.11.2012 (34)
  10. Bundestrojaner
    Plagegeister aller Art und deren Bekämpfung - 10.11.2012 (13)
  11. Bundestrojaner
    Log-Analyse und Auswertung - 27.09.2012 (31)
  12. Bundestrojaner
    Log-Analyse und Auswertung - 09.09.2012 (2)
  13. Bundestrojaner
    Plagegeister aller Art und deren Bekämpfung - 15.04.2012 (1)
  14. Bundestrojaner
    Log-Analyse und Auswertung - 25.03.2012 (3)
  15. Bundestrojaner
    Log-Analyse und Auswertung - 09.03.2012 (15)
  16. Bundestrojaner
    Plagegeister aller Art und deren Bekämpfung - 07.03.2012 (11)
  17. Bundestrojaner
    Log-Analyse und Auswertung - 14.02.2012 (22)

Zum Thema Bundestrojaner - Habe mir Otl runtergeladen und den Scan sowie den Fix gemacht, wie geh ich jetzt weiter vor? - Bundestrojaner...
Archiv
Du betrachtest: Bundestrojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.