| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC Performer ManagerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.04.2013, 16:23
| #1 |
 |  PC Performer Manager Hallo Forumsgemeinde, Spybot Search and Destroy hat bei mir die Datei pcmngr.exe gefunden und als Bedrohung eingestuft. Nach Verfolgung des Pfades, ist die Datei Bestandteil des PC Performer Managers. Pcmngr.exe habe ich mit Malwarebytes Anti – Malware gelöscht, seitdem erscheint die Meldung nicht mehr. Nach einem weiteren Suchlauf mit Malwarebytes Anti – Malware wurde keine Bedrohung mehr gefunden. Mir ist aufgefallen, das mein Computer (schon vor dem Fund) etwas langsamer geworden ist, kann aber auch sein das es am Alter liegt. Sonst gibt es keine verdächtigen Veränderungen. Der Pfad der Datei: C:\ Dokumente und Einstellungen \ All Users \ Anwendungsdaten \ PC Performer Manager Meine Frage ist, soll ich die noch vorhandene Datei PC Performer Manager löschen und wenn ja wie ? Danke für Eure Hilfe ! |
|
13.04.2013, 16:19
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | PC Performer Manager Hallo und
__________________ Zitat:
 Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner siehe http://www.trojaner-board.de/125889-...tml#post941520 Bitte alles nach Möglichkeit hier in CODE-Tags posten.  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
14.04.2013, 13:30
| #3 |
| | PC Performer ManagerCode:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.04.12.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 xxxxxxxxx :: D63E0FC3CE2B498 [Administrator] 14.04.2013 09:59:21 mbam-log-2013-04-14 (09-59-21).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 249716 Laufzeit: 3 Stunde(n), 37 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:24 on 14/04/2013 (xxx)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter OTL logfile created on: 14.04.2013 14:42:52 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\xxxxxxxxxx\Eigene Dateien\Downloads\Sonstiges\Antivirenprogramme Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,66% Memory free 5,85 Gb Paging File | 5,37 Gb Available in Paging File | 91,76% Paging File free Paging file location(s): c:\pagefile.sys 8188 8188 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 37,11 Gb Total Space | 11,13 Gb Free Space | 29,99% Space Free | Partition Type: NTFS Drive D: | 37,41 Gb Total Space | 36,30 Gb Free Space | 97,03% Space Free | Partition Type: NTFS Computer Name: D63E0FC3CE2B498 | User Name: xxx | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.04.12 21:15:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\Downloads\Sonstiges\Antivirenprogramme\OTL.exe PRC - [2013.04.12 15:47:02 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.04.12 15:46:05 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2013.04.12 15:46:02 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.04.12 15:45:54 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2013.04.12 15:45:52 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.04.01 12:59:32 | 001,646,216 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe PRC - [2013.03.06 19:53:05 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2012.07.03 10:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy_neu\TeaTimer.exe PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004.05.24 12:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe PRC - [2002.06.18 18:44:20 | 000,046,592 | ---- | M] (Avance Logic, Inc.) -- C:\WINDOWS\SOUNDMAN.EXE PRC - [2002.04.24 03:04:32 | 000,290,816 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\AiO\Shared\Bin\hposts07.exe PRC - [2002.04.24 02:50:00 | 000,299,008 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\AiO\Shared\Bin\hpoevm07.exe PRC - [2002.04.24 02:28:32 | 000,487,484 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe PRC - [2001.07.03 10:17:04 | 000,065,536 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe PRC - [2001.07.03 10:11:52 | 000,057,344 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe ========== Modules (No Company Name) ========== MOD - [2013.04.12 15:47:12 | 000,397,704 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2013.03.06 10:57:59 | 002,232,272 | ---- | M] () -- c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Performer Manager\2.6.1125.80\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll MOD - [2009.02.27 17:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU MOD - [2002.04.24 03:23:40 | 000,028,672 | ---- | M] () -- C:\Programme\Hewlett-Packard\AiO\Shared\Bin\hpopxs07.dll MOD - [2001.07.03 10:17:06 | 000,024,576 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll MOD - [2001.07.03 10:17:04 | 000,065,536 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe ========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013.04.12 15:47:02 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.04.12 15:46:05 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2013.04.12 15:45:54 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.03.06 19:53:05 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2004.05.24 12:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013.04.12 15:47:46 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2013.04.12 15:47:46 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.04.12 15:47:46 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013.04.12 15:47:46 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2010.01.17 21:15:33 | 000,108,032 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV62.sys -- (SSHDRV62) DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004.08.03 23:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC) DRV - [2004.06.02 13:19:00 | 000,038,705 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K) DRV - [2004.06.02 13:17:56 | 000,151,985 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit) DRV - [2004.05.20 08:45:20 | 000,068,950 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP) DRV - [2004.05.20 08:41:54 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint) DRV - [2004.05.20 08:39:42 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps) DRV - [2004.05.20 08:21:10 | 000,036,918 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam) DRV - [2002.06.21 19:26:22 | 000,655,596 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2002.04.19 02:15:46 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2001.08.17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {54EB54F1-271F-452C-A0C2-4FD6E6836667} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{54EB54F1-271F-452C-A0C2-4FD6E6836667}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.gmx.net IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {54EB54F1-271F-452C-A0C2-4FD6E6836667} IE - HKCU\..\SearchScopes\{7DB02800-4267-4367-BC3E-6140AC9B0A58}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=c38efc55-424e-4693-b841-809c35493fe8&apn_sauid=E6B020F3-53A3-4067-9566-7CDB9549B68A IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Programme\Web Assistant\Firefox [2012.12.09 15:18:37 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.20 08:26:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.google.com CHR - Extension: No name found = C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\ CHR - Extension: No name found = C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2013.04.11 19:46:45 | 000,446,713 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 15338 more lines... O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found. O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy_neu\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard) O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Avance Logic, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" File not found O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy_neu\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnceEx: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy_neu\SDHelper.dll (Safer Networking Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1284568858303 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346448354968 (MUWebControl Class) O16 - DPF: {DF6504AC-3EFE-4287-B259-FB299B069C95} https://img.web.de/v/mail/activex/fa_os_mms/upload_1141.cab (WEBDE Fotoalbum Upload Control) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4651F23D-E49B-49DA-A501-DF3B0F7BD325}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll) - c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Performer Manager\2.6.1125.80\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.10.12 10:15:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{2ed2df72-b710-11de-809e-0010dcdb8abc}\Shell - "" = AutoRun O33 - MountPoints2\{2ed2df72-b710-11de-809e-0010dcdb8abc}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{2ed2df72-b710-11de-809e-0010dcdb8abc}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.04.14 13:42:19 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Alexander Nelle\Recent [2013.04.13 09:22:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2013.04.13 09:22:35 | 000,000,000 | ---D | C] -- C:\Programme\MSBuild [2013.04.13 09:22:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2013.04.13 09:22:05 | 000,000,000 | ---D | C] -- C:\Programme\Reference Assemblies [2013.04.13 09:20:54 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2013.04.13 09:20:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll [2013.04.13 09:20:53 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe [2013.04.13 09:20:53 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2013.04.13 09:20:52 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2013.04.13 09:20:52 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2013.04.12 16:02:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\DoNotTrackPlus [2013.04.12 16:02:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\CallingID [2013.04.12 16:02:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\AskToolbar [2013.04.12 16:00:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Avira [2013.04.12 15:56:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AskToolbar [2013.04.12 15:55:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira [2013.04.12 15:54:43 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com [2013.04.12 15:54:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\AskToolbar [2013.04.12 15:53:54 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2013.04.12 15:53:52 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2013.04.12 15:53:52 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2013.04.12 15:53:52 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2013.04.12 15:53:46 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2013.04.12 15:53:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira [2013.04.07 19:25:45 | 000,000,000 | ---D | C] -- C:\Programme\Unlocker [2013.04.07 19:19:27 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2013.04.07 19:18:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2013.04.07 12:08:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2013.04.07 12:08:55 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013.04.07 12:08:54 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2013.04.05 17:38:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Ordner HP Share-to-Web [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.14 14:50:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2013.04.14 14:40:35 | 000,448,470 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.04.14 14:40:35 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.04.14 14:40:35 | 000,079,910 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.04.14 14:40:35 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.04.14 14:36:17 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.04.14 14:36:10 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-xxx-Startup.job [2013.04.14 14:36:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.04.14 14:08:08 | 000,001,108 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.04.14 11:27:37 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013.04.14 11:27:34 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013.04.13 09:45:01 | 000,122,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.04.12 16:29:27 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2013.04.12 15:55:36 | 000,001,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2013.04.12 15:47:46 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2013.04.12 15:47:46 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2013.04.12 15:47:46 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2013.04.12 15:47:46 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2013.04.11 20:47:00 | 015,425,536 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mbb [2013.04.11 20:47:00 | 006,408,192 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mb [2013.04.11 19:46:45 | 000,446,713 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2013.04.11 19:06:30 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.04.06 19:36:35 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2013.04.06 17:56:30 | 000,446,345 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130411-194645.backup [2013.04.06 17:06:03 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013.04.06 15:25:29 | 000,446,345 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130406-175630.backup [2013.04.05 21:05:23 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013.03.31 10:48:55 | 000,446,345 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130406-152529.backup [2013.03.29 21:49:06 | 000,150,528 | ---- | M] () -- C:\temp.raw [2013.03.29 18:06:07 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2013.03.29 18:05:39 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2013.03.29 16:46:16 | 000,000,838 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PDF-Viewer.lnk [2013.03.29 11:41:34 | 000,446,345 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130331-104855.backup [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.12 15:55:36 | 000,001,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2013.04.12 15:55:21 | 000,000,246 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2013.04.07 12:09:00 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.21 22:03:05 | 000,007,670 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\.freeciv-client-rc-2.3 [2012.09.20 21:50:44 | 000,000,136 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2012.06.07 21:43:31 | 000,003,307 | ---- | C] () -- C:\WINDOWS\wininit.ini [2012.02.15 11:29:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.12.09 21:28:43 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2011.12.03 21:10:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.11.25 20:45:29 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL [2010.10.02 19:42:32 | 000,040,721 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\.jose.user.preferences [2010.09.26 15:34:57 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2010.07.15 17:37:30 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\sversion.ini [2010.02.03 21:41:39 | 000,005,095 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\xnwfyhdk.mld [2009.10.15 20:21:17 | 000,016,384 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2013.04.07 19:19:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2010.06.24 14:10:50 | 001,509,888 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 88 bytes -> C:\Dokumente und Einstellungen\xxx\Desktop\Aktuelles.doc:SummaryInformation < End of report > Code:
ATTFilter OTL Extras logfile created on: 12.04.2013 21:19:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\xxx\Eigene Dateien\Downloads\Sonstiges
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,44% Memory free
5,85 Gb Paging File | 5,20 Gb Available in Paging File | 88,85% Paging File free
Paging file location(s): c:\pagefile.sys 8188 8188 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37,11 Gb Total Space | 11,89 Gb Free Space | 32,04% Space Free | Partition Type: NTFS
Drive D: | 37,41 Gb Total Space | 36,30 Gb Free Space | 97,04% Space Free | Partition Type: NTFS
Computer Name: D63E0FC3CE2B498 | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()
"C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temporary Internet Files\Content.IE5\6W6NRN68\SweetImSetup[1].exe" = C:\Dokumente und Einstellungen\Alexander Nelle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\6W6NRN68\SweetImSetup[1].exe:*:Enabled:SweetIM Installer
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Freeciv-2.3.2-gtk2\freeciv-server.exe" = C:\Dokumente und Einstellungen\Alexander Nelle\Lokale Einstellungen\Anwendungsdaten\Freeciv-2.3.2-gtk2\freeciv-server.exe:*:Enabled:freeciv-server
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}" = VCAMCEN
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = bProtector for Windows
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38441BE7-79B0-42B8-8297-833704F949FE}" = HLPIndex
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{469730CC-78DF-4CD3-B286-562D459EA619}" = ESSCAM
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F677FC7-7AA8-412B-A957-F13CBE1C7331}" = ESSSONIC
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{55FA89BD-21D3-42F7-9249-C94C0094A83C}" = Apple Software Update
"{5B2C4D32-A7CD-44B0-8619-4ADBE301B2D3}" = pdfforge Toolbar v5.8
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69BD6399-3D8F-45B7-81D9-819361F5101D}" = PCDLNCH
"{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = Power Cinema
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}" = ESSCT
"{8DD94CA3-BCD2-49C0-B537-F3B5D95FF0C8}" = HLPSFO
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}" = CCHelp
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A6F18A67-B771-4191-8A33-36D2E742D6D9}" = ESSANUP
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.4 - Deutsch
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B02A7816-AA3D-4BCB-9FEC-3ED4D5CC6E5C}" = Royal Skat
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}" = SFR
"{CA60320D-6A16-49C8-A34F-84EEF4799567}" = ESSTUTOR
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector Pro
"{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}" = ESSAdpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F0BA5720-E189-11D4-9EA1-0050BAE317E1}" = PowerVCR II
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC}" = HLPCCTR
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340}" = ESSEMAIL
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"ANSTOSS 3_is1" = ANSTOSS 3
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"GPL Ghostscript 9.00" = GPL Ghostscript 9.00
"HP Fotodruck-Programm" = HP Fotodruck-Programm
"hp psc 700 series 1256489411" = hp psc 700 series
"hp psc 700 series 1290890653" = hp psc 700 series - 2
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"jose-chess" = jose
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MediaShow" = Medi@Show
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"MSNINST" = MSN
"NMPUninstallKey" = Ahead NeroMediaPlayer
"PDF Blender" = PDF Blender
"VideoLive Mail" = VideoLive Mail 4.0
"VLC media player" = VLC media player 0.9.4
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.04.2013 09:58:01 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung SaUpdate.exe, Version 0.0.0.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb7456.
Error - 12.04.2013 10:24:14 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb74b2.
Error - 12.04.2013 15:15:34 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb74b2.
[ Application Events ]
Error - 12.04.2013 09:58:01 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung SaUpdate.exe, Version 0.0.0.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb7456.
Error - 12.04.2013 10:24:14 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb74b2.
Error - 12.04.2013 15:15:34 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb74b2.
[ System Events ]
Error - 01.04.2013 04:57:10 | Computer Name = D63E0FC3CE2B498 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 06.04.2013 11:06:04 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842813
Description = Syntaxfehler in Manifest- oder Richtliniendatei "C:\Programme\Apple
Software Update\Plugins\EXEInstallPlugin.dll.Manifest" in Zeile 2. Das erforderliche
Attribut version fehlt in Element assemblyIdentity.
Error - 06.04.2013 11:06:04 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842810
Description = Syntaxfehler in der Manifest- oder Richtliniendatei "C:\Programme\Apple
Software Update\Plugins\EXEInstallPlugin.dll.Manifest" in Zeile 2.
Error - 06.04.2013 11:06:04 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest
fehlgeschlagen. Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet. .
Error - 06.04.2013 11:06:05 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842813
Description = Syntaxfehler in Manifest- oder Richtliniendatei "C:\Programme\Apple
Software Update\Plugins\MSIInstallPlugin.dll.Manifest" in Zeile 2. Das erforderliche
Attribut version fehlt in Element assemblyIdentity.
Error - 06.04.2013 11:06:05 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842810
Description = Syntaxfehler in der Manifest- oder Richtliniendatei "C:\Programme\Apple
Software Update\Plugins\MSIInstallPlugin.dll.Manifest" in Zeile 2.
Error - 06.04.2013 11:06:05 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest
fehlgeschlagen. Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet. .
Error - 07.04.2013 13:40:31 | Computer Name = D63E0FC3CE2B498 | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet
beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden
in 30000 Millisekunden durchgeführt: Starten Sie den Dienst neu..
Error - 11.04.2013 13:07:44 | Computer Name = D63E0FC3CE2B498 | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
(0x80072751)
Error - 11.04.2013 13:07:44 | Computer Name = D63E0FC3CE2B498 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 13 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
< End of report >
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-14 17:12:26
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST380022A rev.3.30 74,53GB
Running: gmer_2.1.19163.exe; Driver: C:\DOKUME~1\xxx\LOKALE~1\Temp\awgdraod.sys
---- System - GMER 2.1 ----
SSDT B53AE3E4 ZwClose
SSDT B53AE39E ZwCreateKey
SSDT B53AE3EE ZwCreateSection
SSDT B53AE394 ZwCreateThread
SSDT B53AE3A3 ZwDeleteKey
SSDT B53AE3AD ZwDeleteValueKey
SSDT B53AE3DF ZwDuplicateObject
SSDT B53AE3B2 ZwLoadKey
SSDT B53AE380 ZwOpenProcess
SSDT B53AE385 ZwOpenThread
SSDT B53AE407 ZwQueryValueKey
SSDT B53AE3BC ZwReplaceKey
SSDT B53AE3F8 ZwRequestWaitReplyPort
SSDT B53AE3B7 ZwRestoreKey
SSDT B53AE3F3 ZwSetContextThread
SSDT B53AE3FD ZwSetSecurityObject
SSDT B53AE3A8 ZwSetValueKey
SSDT B53AE402 ZwSystemDebugControl
SSDT B53AE38F ZwTerminateProcess
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\svchost.exe[688] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
.text C:\WINDOWS\system32\winlogon.exe[740] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
.text C:\WINDOWS\system32\services.exe[784] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
.text C:\WINDOWS\system32\lsass.exe[796] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
.text C:\WINDOWS\system32\svchost.exe[956] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
.text ...
.text C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 4126DB04 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 4136727F C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 413671B1 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 4136721C C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 41367082 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 413670E4 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 413672E2 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 41367146 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 4119550D C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 41269A95 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!CallNextHookEx 7E37B3C6 5 Bytes JMP 4125D10D C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 4126DB04 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 411D4674 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 4136727F C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 413671B1 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 4136721C C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 41367082 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 413670E4 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 413672E2 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 41367146 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] ole32.dll!CoCreateInstance 774CF1BC 5 Bytes JMP 4126DB60 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Programme\Internet Explorer\iexplore.exe[2504] ole32.dll!OleLoadFromStream 774F983B 5 Bytes JMP 41367600 C:\WINDOWS\system32\IEFRAME.dll
.text C:\WINDOWS\System32\svchost.exe[2832] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
.text C:\Programme\Windows Media Player\WMPNetwk.exe[3448] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
.text C:\Dokumente und Einstellungen\xxx\Eigene Dateien\Downloads\Sonstiges\Antivirenprogramme\gmer_2.1.19163.exe[3688] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
---- User IAT/EAT - GMER 2.1 ----
IAT C:\WINDOWS\system32\svchost.exe[688] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[688] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[688] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryW] [10009A50] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtOpenFile] [10009BC0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtOpenKey] [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtQueryValueKey] [1000DAC0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtClose] [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtSetValueKey] [1000DB30] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtCreateKey] [1000DBA0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryW] [10009A50] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtCreateKey] [1000DBA0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryValueKey] [1000DAC0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtSetValueKey] [1000DB30] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteValueKey] [1000DDA0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtEnumerateKey] [1000D9E0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtOpenKey] [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteKey] [1000DD50] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtSetInformationFile] [10009D70] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryInformationFile] [10009440] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteFile] [10009D20] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtOpenFile] [10009BC0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryKey] [10009400] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtClose] [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[956] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[956] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[956] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\System32\svchost.exe[1144] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\System32\svchost.exe[1144] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\System32\svchost.exe[1144] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1256] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1256] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1256] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1400] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1400] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1400] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\Explorer.EXE[1496] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\Explorer.EXE[1496] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [10009A50] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1852] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1852] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\system32\svchost.exe[1852] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\System32\svchost.exe[2832] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\System32\svchost.exe[2832] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
IAT C:\WINDOWS\System32\svchost.exe[2832] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
---- Devices - GMER 2.1 ----
Device \Driver\BTHUSB \Device\00000066 bthport.sys
Device \Driver\BTHUSB \Device\00000068 bthport.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001060a94821 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001060a94821@00265d50b7d2 0xC0 0x93 0x43 0xAF ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060a94821
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001060a94821 (not active ControlSet)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF\Usage@CallingID 1116604913
---- EOF - GMER 2.1 ----
Geändert von Alessandro77 (14.04.2013 um 14:22 Uhr) |
|
15.04.2013, 11:22
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer Manager Wieso postest du nur ein Log von MBAM ohne Funde?  Wo sind die MABM-Logs mit Funden? Bitte nachreichen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.04.2013, 18:51
| #5 |
| | PC Performer Manager MABM hat, auch nach mehreren Suchläufen, nie etwas auf meinem Computer gefunden. Alle MABM-Logs sind sauber, obwohl ja noch die Datei PC Performer Manager vorhanden ist. (Siehe Pfad erster Beitrag) Nach der Warnung von Spybot Search and Destroy, habe ich lediglich die Datei pcpmngr.exe gelöscht. Daher auch meine Frage im ersten Beitrag, wie ich mit der noch verbliebenen Datei PC Performer Manager umgehen soll. Geändert von Alessandro77 (15.04.2013 um 19:50 Uhr) |
|
15.04.2013, 20:22
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer Manager Aber du hast doch das hier geschrieben: Zitat:
Bevor wir uns an die weitere Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> PC Performer Manager |
|
19.04.2013, 19:37
| #7 |
| | PC Performer ManagerCode:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
Account is Administrative
Internet Explorer version: 8.0.6001.18702
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.405000 GHz
Memory total: 2146947072, free: 1399939072
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
Account is Administrative
Internet Explorer version: 8.0.6001.18702
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.405000 GHz
Memory total: 2146947072, free: 1400270848
------------ Kernel report ------------
04/15/2013 21:49:12
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
sisagp.sys
Mup.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ALCXWDM.SYS
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\sisnic.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\gameenum.sys
\SystemRoot\system32\drivers\msmpu401.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\flpydisk.sys
\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\system32\DRIVERS\DcCam.sys
\SystemRoot\system32\DRIVERS\EXPORTIT.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\tcpip6.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\drivers\ip6fw.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\drivers\dcfs2k.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff89bcaab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff89bbf940
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Load Function returned 0x0
Downloaded database version: v2013.04.15.09
Downloaded database version: v2013.03.25.01
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
Account is Administrative
Internet Explorer version: 8.0.6001.18702
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.405000 GHz
Memory total: 2146947072, free: 1428725760
------------ Kernel report ------------
04/19/2013 16:14:15
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
sisagp.sys
Mup.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ALCXWDM.SYS
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\sisnic.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\gameenum.sys
\SystemRoot\system32\drivers\msmpu401.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\flpydisk.sys
\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\system32\DRIVERS\DcCam.sys
\SystemRoot\system32\DRIVERS\EXPORTIT.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\tcpip6.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\drivers\ip6fw.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\drivers\dcfs2k.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\421E2169.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
------------ Kernel report ------------
04/19/2013 16:18:30
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
sisagp.sys
Mup.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ALCXWDM.SYS
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\sisnic.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\gameenum.sys
\SystemRoot\system32\drivers\msmpu401.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\flpydisk.sys
\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\system32\DRIVERS\DcCam.sys
\SystemRoot\system32\DRIVERS\EXPORTIT.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\tcpip6.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\drivers\ip6fw.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\drivers\dcfs2k.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\67336FBF.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
------------ Kernel report ------------
04/19/2013 16:35:55
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
sisagp.sys
Mup.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ALCXWDM.SYS
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\sisnic.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\gameenum.sys
\SystemRoot\system32\drivers\msmpu401.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\flpydisk.sys
\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\system32\DRIVERS\DcCam.sys
\SystemRoot\system32\DRIVERS\EXPORTIT.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\tcpip6.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\drivers\ip6fw.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\drivers\dcfs2k.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\System32\Drivers\HTTP.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\7B862918.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
Account is Administrative
Internet Explorer version: 8.0.6001.18702
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.405000 GHz
Memory total: 2146947072, free: 1859301376
------------ Kernel report ------------
04/19/2013 16:51:10
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
sisagp.sys
Mup.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ALCXWDM.SYS
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\sisnic.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\gameenum.sys
\SystemRoot\system32\drivers\msmpu401.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\flpydisk.sys
\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\system32\DRIVERS\DcCam.sys
\SystemRoot\system32\DRIVERS\EXPORTIT.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\tcpip6.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\drivers\ip6fw.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\drivers\dcfs2k.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\system32\DRIVERS\srv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\4EDA124E.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
------------ Kernel report ------------
04/19/2013 16:53:11
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
sisagp.sys
Mup.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ALCXWDM.SYS
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\sisnic.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\gameenum.sys
\SystemRoot\system32\drivers\msmpu401.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\flpydisk.sys
\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\system32\DRIVERS\DcCam.sys
\SystemRoot\system32\DRIVERS\EXPORTIT.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\tcpip6.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\drivers\ip6fw.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\drivers\dcfs2k.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\system32\DRIVERS\srv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\6D286685.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
------------ Kernel report ------------
04/19/2013 17:27:32
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
sisagp.sys
Mup.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ALCXWDM.SYS
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\sisnic.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\gameenum.sys
\SystemRoot\system32\drivers\msmpu401.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\flpydisk.sys
\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\system32\DRIVERS\DcCam.sys
\SystemRoot\system32\DRIVERS\EXPORTIT.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\tcpip6.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\drivers\ip6fw.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\drivers\dcfs2k.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\system32\DRIVERS\srv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\68596DA2.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
Account is Administrative
Internet Explorer version: 8.0.6001.18702
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.405000 GHz
Memory total: 2146947072, free: 1860014080
=======================================
|
|
19.04.2013, 19:42
| #8 |
| | PC Performer ManagerCode:
ATTFilter 19:07:47.0562 3184 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:07:48.0406 3184 ============================================================
19:07:48.0406 3184 Current date / time: 2013/04/19 19:07:48.0406
19:07:48.0406 3184 SystemInfo:
19:07:48.0406 3184
19:07:48.0406 3184 OS Version: 5.1.2600 ServicePack: 3.0
19:07:48.0406 3184 Product type: Workstation
19:07:48.0406 3184 ComputerName: D63E0FC3CE2B498
19:07:48.0421 3184 UserName: xxxxxx
19:07:48.0421 3184 Windows directory: C:\WINDOWS
19:07:48.0421 3184 System windows directory: C:\WINDOWS
19:07:48.0421 3184 Processor architecture: Intel x86
19:07:48.0421 3184 Number of processors: 1
19:07:48.0421 3184 Page size: 0x1000
19:07:48.0421 3184 Boot type: Normal boot
19:07:48.0421 3184 ============================================================
19:07:52.0859 3184 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:07:52.0859 3184 ============================================================
19:07:52.0859 3184 \Device\Harddisk0\DR0:
19:07:52.0859 3184 MBR partitions:
19:07:52.0859 3184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A3AA6E
19:07:52.0875 3184 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4A3AAEC, BlocksNum 0x4ACFB14
19:07:52.0875 3184 ============================================================
19:07:52.0921 3184 C: <-> \Device\Harddisk0\DR0\Partition1
19:07:52.0968 3184 D: <-> \Device\Harddisk0\DR0\Partition2
19:07:52.0984 3184 ============================================================
19:07:52.0984 3184 Initialize success
19:07:52.0984 3184 ============================================================
19:08:29.0796 1772 ============================================================
19:08:29.0796 1772 Scan started
19:08:29.0796 1772 Mode: Manual; SigCheck; TDLFS;
19:08:29.0796 1772 ============================================================
19:08:31.0421 1772 ================ Scan system memory ========================
19:08:31.0421 1772 System memory - ok
19:08:31.0437 1772 ================ Scan services =============================
19:08:31.0750 1772 [ D5A6658CBFBBF9A0F8827E83C9FDE806 ] 6to4 C:\WINDOWS\System32\6to4svc.dll
19:08:33.0296 1772 6to4 - ok
19:08:33.0343 1772 Abiosdsk - ok
19:08:33.0359 1772 abp480n5 - ok
19:08:33.0453 1772 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:08:36.0953 1772 ACPI - ok
19:08:37.0000 1772 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:08:37.0234 1772 ACPIEC - ok
19:08:37.0250 1772 adpu160m - ok
19:08:37.0328 1772 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:08:37.0593 1772 aec - ok
19:08:37.0671 1772 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:08:37.0828 1772 AFD - ok
19:08:37.0843 1772 Aha154x - ok
19:08:37.0859 1772 aic78u2 - ok
19:08:37.0875 1772 aic78xx - ok
19:08:38.0156 1772 [ 7BFE59F5EFF8896D043CFDE731B262E9 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:08:38.0453 1772 ALCXWDM - ok
19:08:38.0484 1772 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:08:38.0718 1772 Alerter - ok
19:08:38.0750 1772 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
19:08:39.0140 1772 ALG - ok
19:08:39.0156 1772 AliIde - ok
19:08:39.0156 1772 amsint - ok
19:08:39.0281 1772 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
19:08:39.0328 1772 AntiVirSchedulerService - ok
19:08:39.0390 1772 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:08:39.0562 1772 AntiVirService - ok
19:08:39.0796 1772 [ 5A123AABB571AEA78AE63AF5E372F796 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:08:39.0906 1772 AntiVirWebService - ok
19:08:39.0921 1772 AppMgmt - ok
19:08:39.0968 1772 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:08:40.0312 1772 Arp1394 - ok
19:08:40.0312 1772 asc - ok
19:08:40.0312 1772 asc3350p - ok
19:08:40.0328 1772 asc3550 - ok
19:08:40.0453 1772 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:08:40.0546 1772 aspnet_state - ok
19:08:40.0562 1772 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:08:40.0765 1772 AsyncMac - ok
19:08:40.0843 1772 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:08:41.0250 1772 atapi - ok
19:08:41.0265 1772 Atdisk - ok
19:08:41.0312 1772 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:08:41.0546 1772 Atmarpc - ok
19:08:41.0593 1772 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:08:41.0843 1772 AudioSrv - ok
19:08:41.0875 1772 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:08:42.0078 1772 audstub - ok
19:08:42.0140 1772 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:08:42.0171 1772 avgntflt - ok
19:08:42.0375 1772 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:08:42.0406 1772 avipbb - ok
19:08:42.0437 1772 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:08:42.0468 1772 avkmgr - ok
19:08:42.0500 1772 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:08:42.0718 1772 Beep - ok
19:08:42.0843 1772 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
19:08:43.0468 1772 BITS - ok
19:08:43.0531 1772 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
19:08:43.0656 1772 Browser - ok
19:08:43.0687 1772 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
19:08:43.0921 1772 BthEnum - ok
19:08:43.0953 1772 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
19:08:44.0234 1772 BTHMODEM - ok
19:08:44.0296 1772 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
19:08:44.0609 1772 BthPan - ok
19:08:44.0750 1772 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
19:08:44.0859 1772 BTHPORT - ok
19:08:44.0890 1772 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
19:08:45.0109 1772 BthServ - ok
19:08:45.0125 1772 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
19:08:45.0406 1772 BTHUSB - ok
19:08:45.0781 1772 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:08:46.0093 1772 cbidf2k - ok
19:08:46.0093 1772 cd20xrnt - ok
19:08:46.0125 1772 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:08:46.0343 1772 Cdaudio - ok
19:08:46.0375 1772 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:08:47.0015 1772 Cdfs - ok
19:08:47.0062 1772 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:08:47.0296 1772 Cdrom - ok
19:08:47.0296 1772 Changer - ok
19:08:47.0328 1772 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:08:47.0656 1772 CiSvc - ok
19:08:47.0718 1772 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:08:48.0125 1772 ClipSrv - ok
19:08:48.0203 1772 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:08:48.0343 1772 clr_optimization_v2.0.50727_32 - ok
19:08:48.0359 1772 CmdIde - ok
19:08:48.0390 1772 COMSysApp - ok
19:08:48.0437 1772 Cpqarray - ok
19:08:48.0500 1772 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:08:48.0921 1772 CryptSvc - ok
19:08:48.0937 1772 dac2w2k - ok
19:08:48.0953 1772 dac960nt - ok
19:08:49.0015 1772 [ B1AD007F9A7DD8CFC981958D5C167D2D ] DcCam C:\WINDOWS\system32\DRIVERS\DcCam.sys
19:08:49.0109 1772 DcCam - ok
19:08:49.0156 1772 [ 5FD20284CAAF112201311619FF89FA44 ] DcFpoint C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
19:08:49.0281 1772 DcFpoint - ok
19:08:49.0328 1772 [ 867F7E6841B15D32481C3F1B83364E3A ] DCFS2K C:\WINDOWS\system32\drivers\dcfs2k.sys
19:08:49.0437 1772 DCFS2K - ok
19:08:49.0468 1772 [ 1B889AC45FAF088FF2AF690779368956 ] DcLps C:\WINDOWS\system32\DRIVERS\DcLps.sys
19:08:49.0515 1772 DcLps - ok
19:08:49.0828 1772 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:08:50.0046 1772 DcomLaunch - ok
19:08:50.0093 1772 [ 47B1CCEC23AEC5AE6A2005D1A0D8ED65 ] DcPTP C:\WINDOWS\system32\DRIVERS\DcPTP.sys
19:08:50.0171 1772 DcPTP - ok
19:08:50.0250 1772 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:08:50.0453 1772 Dhcp - ok
19:08:50.0500 1772 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:08:50.0906 1772 Disk - ok
19:08:50.0921 1772 dmadmin - ok
19:08:51.0046 1772 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:08:51.0640 1772 dmboot - ok
19:08:51.0703 1772 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:08:52.0109 1772 dmio - ok
19:08:52.0140 1772 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:08:52.0453 1772 dmload - ok
19:08:52.0500 1772 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:08:53.0062 1772 dmserver - ok
19:08:53.0093 1772 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:08:53.0671 1772 DMusic - ok
19:08:53.0718 1772 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:08:53.0796 1772 Dnscache - ok
19:08:53.0843 1772 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:08:54.0421 1772 Dot3svc - ok
19:08:54.0500 1772 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
19:08:54.0828 1772 dot4 - ok
19:08:54.0859 1772 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
19:08:55.0078 1772 Dot4Print - ok
19:08:55.0281 1772 [ BD05306428DA63369692477DDC0F6F5F ] Dot4Scan C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
19:08:55.0562 1772 Dot4Scan - ok
19:08:55.0593 1772 [ 29E86AF2F3457D0441348020FE3CFBD0 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
19:08:55.0812 1772 dot4usb - ok
19:08:55.0812 1772 dpti2o - ok
19:08:55.0859 1772 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:08:56.0046 1772 drmkaud - ok
19:08:56.0078 1772 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:08:56.0437 1772 EapHost - ok
19:08:56.0468 1772 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:08:56.0671 1772 ERSvc - ok
19:08:56.0734 1772 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
19:08:56.0921 1772 Eventlog - ok
19:08:57.0015 1772 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
19:08:57.0109 1772 EventSystem - ok
19:08:57.0171 1772 [ 20FF28FB3B268E7C76B10841A9F81BA4 ] Exportit C:\WINDOWS\system32\DRIVERS\exportit.sys
19:08:57.0437 1772 Exportit - ok
19:08:57.0500 1772 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:08:57.0687 1772 Fastfat - ok
19:08:57.0765 1772 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:08:57.0843 1772 FastUserSwitchingCompatibility - ok
19:08:57.0875 1772 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:08:58.0062 1772 Fdc - ok
19:08:58.0093 1772 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:08:58.0437 1772 Fips - ok
19:08:58.0468 1772 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:08:58.0656 1772 Flpydisk - ok
19:08:58.0718 1772 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:08:59.0078 1772 FltMgr - ok
19:08:59.0156 1772 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:08:59.0218 1772 FontCache3.0.0.0 - ok
19:08:59.0234 1772 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:08:59.0625 1772 Fs_Rec - ok
19:08:59.0671 1772 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:08:59.0984 1772 Ftdisk - ok
19:09:00.0015 1772 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:09:00.0203 1772 gameenum - ok
19:09:00.0250 1772 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:09:00.0625 1772 Gpc - ok
19:09:00.0734 1772 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
19:09:00.0765 1772 gupdate - ok
19:09:00.0812 1772 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
19:09:00.0843 1772 gupdatem - ok
19:09:00.0921 1772 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:09:01.0171 1772 helpsvc - ok
19:09:01.0171 1772 HidServ - ok
19:09:01.0218 1772 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:09:01.0421 1772 HidUsb - ok
19:09:01.0468 1772 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:09:01.0812 1772 hkmsvc - ok
19:09:01.0828 1772 hpn - ok
19:09:01.0953 1772 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:09:02.0062 1772 HTTP - ok
19:09:02.0093 1772 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:09:02.0625 1772 HTTPFilter - ok
19:09:02.0640 1772 i2omgmt - ok
19:09:02.0656 1772 i2omp - ok
19:09:02.0703 1772 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:09:02.0937 1772 i8042prt - ok
19:09:03.0406 1772 [ BE4D946B5D8745DD7CD4CA9CA04F4989 ] IBUpdaterService C:\WINDOWS\system32\dmwu.exe
19:09:03.0906 1772 IBUpdaterService - ok
19:09:04.0250 1772 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:09:05.0437 1772 idsvc - ok
19:09:05.0468 1772 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:09:05.0734 1772 Imapi - ok
19:09:05.0812 1772 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
19:09:06.0093 1772 ImapiService - ok
19:09:06.0109 1772 ini910u - ok
19:09:06.0296 1772 IntelIde - ok
19:09:06.0375 1772 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:09:06.0859 1772 intelppm - ok
19:09:06.0921 1772 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:09:07.0187 1772 Ip6Fw - ok
19:09:07.0218 1772 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:09:07.0718 1772 IpFilterDriver - ok
19:09:07.0828 1772 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:09:08.0093 1772 IpInIp - ok
19:09:08.0187 1772 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:09:08.0437 1772 IpNat - ok
19:09:08.0484 1772 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:09:08.0796 1772 IPSec - ok
19:09:08.0828 1772 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:09:09.0015 1772 IRENUM - ok
19:09:09.0078 1772 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:09:09.0421 1772 isapnp - ok
19:09:09.0671 1772 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
19:09:09.0750 1772 JavaQuickStarterService - ok
19:09:09.0781 1772 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:09:10.0078 1772 Kbdclass - ok
19:09:10.0156 1772 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:09:10.0484 1772 kmixer - ok
19:09:10.0609 1772 [ 4E1060D2F3B745931CF83B3649BE8A57 ] KodakCCS C:\WINDOWS\system32\drivers\KodakCCS.exe
19:09:10.0734 1772 KodakCCS - ok
19:09:10.0890 1772 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:09:11.0171 1772 KSecDD - ok
19:09:11.0250 1772 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:09:11.0453 1772 lanmanserver - ok
19:09:11.0609 1772 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:09:11.0937 1772 lanmanworkstation - ok
19:09:11.0968 1772 lbrtfdc - ok
19:09:12.0031 1772 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:09:12.0265 1772 LmHosts - ok
19:09:12.0328 1772 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:09:12.0656 1772 Messenger - ok
19:09:12.0703 1772 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:09:12.0937 1772 mnmdd - ok
19:09:12.0968 1772 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:09:13.0296 1772 mnmsrvc - ok
19:09:13.0359 1772 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:09:13.0593 1772 Modem - ok
19:09:13.0625 1772 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:09:13.0828 1772 Mouclass - ok
19:09:13.0859 1772 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:09:14.0062 1772 mouhid - ok
19:09:14.0109 1772 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:09:14.0406 1772 MountMgr - ok
19:09:14.0406 1772 mraid35x - ok
19:09:14.0531 1772 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:09:14.0796 1772 MRxDAV - ok
19:09:14.0984 1772 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:09:15.0140 1772 MRxSmb - ok
19:09:15.0171 1772 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:09:15.0421 1772 MSDTC - ok
19:09:15.0453 1772 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:09:15.0671 1772 Msfs - ok
19:09:15.0687 1772 MSIServer - ok
19:09:15.0718 1772 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:09:15.0937 1772 MSKSSRV - ok
19:09:15.0953 1772 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:09:16.0187 1772 MSPCLOCK - ok
19:09:16.0218 1772 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:09:16.0453 1772 MSPQM - ok
19:09:16.0468 1772 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:09:16.0640 1772 mssmbios - ok
19:09:16.0671 1772 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
19:09:16.0875 1772 ms_mpu401 - ok
19:09:16.0937 1772 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:09:17.0015 1772 Mup - ok
19:09:17.0109 1772 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
19:09:17.0531 1772 napagent - ok
19:09:17.0609 1772 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:09:18.0125 1772 NDIS - ok
19:09:18.0171 1772 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:09:18.0234 1772 NdisTapi - ok
19:09:18.0250 1772 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:09:18.0515 1772 Ndisuio - ok
19:09:18.0578 1772 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:09:18.0812 1772 NdisWan - ok
19:09:18.0875 1772 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:09:18.0984 1772 NDProxy - ok
19:09:19.0015 1772 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:09:19.0250 1772 NetBIOS - ok
19:09:19.0359 1772 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:09:19.0593 1772 NetBT - ok
19:09:19.0656 1772 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
19:09:19.0937 1772 NetDDE - ok
19:09:20.0000 1772 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:09:20.0156 1772 NetDDEdsdm - ok
19:09:20.0203 1772 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:09:20.0484 1772 Netlogon - ok
19:09:20.0578 1772 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
19:09:20.0781 1772 Netman - ok
19:09:20.0859 1772 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:09:20.0968 1772 NetTcpPortSharing - ok
19:09:21.0015 1772 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:09:21.0250 1772 NIC1394 - ok
19:09:21.0375 1772 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
19:09:21.0406 1772 Nla - ok
19:09:21.0437 1772 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:09:21.0640 1772 Npfs - ok
19:09:21.0828 1772 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:09:22.0593 1772 Ntfs - ok
19:09:22.0625 1772 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:09:22.0812 1772 NtLmSsp - ok
19:09:22.0953 1772 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:09:23.0468 1772 NtmsSvc - ok
19:09:23.0484 1772 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:09:23.0671 1772 Null - ok
19:09:24.0312 1772 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:09:25.0937 1772 nv - ok
19:09:25.0968 1772 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:09:26.0203 1772 NwlnkFlt - ok
19:09:26.0250 1772 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:09:26.0500 1772 NwlnkFwd - ok
19:09:26.0546 1772 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:09:26.0750 1772 ohci1394 - ok
19:09:26.0796 1772 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:09:27.0031 1772 Parport - ok
19:09:27.0078 1772 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:09:27.0312 1772 PartMgr - ok
19:09:27.0343 1772 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:09:27.0562 1772 ParVdm - ok
19:09:27.0609 1772 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:09:27.0843 1772 PCI - ok
19:09:27.0843 1772 PCIDump - ok
19:09:27.0890 1772 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:09:28.0078 1772 PCIIde - ok
19:09:28.0140 1772 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:09:28.0437 1772 Pcmcia - ok
19:09:28.0453 1772 PDCOMP - ok
19:09:28.0468 1772 PDFRAME - ok
19:09:28.0484 1772 PDRELI - ok
19:09:28.0500 1772 PDRFRAME - ok
19:09:28.0515 1772 perc2 - ok
19:09:28.0531 1772 perc2hib - ok
19:09:28.0593 1772 [ C4AA89518E8A2934EAF503C9587FF157 ] pfc C:\WINDOWS\system32\drivers\pfc.sys
19:09:28.0625 1772 pfc ( UnsignedFile.Multi.Generic ) - warning
19:09:28.0625 1772 pfc - detected UnsignedFile.Multi.Generic (1)
19:09:28.0671 1772 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
19:09:28.0687 1772 PlugPlay - ok
19:09:28.0703 1772 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:09:28.0890 1772 PolicyAgent - ok
19:09:28.0953 1772 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:09:29.0171 1772 PptpMiniport - ok
19:09:29.0203 1772 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:09:29.0406 1772 ProtectedStorage - ok
19:09:29.0453 1772 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:09:29.0703 1772 PSched - ok
19:09:29.0734 1772 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:09:29.0937 1772 Ptilink - ok
19:09:29.0968 1772 [ B572ED0C3E6165643FA116AF20425A54 ] PxHelp20 C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
19:09:30.0015 1772 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
19:09:30.0015 1772 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
19:09:30.0031 1772 ql1080 - ok
19:09:30.0046 1772 Ql10wnt - ok
19:09:30.0062 1772 ql12160 - ok
19:09:30.0078 1772 ql1240 - ok
19:09:30.0093 1772 ql1280 - ok
19:09:30.0125 1772 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:09:30.0328 1772 RasAcd - ok
19:09:30.0406 1772 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:09:30.0640 1772 RasAuto - ok
19:09:30.0687 1772 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:09:30.0906 1772 Rasl2tp - ok
19:09:31.0000 1772 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:09:31.0234 1772 RasMan - ok
19:09:31.0265 1772 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:09:31.0515 1772 RasPppoe - ok
19:09:31.0531 1772 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:09:31.0734 1772 Raspti - ok
19:09:31.0812 1772 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:09:32.0078 1772 Rdbss - ok
19:09:32.0093 1772 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:09:32.0312 1772 RDPCDD - ok
19:09:32.0437 1772 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:09:32.0531 1772 RDPWD - ok
19:09:32.0593 1772 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:09:32.0953 1772 RDSessMgr - ok
19:09:33.0000 1772 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:09:33.0234 1772 redbook - ok
19:09:33.0265 1772 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:09:33.0531 1772 RemoteAccess - ok
19:09:33.0593 1772 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
19:09:33.0812 1772 RFCOMM - ok
19:09:33.0875 1772 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:09:34.0125 1772 RpcLocator - ok
19:09:34.0281 1772 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:09:34.0406 1772 RpcSs - ok
19:09:34.0484 1772 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:09:34.0843 1772 RSVP - ok
19:09:34.0859 1772 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
19:09:35.0046 1772 SamSs - ok
19:09:35.0109 1772 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:09:35.0390 1772 SCardSvr - ok
19:09:35.0484 1772 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:09:35.0687 1772 Schedule - ok
19:09:35.0750 1772 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:09:35.0828 1772 Secdrv - ok
19:09:35.0875 1772 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:09:36.0093 1772 seclogon - ok
19:09:36.0140 1772 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
19:09:36.0390 1772 SENS - ok
19:09:36.0406 1772 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:09:36.0625 1772 serenum - ok
19:09:36.0656 1772 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:09:36.0906 1772 Serial - ok
19:09:36.0953 1772 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:09:37.0156 1772 Sfloppy - ok
19:09:37.0296 1772 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:09:37.0625 1772 SharedAccess - ok
19:09:37.0687 1772 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:09:37.0718 1772 ShellHWDetection - ok
19:09:37.0718 1772 Simbad - ok
19:09:37.0765 1772 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:09:38.0031 1772 sisagp - ok
19:09:38.0078 1772 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys
19:09:38.0296 1772 SISNIC - ok
19:09:38.0312 1772 Sparrow - ok
19:09:38.0343 1772 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:09:38.0562 1772 splitter - ok
19:09:38.0609 1772 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:09:38.0656 1772 Spooler - ok
19:09:38.0703 1772 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:09:38.0843 1772 sr - ok
19:09:38.0921 1772 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
19:09:39.0015 1772 srservice - ok
19:09:39.0156 1772 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:09:39.0390 1772 Srv - ok
19:09:39.0453 1772 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:09:39.0562 1772 SSDPSRV - ok
19:09:39.0640 1772 [ 5FFB52404158ABC5D9FF4081BCD67033 ] SSHDRV62 C:\WINDOWS\system32\drivers\SSHDRV62.sys
19:09:39.0687 1772 SSHDRV62 ( UnsignedFile.Multi.Generic ) - warning
19:09:39.0687 1772 SSHDRV62 - detected UnsignedFile.Multi.Generic (1)
19:09:39.0734 1772 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:09:39.0750 1772 ssmdrv - ok
19:09:39.0890 1772 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:09:40.0234 1772 stisvc - ok
19:09:40.0281 1772 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:09:40.0500 1772 swenum - ok
19:09:40.0531 1772 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:09:40.0765 1772 swmidi - ok
19:09:40.0781 1772 SwPrv - ok
19:09:40.0796 1772 symc810 - ok
19:09:40.0812 1772 symc8xx - ok
19:09:40.0828 1772 sym_hi - ok
19:09:40.0843 1772 sym_u3 - ok
19:09:40.0906 1772 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:09:41.0140 1772 sysaudio - ok
19:09:41.0187 1772 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:09:41.0515 1772 SysmonLog - ok
19:09:41.0625 1772 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:09:41.0843 1772 TapiSrv - ok
19:09:42.0000 1772 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:09:42.0156 1772 Tcpip - ok
19:09:42.0265 1772 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
19:09:42.0312 1772 Tcpip6 - ok
19:09:42.0343 1772 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:09:42.0562 1772 TDPIPE - ok
19:09:42.0578 1772 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:09:42.0781 1772 TDTCP - ok
19:09:42.0796 1772 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:09:43.0046 1772 TermDD - ok
19:09:43.0171 1772 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
19:09:43.0437 1772 TermService - ok
19:09:43.0515 1772 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:09:43.0531 1772 Themes - ok
19:09:43.0546 1772 TosIde - ok
19:09:43.0625 1772 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:09:43.0812 1772 TrkWks - ok
19:09:43.0843 1772 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
19:09:44.0046 1772 tunmp - ok
19:09:44.0093 1772 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:09:44.0406 1772 Udfs - ok
19:09:44.0406 1772 ultra - ok
19:09:44.0562 1772 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:09:45.0000 1772 Update - ok
19:09:45.0093 1772 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:09:45.0203 1772 upnphost - ok
19:09:45.0250 1772 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
19:09:45.0515 1772 UPS - ok
19:09:45.0562 1772 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:09:45.0781 1772 usbehci - ok
19:09:45.0843 1772 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:09:46.0062 1772 usbhub - ok
19:09:46.0078 1772 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:09:46.0281 1772 usbohci - ok
19:09:46.0312 1772 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:09:46.0562 1772 USBSTOR - ok
19:09:46.0609 1772 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:09:46.0828 1772 VgaSave - ok
19:09:46.0843 1772 ViaIde - ok
19:09:46.0875 1772 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:09:47.0125 1772 VolSnap - ok
19:09:47.0203 1772 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
19:09:47.0453 1772 VSS - ok
19:09:47.0531 1772 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
19:09:47.0718 1772 W32Time - ok
19:09:47.0765 1772 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:09:48.0000 1772 Wanarp - ok
19:09:48.0015 1772 WDICA - ok
19:09:48.0078 1772 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:09:48.0296 1772 wdmaud - ok
19:09:48.0406 1772 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:09:48.0640 1772 WebClient - ok
19:09:48.0765 1772 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:09:48.0968 1772 winmgmt - ok
19:09:49.0031 1772 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:09:49.0140 1772 WmdmPmSN - ok
19:09:49.0218 1772 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:09:49.0437 1772 WmiApSrv - ok
19:09:49.0703 1772 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
19:09:50.0000 1772 WMPNetworkSvc - ok
19:09:50.0062 1772 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:09:50.0296 1772 wscsvc - ok
19:09:50.0328 1772 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:09:50.0531 1772 wuauserv - ok
19:09:50.0578 1772 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:09:50.0687 1772 WudfPf - ok
19:09:50.0734 1772 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:09:50.0796 1772 WudfRd - ok
19:09:50.0828 1772 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:09:50.0906 1772 WudfSvc - ok
19:09:51.0109 1772 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:09:51.0546 1772 WZCSVC - ok
19:09:51.0640 1772 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:09:51.0921 1772 xmlprov - ok
19:09:51.0968 1772 ================ Scan global ===============================
19:09:52.0015 1772 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
19:09:52.0125 1772 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:09:52.0265 1772 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:09:52.0312 1772 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
19:09:52.0312 1772 [Global] - ok
19:09:52.0328 1772 ================ Scan MBR ==================================
19:09:52.0359 1772 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:09:52.0843 1772 \Device\Harddisk0\DR0 - ok
19:09:52.0843 1772 ================ Scan VBR ==================================
19:09:52.0875 1772 [ AD0D9DED0D52821FBB8F3A5B99AEE9F4 ] \Device\Harddisk0\DR0\Partition1
19:09:52.0875 1772 \Device\Harddisk0\DR0\Partition1 - ok
19:09:52.0906 1772 [ 5546AFAB2D47C5BA5F8E4311C325B3D9 ] \Device\Harddisk0\DR0\Partition2
19:09:52.0906 1772 \Device\Harddisk0\DR0\Partition2 - ok
19:09:52.0921 1772 ============================================================
19:09:52.0921 1772 Scan finished
19:09:52.0921 1772 ============================================================
19:09:53.0062 3416 Detected object count: 3
19:09:53.0062 3416 Actual detected object count: 3
19:17:10.0156 3416 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
19:17:10.0156 3416 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:17:10.0171 3416 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
19:17:10.0171 3416 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:17:10.0171 3416 SSHDRV62 ( UnsignedFile.Multi.Generic ) - skipped by user
19:17:10.0171 3416 SSHDRV62 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:17:25.0140 3248 ============================================================
19:17:25.0156 3248 Scan started
19:17:25.0156 3248 Mode: Manual; SigCheck; TDLFS;
19:17:25.0156 3248 ============================================================
19:17:25.0656 3248 ================ Scan system memory ========================
19:17:25.0671 3248 System memory - ok
19:17:25.0671 3248 ================ Scan services =============================
19:17:25.0984 3248 [ D5A6658CBFBBF9A0F8827E83C9FDE806 ] 6to4 C:\WINDOWS\System32\6to4svc.dll
19:17:26.0062 3248 6to4 - ok
19:17:26.0125 3248 Abiosdsk - ok
19:17:26.0125 3248 abp480n5 - ok
19:17:26.0218 3248 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:17:26.0421 3248 ACPI - ok
19:17:26.0468 3248 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:17:26.0640 3248 ACPIEC - ok
19:17:26.0656 3248 adpu160m - ok
19:17:26.0718 3248 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:17:26.0906 3248 aec - ok
19:17:26.0984 3248 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:17:27.0000 3248 AFD - ok
19:17:27.0015 3248 Aha154x - ok
19:17:27.0031 3248 aic78u2 - ok
19:17:27.0046 3248 aic78xx - ok
19:17:27.0296 3248 [ 7BFE59F5EFF8896D043CFDE731B262E9 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:17:27.0500 3248 ALCXWDM - ok
19:17:27.0546 3248 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:17:27.0734 3248 Alerter - ok
19:17:27.0765 3248 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
19:17:27.0843 3248 ALG - ok
19:17:27.0859 3248 AliIde - ok
19:17:27.0875 3248 amsint - ok
19:17:28.0015 3248 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
19:17:28.0031 3248 AntiVirSchedulerService - ok
19:17:28.0093 3248 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:17:28.0109 3248 AntiVirService - ok
19:17:28.0343 3248 [ 5A123AABB571AEA78AE63AF5E372F796 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:17:28.0453 3248 AntiVirWebService - ok
19:17:28.0453 3248 AppMgmt - ok
19:17:28.0515 3248 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:17:28.0687 3248 Arp1394 - ok
19:17:28.0703 3248 asc - ok
19:17:28.0718 3248 asc3350p - ok
19:17:28.0734 3248 asc3550 - ok
19:17:28.0875 3248 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:17:28.0890 3248 aspnet_state - ok
19:17:28.0921 3248 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:17:29.0093 3248 AsyncMac - ok
19:17:29.0156 3248 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:17:29.0328 3248 atapi - ok
19:17:29.0343 3248 Atdisk - ok
19:17:29.0390 3248 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:17:29.0562 3248 Atmarpc - ok
19:17:29.0609 3248 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:17:29.0781 3248 AudioSrv - ok
19:17:29.0828 3248 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:17:30.0000 3248 audstub - ok
19:17:30.0046 3248 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:17:30.0078 3248 avgntflt - ok
19:17:30.0171 3248 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:17:30.0203 3248 avipbb - ok
19:17:30.0250 3248 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:17:30.0265 3248 avkmgr - ok
19:17:30.0328 3248 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:17:30.0500 3248 Beep - ok
19:17:30.0625 3248 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
19:17:30.0875 3248 BITS - ok
19:17:30.0937 3248 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
19:17:30.0953 3248 Browser - ok
19:17:31.0000 3248 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
19:17:31.0187 3248 BthEnum - ok
19:17:31.0218 3248 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
19:17:31.0390 3248 BTHMODEM - ok
19:17:31.0453 3248 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
19:17:31.0625 3248 BthPan - ok
19:17:31.0750 3248 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
19:17:31.0781 3248 BTHPORT - ok
19:17:31.0828 3248 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
19:17:31.0984 3248 BthServ - ok
19:17:32.0015 3248 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
19:17:32.0218 3248 BTHUSB - ok
19:17:32.0265 3248 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:17:32.0437 3248 cbidf2k - ok
19:17:32.0453 3248 cd20xrnt - ok
19:17:32.0484 3248 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:17:32.0656 3248 Cdaudio - ok
19:17:32.0687 3248 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:17:32.0859 3248 Cdfs - ok
19:17:32.0921 3248 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:17:33.0093 3248 Cdrom - ok
19:17:33.0093 3248 Changer - ok
19:17:33.0140 3248 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:17:33.0312 3248 CiSvc - ok
19:17:33.0343 3248 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:17:33.0515 3248 ClipSrv - ok
19:17:33.0562 3248 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:17:33.0578 3248 clr_optimization_v2.0.50727_32 - ok
19:17:33.0593 3248 CmdIde - ok
19:17:33.0609 3248 COMSysApp - ok
19:17:33.0625 3248 Cpqarray - ok
19:17:33.0687 3248 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:17:33.0859 3248 CryptSvc - ok
19:17:33.0859 3248 dac2w2k - ok
19:17:33.0875 3248 dac960nt - ok
19:17:33.0921 3248 [ B1AD007F9A7DD8CFC981958D5C167D2D ] DcCam C:\WINDOWS\system32\DRIVERS\DcCam.sys
19:17:33.0953 3248 DcCam - ok
19:17:34.0000 3248 [ 5FD20284CAAF112201311619FF89FA44 ] DcFpoint C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
19:17:34.0015 3248 DcFpoint - ok
19:17:34.0062 3248 [ 867F7E6841B15D32481C3F1B83364E3A ] DCFS2K C:\WINDOWS\system32\drivers\dcfs2k.sys
19:17:34.0093 3248 DCFS2K - ok
19:17:34.0109 3248 [ 1B889AC45FAF088FF2AF690779368956 ] DcLps C:\WINDOWS\system32\DRIVERS\DcLps.sys
19:17:34.0125 3248 DcLps - ok
19:17:34.0296 3248 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:17:34.0406 3248 DcomLaunch - ok
19:17:34.0453 3248 [ 47B1CCEC23AEC5AE6A2005D1A0D8ED65 ] DcPTP C:\WINDOWS\system32\DRIVERS\DcPTP.sys
19:17:34.0468 3248 DcPTP - ok
19:17:34.0546 3248 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:17:34.0718 3248 Dhcp - ok
19:17:34.0750 3248 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:17:34.0921 3248 Disk - ok
19:17:34.0921 3248 dmadmin - ok
19:17:35.0031 3248 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:17:35.0375 3248 dmboot - ok
19:17:35.0437 3248 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:17:35.0609 3248 dmio - ok
19:17:35.0640 3248 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:17:35.0796 3248 dmload - ok
19:17:35.0843 3248 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:17:36.0031 3248 dmserver - ok
19:17:36.0078 3248 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:17:36.0250 3248 DMusic - ok
19:17:36.0296 3248 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:17:36.0328 3248 Dnscache - ok
19:17:36.0390 3248 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:17:36.0562 3248 Dot3svc - ok
19:17:36.0640 3248 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
19:17:36.0812 3248 dot4 - ok
19:17:36.0843 3248 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
19:17:37.0015 3248 Dot4Print - ok
19:17:37.0046 3248 [ BD05306428DA63369692477DDC0F6F5F ] Dot4Scan C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
19:17:37.0218 3248 Dot4Scan - ok
19:17:37.0250 3248 [ 29E86AF2F3457D0441348020FE3CFBD0 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
19:17:37.0421 3248 dot4usb - ok
19:17:37.0437 3248 dpti2o - ok
19:17:37.0468 3248 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:17:37.0640 3248 drmkaud - ok
19:17:37.0687 3248 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:17:37.0859 3248 EapHost - ok
19:17:37.0890 3248 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:17:38.0046 3248 ERSvc - ok
19:17:38.0125 3248 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
19:17:38.0156 3248 Eventlog - ok
19:17:38.0265 3248 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
19:17:38.0296 3248 EventSystem - ok
19:17:38.0359 3248 [ 20FF28FB3B268E7C76B10841A9F81BA4 ] Exportit C:\WINDOWS\system32\DRIVERS\exportit.sys
19:17:38.0390 3248 Exportit - ok
19:17:38.0453 3248 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:17:38.0609 3248 Fastfat - ok
19:17:38.0687 3248 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:17:38.0718 3248 FastUserSwitchingCompatibility - ok
19:17:38.0750 3248 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:17:38.0937 3248 Fdc - ok
19:17:38.0984 3248 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:17:39.0140 3248 Fips - ok
19:17:39.0171 3248 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:17:39.0343 3248 Flpydisk - ok
19:17:39.0406 3248 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:17:39.0578 3248 FltMgr - ok
19:17:39.0656 3248 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:17:39.0671 3248 FontCache3.0.0.0 - ok
19:17:39.0687 3248 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:17:39.0875 3248 Fs_Rec - ok
19:17:39.0921 3248 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:17:40.0093 3248 Ftdisk - ok
19:17:40.0109 3248 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:17:40.0296 3248 gameenum - ok
19:17:40.0328 3248 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:17:40.0500 3248 Gpc - ok
19:17:40.0625 3248 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
19:17:40.0640 3248 gupdate - ok
19:17:40.0703 3248 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
19:17:40.0718 3248 gupdatem - ok
19:17:40.0796 3248 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:17:40.0953 3248 helpsvc - ok
19:17:40.0968 3248 HidServ - ok
19:17:41.0046 3248 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:17:41.0218 3248 HidUsb - ok
19:17:41.0265 3248 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:17:41.0437 3248 hkmsvc - ok
19:17:41.0437 3248 hpn - ok
19:17:41.0578 3248 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:17:41.0593 3248 HTTP - ok
19:17:41.0625 3248 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:17:41.0781 3248 HTTPFilter - ok
19:17:41.0796 3248 i2omgmt - ok
19:17:41.0812 3248 i2omp - ok
19:17:41.0859 3248 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:17:42.0015 3248 i8042prt - ok
19:17:42.0375 3248 [ BE4D946B5D8745DD7CD4CA9CA04F4989 ] IBUpdaterService C:\WINDOWS\system32\dmwu.exe
19:17:42.0656 3248 IBUpdaterService - ok
19:17:42.0984 3248 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:17:43.0265 3248 idsvc - ok
19:17:43.0296 3248 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:17:43.0468 3248 Imapi - ok
19:17:43.0546 3248 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
19:17:43.0703 3248 ImapiService - ok
19:17:43.0718 3248 ini910u - ok
19:17:43.0750 3248 IntelIde - ok
19:17:43.0796 3248 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:17:43.0968 3248 intelppm - ok
19:17:44.0015 3248 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:17:44.0187 3248 Ip6Fw - ok
19:17:44.0234 3248 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:17:44.0390 3248 IpFilterDriver - ok
19:17:44.0421 3248 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:17:44.0578 3248 IpInIp - ok
19:17:44.0656 3248 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:17:44.0828 3248 IpNat - ok
19:17:44.0859 3248 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:17:45.0031 3248 IPSec - ok
19:17:45.0046 3248 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:17:45.0125 3248 IRENUM - ok
19:17:45.0171 3248 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:17:45.0359 3248 isapnp - ok
19:17:45.0500 3248 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
19:17:45.0515 3248 JavaQuickStarterService - ok
19:17:45.0546 3248 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:17:45.0703 3248 Kbdclass - ok
19:17:45.0765 3248 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:17:45.0937 3248 kmixer - ok
19:17:46.0093 3248 [ 4E1060D2F3B745931CF83B3649BE8A57 ] KodakCCS C:\WINDOWS\system32\drivers\KodakCCS.exe
19:17:46.0125 3248 KodakCCS - ok
19:17:46.0187 3248 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:17:46.0203 3248 KSecDD - ok
19:17:46.0281 3248 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:17:46.0312 3248 lanmanserver - ok
19:17:46.0390 3248 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:17:46.0406 3248 lanmanworkstation - ok
19:17:46.0421 3248 lbrtfdc - ok
19:17:46.0468 3248 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:17:46.0656 3248 LmHosts - ok
19:17:46.0703 3248 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:17:46.0859 3248 Messenger - ok
19:17:46.0906 3248 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:17:47.0046 3248 mnmdd - ok
19:17:47.0093 3248 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:17:47.0281 3248 mnmsrvc - ok
19:17:47.0312 3248 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:17:47.0484 3248 Modem - ok
19:17:47.0515 3248 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:17:47.0687 3248 Mouclass - ok
19:17:47.0687 3248 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:17:47.0859 3248 mouhid - ok
19:17:47.0906 3248 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:17:48.0046 3248 MountMgr - ok
19:17:48.0062 3248 mraid35x - ok
19:17:48.0156 3248 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:17:48.0328 3248 MRxDAV - ok
19:17:48.0515 3248 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:17:48.0625 3248 MRxSmb - ok
19:17:48.0656 3248 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:17:48.0812 3248 MSDTC - ok
19:17:48.0843 3248 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:17:49.0000 3248 Msfs - ok
19:17:49.0015 3248 MSIServer - ok
19:17:49.0046 3248 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:17:49.0203 3248 MSKSSRV - ok
19:17:49.0218 3248 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:17:49.0390 3248 MSPCLOCK - ok
19:17:49.0390 3248 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:17:49.0562 3248 MSPQM - ok
19:17:49.0593 3248 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:17:49.0734 3248 mssmbios - ok
19:17:49.0781 3248 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
19:17:49.0937 3248 ms_mpu401 - ok
19:17:50.0000 3248 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:17:50.0015 3248 Mup - ok
19:17:50.0109 3248 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
19:17:50.0312 3248 napagent - ok
19:17:50.0390 3248 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:17:50.0562 3248 NDIS - ok
19:17:50.0593 3248 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:17:50.0625 3248 NdisTapi - ok
19:17:50.0640 3248 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:17:50.0812 3248 Ndisuio - ok
19:17:50.0875 3248 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:17:51.0031 3248 NdisWan - ok
19:17:51.0109 3248 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:17:51.0140 3248 NDProxy - ok
19:17:51.0171 3248 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:17:51.0328 3248 NetBIOS - ok
19:17:51.0406 3248 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:17:51.0562 3248 NetBT - ok
19:17:51.0625 3248 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
19:17:51.0796 3248 NetDDE - ok
19:17:51.0828 3248 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:17:52.0000 3248 NetDDEdsdm - ok
19:17:52.0031 3248 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:17:52.0203 3248 Netlogon - ok
19:17:52.0296 3248 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
19:17:52.0468 3248 Netman - ok
19:17:52.0546 3248 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:17:52.0562 3248 NetTcpPortSharing - ok
19:17:52.0625 3248 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:17:52.0796 3248 NIC1394 - ok
19:17:52.0921 3248 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
19:17:52.0937 3248 Nla - ok
19:17:52.0968 3248 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:17:53.0125 3248 Npfs - ok
19:17:53.0359 3248 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:17:53.0609 3248 Ntfs - ok
19:17:53.0625 3248 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:17:53.0796 3248 NtLmSsp - ok
19:17:53.0937 3248 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:17:54.0203 3248 NtmsSvc - ok
19:17:54.0234 3248 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:17:54.0375 3248 Null - ok
19:17:55.0015 3248 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:17:55.0703 3248 nv - ok
19:17:55.0734 3248 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:17:55.0890 3248 NwlnkFlt - ok
19:17:55.0937 3248 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:17:56.0109 3248 NwlnkFwd - ok
19:17:56.0156 3248 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:17:56.0328 3248 ohci1394 - ok
19:17:56.0375 3248 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:17:56.0546 3248 Parport - ok
19:17:56.0593 3248 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:17:56.0750 3248 PartMgr - ok
19:17:56.0781 3248 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:17:56.0937 3248 ParVdm - ok
19:17:57.0000 3248 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:17:57.0156 3248 PCI - ok
19:17:57.0187 3248 PCIDump - ok
19:17:57.0218 3248 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:17:57.0375 3248 PCIIde - ok
19:17:57.0437 3248 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:17:57.0578 3248 Pcmcia - ok
19:17:57.0593 3248 PDCOMP - ok
19:17:57.0609 3248 PDFRAME - ok
19:17:57.0625 3248 PDRELI - ok
19:17:57.0640 3248 PDRFRAME - ok
19:17:57.0656 3248 perc2 - ok
19:17:57.0671 3248 perc2hib - ok
19:17:57.0734 3248 [ C4AA89518E8A2934EAF503C9587FF157 ] pfc C:\WINDOWS\system32\drivers\pfc.sys
19:17:57.0734 3248 pfc ( UnsignedFile.Multi.Generic ) - warning
19:17:57.0734 3248 pfc - detected UnsignedFile.Multi.Generic (1)
19:17:57.0796 3248 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
19:17:57.0812 3248 PlugPlay - ok
19:17:57.0843 3248 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:17:58.0000 3248 PolicyAgent - ok
19:17:58.0062 3248 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:17:58.0250 3248 PptpMiniport - ok
19:17:58.0265 3248 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:17:58.0421 3248 ProtectedStorage - ok
19:17:58.0468 3248 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:17:58.0625 3248 PSched - ok
19:17:58.0640 3248 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:17:58.0812 3248 Ptilink - ok
19:17:58.0843 3248 [ B572ED0C3E6165643FA116AF20425A54 ] PxHelp20 C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
19:17:58.0859 3248 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
19:17:58.0859 3248 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
19:17:58.0875 3248 ql1080 - ok
19:17:58.0890 3248 Ql10wnt - ok
19:17:58.0906 3248 ql12160 - ok
19:17:58.0921 3248 ql1240 - ok
19:17:58.0937 3248 ql1280 - ok
19:17:58.0968 3248 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:17:59.0125 3248 RasAcd - ok
19:17:59.0187 3248 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:17:59.0343 3248 RasAuto - ok
19:17:59.0375 3248 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:17:59.0546 3248 Rasl2tp - ok
19:17:59.0625 3248 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:17:59.0796 3248 RasMan - ok
19:17:59.0828 3248 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:17:59.0984 3248 RasPppoe - ok
19:18:00.0015 3248 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:18:00.0156 3248 Raspti - ok
19:18:00.0250 3248 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:18:00.0406 3248 Rdbss - ok
19:18:00.0421 3248 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:18:00.0593 3248 RDPCDD - ok
19:18:00.0687 3248 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:18:00.0718 3248 RDPWD - ok
19:18:00.0781 3248 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:18:00.0937 3248 RDSessMgr - ok
19:18:01.0000 3248 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:18:01.0203 3248 redbook - ok
19:18:01.0234 3248 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:18:01.0406 3248 RemoteAccess - ok
19:18:01.0468 3248 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
19:18:01.0640 3248 RFCOMM - ok
19:18:01.0687 3248 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:18:01.0859 3248 RpcLocator - ok
19:18:02.0000 3248 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:18:02.0109 3248 RpcSs - ok
19:18:02.0187 3248 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:18:02.0359 3248 RSVP - ok
19:18:02.0375 3248 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
19:18:02.0546 3248 SamSs - ok
19:18:02.0609 3248 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:18:02.0750 3248 SCardSvr - ok
19:18:02.0859 3248 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:18:03.0015 3248 Schedule - ok
19:18:03.0078 3248 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:18:03.0156 3248 Secdrv - ok
19:18:03.0187 3248 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:18:03.0343 3248 seclogon - ok
19:18:03.0406 3248 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
19:18:03.0578 3248 SENS - ok
19:18:03.0593 3248 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:18:03.0750 3248 serenum - ok
19:18:03.0796 3248 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:18:03.0953 3248 Serial - ok
19:18:04.0015 3248 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:18:04.0187 3248 Sfloppy - ok
19:18:04.0328 3248 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:18:04.0562 3248 SharedAccess - ok
19:18:04.0625 3248 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:18:04.0656 3248 ShellHWDetection - ok
19:18:04.0671 3248 Simbad - ok
19:18:04.0718 3248 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:18:04.0875 3248 sisagp - ok
19:18:04.0921 3248 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys
19:18:05.0078 3248 SISNIC - ok
19:18:05.0093 3248 Sparrow - ok
19:18:05.0125 3248 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:18:05.0281 3248 splitter - ok
19:18:05.0328 3248 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:18:05.0343 3248 Spooler - ok
19:18:05.0375 3248 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:18:05.0468 3248 sr - ok
19:18:05.0546 3248 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
19:18:05.0625 3248 srservice - ok
19:18:05.0781 3248 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:18:05.0875 3248 Srv - ok
19:18:05.0921 3248 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:18:06.0000 3248 SSDPSRV - ok
19:18:06.0062 3248 [ 5FFB52404158ABC5D9FF4081BCD67033 ] SSHDRV62 C:\WINDOWS\system32\drivers\SSHDRV62.sys
19:18:06.0078 3248 SSHDRV62 ( UnsignedFile.Multi.Generic ) - warning
19:18:06.0078 3248 SSHDRV62 - detected UnsignedFile.Multi.Generic (1)
19:18:06.0156 3248 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:18:06.0187 3248 ssmdrv - ok
19:18:06.0312 3248 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:18:06.0562 3248 stisvc - ok
19:18:06.0593 3248 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:18:06.0765 3248 swenum - ok
19:18:06.0812 3248 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:18:06.0984 3248 swmidi - ok
19:18:07.0000 3248 SwPrv - ok
19:18:07.0015 3248 symc810 - ok
19:18:07.0031 3248 symc8xx - ok
19:18:07.0046 3248 sym_hi - ok
19:18:07.0062 3248 sym_u3 - ok
19:18:07.0109 3248 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:18:07.0296 3248 sysaudio - ok
19:18:07.0343 3248 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:18:07.0500 3248 SysmonLog - ok
19:18:07.0609 3248 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:18:07.0781 3248 TapiSrv - ok
19:18:07.0937 3248 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:18:08.0046 3248 Tcpip - ok
19:18:08.0140 3248 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
19:18:08.0203 3248 Tcpip6 - ok
19:18:08.0234 3248 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:18:08.0390 3248 TDPIPE - ok
19:18:08.0406 3248 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:18:08.0578 3248 TDTCP - ok
19:18:08.0609 3248 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:18:08.0765 3248 TermDD - ok
19:18:08.0906 3248 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
19:18:09.0062 3248 TermService - ok
19:18:09.0125 3248 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:18:09.0140 3248 Themes - ok
19:18:09.0156 3248 TosIde - ok
19:18:09.0218 3248 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:18:09.0390 3248 TrkWks - ok
19:18:09.0421 3248 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
19:18:09.0578 3248 tunmp - ok
19:18:09.0625 3248 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:18:09.0781 3248 Udfs - ok
19:18:09.0796 3248 ultra - ok
19:18:09.0953 3248 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:18:10.0203 3248 Update - ok
19:18:10.0296 3248 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:18:10.0375 3248 upnphost - ok
19:18:10.0421 3248 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
19:18:10.0578 3248 UPS - ok
19:18:10.0625 3248 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:18:10.0765 3248 usbehci - ok
19:18:10.0828 3248 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:18:10.0984 3248 usbhub - ok
19:18:11.0015 3248 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:18:11.0203 3248 usbohci - ok
19:18:11.0250 3248 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:18:11.0406 3248 USBSTOR - ok
19:18:11.0437 3248 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:18:11.0593 3248 VgaSave - ok
19:18:11.0609 3248 ViaIde - ok
19:18:11.0640 3248 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:18:11.0796 3248 VolSnap - ok
19:18:11.0890 3248 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
19:18:11.0968 3248 VSS - ok
19:18:12.0062 3248 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
19:18:12.0234 3248 W32Time - ok
19:18:12.0281 3248 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:18:12.0437 3248 Wanarp - ok
19:18:12.0453 3248 WDICA - ok
19:18:12.0515 3248 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:18:12.0671 3248 wdmaud - ok
19:18:12.0718 3248 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:18:12.0859 3248 WebClient - ok
19:18:13.0000 3248 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:18:13.0156 3248 winmgmt - ok
19:18:13.0218 3248 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:18:13.0234 3248 WmdmPmSN - ok
19:18:13.0312 3248 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:18:13.0468 3248 WmiApSrv - ok
19:18:13.0734 3248 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
19:18:14.0000 3248 WMPNetworkSvc - ok
19:18:14.0062 3248 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:18:14.0250 3248 wscsvc - ok
19:18:14.0281 3248 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:18:14.0437 3248 wuauserv - ok
19:18:14.0484 3248 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:18:14.0515 3248 WudfPf - ok
19:18:14.0562 3248 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:18:14.0578 3248 WudfRd - ok
19:18:14.0609 3248 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:18:14.0625 3248 WudfSvc - ok
19:18:14.0812 3248 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:18:15.0046 3248 WZCSVC - ok
19:18:15.0109 3248 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:18:15.0296 3248 xmlprov - ok
19:18:15.0328 3248 ================ Scan global ===============================
19:18:15.0390 3248 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
19:18:15.0515 3248 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:18:15.0625 3248 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:18:15.0687 3248 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
19:18:15.0703 3248 [Global] - ok
19:18:15.0703 3248 ================ Scan MBR ==================================
19:18:15.0718 3248 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:18:16.0203 3248 \Device\Harddisk0\DR0 - ok
19:18:16.0218 3248 ================ Scan VBR ==================================
19:18:16.0250 3248 [ AD0D9DED0D52821FBB8F3A5B99AEE9F4 ] \Device\Harddisk0\DR0\Partition1
19:18:16.0250 3248 \Device\Harddisk0\DR0\Partition1 - ok
19:18:16.0296 3248 [ 5546AFAB2D47C5BA5F8E4311C325B3D9 ] \Device\Harddisk0\DR0\Partition2
19:18:16.0296 3248 \Device\Harddisk0\DR0\Partition2 - ok
19:18:16.0296 3248 ============================================================
19:18:16.0296 3248 Scan finished
19:18:16.0296 3248 ============================================================
19:18:16.0328 3836 Detected object count: 3
19:18:16.0328 3836 Actual detected object count: 3
19:18:27.0671 3836 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
19:18:27.0671 3836 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:18:27.0687 3836 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
19:18:27.0687 3836 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:18:27.0687 3836 SSHDRV62 ( UnsignedFile.Multi.Generic ) - skipped by user
19:18:27.0687 3836 SSHDRV62 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:20:27.0218 3284 ============================================================
19:20:27.0218 3284 Scan started
19:20:27.0218 3284 Mode: Manual; SigCheck; TDLFS;
19:20:27.0218 3284 ============================================================
19:20:27.0968 3284 ================ Scan system memory ========================
19:20:27.0968 3284 System memory - ok
19:20:27.0984 3284 ================ Scan services =============================
19:20:28.0296 3284 [ D5A6658CBFBBF9A0F8827E83C9FDE806 ] 6to4 C:\WINDOWS\System32\6to4svc.dll
19:20:28.0359 3284 6to4 - ok
19:20:28.0406 3284 Abiosdsk - ok
19:20:28.0421 3284 abp480n5 - ok
19:20:28.0515 3284 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:20:28.0718 3284 ACPI - ok
19:20:28.0750 3284 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:20:28.0921 3284 ACPIEC - ok
19:20:28.0937 3284 adpu160m - ok
19:20:29.0000 3284 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:20:29.0203 3284 aec - ok
19:20:29.0281 3284 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:20:29.0296 3284 AFD - ok
19:20:29.0312 3284 Aha154x - ok
19:20:29.0328 3284 aic78u2 - ok
19:20:29.0343 3284 aic78xx - ok
19:20:29.0593 3284 [ 7BFE59F5EFF8896D043CFDE731B262E9 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:20:29.0812 3284 ALCXWDM - ok
19:20:29.0859 3284 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:20:30.0015 3284 Alerter - ok
19:20:30.0046 3284 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
19:20:30.0125 3284 ALG - ok
19:20:30.0140 3284 AliIde - ok
19:20:30.0156 3284 amsint - ok
19:20:30.0296 3284 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
19:20:30.0312 3284 AntiVirSchedulerService - ok
19:20:30.0375 3284 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:20:30.0406 3284 AntiVirService - ok
19:20:30.0640 3284 [ 5A123AABB571AEA78AE63AF5E372F796 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:20:30.0750 3284 AntiVirWebService - ok
19:20:30.0765 3284 AppMgmt - ok
19:20:30.0828 3284 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:20:30.0968 3284 Arp1394 - ok
19:20:30.0984 3284 asc - ok
19:20:31.0000 3284 asc3350p - ok
19:20:31.0015 3284 asc3550 - ok
19:20:31.0171 3284 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:20:31.0203 3284 aspnet_state - ok
19:20:31.0234 3284 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:20:31.0375 3284 AsyncMac - ok
19:20:31.0421 3284 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:20:31.0593 3284 atapi - ok
19:20:31.0609 3284 Atdisk - ok
19:20:31.0656 3284 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:20:31.0812 3284 Atmarpc - ok
19:20:31.0859 3284 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:20:32.0015 3284 AudioSrv - ok
19:20:32.0046 3284 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:20:32.0203 3284 audstub - ok
19:20:32.0265 3284 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:20:32.0281 3284 avgntflt - ok
19:20:32.0375 3284 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:20:32.0390 3284 avipbb - ok
19:20:32.0437 3284 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:20:32.0468 3284 avkmgr - ok
19:20:32.0515 3284 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:20:32.0687 3284 Beep - ok
19:20:32.0812 3284 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
19:20:33.0062 3284 BITS - ok
19:20:33.0125 3284 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
19:20:33.0140 3284 Browser - ok
19:20:33.0187 3284 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
19:20:33.0328 3284 BthEnum - ok
19:20:33.0359 3284 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
19:20:33.0531 3284 BTHMODEM - ok
19:20:33.0593 3284 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
19:20:33.0765 3284 BthPan - ok
19:20:33.0875 3284 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
19:20:33.0906 3284 BTHPORT - ok
19:20:33.0953 3284 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
19:20:34.0093 3284 BthServ - ok
19:20:34.0125 3284 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
19:20:34.0281 3284 BTHUSB - ok
19:20:34.0312 3284 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:20:34.0468 3284 cbidf2k - ok
19:20:34.0468 3284 cd20xrnt - ok
19:20:34.0531 3284 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:20:34.0671 3284 Cdaudio - ok
19:20:34.0718 3284 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:20:34.0859 3284 Cdfs - ok
19:20:34.0921 3284 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:20:35.0078 3284 Cdrom - ok
19:20:35.0078 3284 Changer - ok
19:20:35.0109 3284 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:20:35.0281 3284 CiSvc - ok
19:20:35.0312 3284 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:20:35.0468 3284 ClipSrv - ok
19:20:35.0531 3284 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:20:35.0546 3284 clr_optimization_v2.0.50727_32 - ok
19:20:35.0562 3284 CmdIde - ok
19:20:35.0578 3284 COMSysApp - ok
19:20:35.0609 3284 Cpqarray - ok
19:20:35.0656 3284 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:20:35.0812 3284 CryptSvc - ok
19:20:35.0828 3284 dac2w2k - ok
19:20:35.0843 3284 dac960nt - ok
19:20:35.0890 3284 [ B1AD007F9A7DD8CFC981958D5C167D2D ] DcCam C:\WINDOWS\system32\DRIVERS\DcCam.sys
19:20:35.0921 3284 DcCam - ok
19:20:35.0968 3284 [ 5FD20284CAAF112201311619FF89FA44 ] DcFpoint C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
19:20:35.0984 3284 DcFpoint - ok
19:20:36.0031 3284 [ 867F7E6841B15D32481C3F1B83364E3A ] DCFS2K C:\WINDOWS\system32\drivers\dcfs2k.sys
19:20:36.0046 3284 DCFS2K - ok
19:20:36.0078 3284 [ 1B889AC45FAF088FF2AF690779368956 ] DcLps C:\WINDOWS\system32\DRIVERS\DcLps.sys
19:20:36.0093 3284 DcLps - ok
19:20:36.0265 3284 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:20:36.0375 3284 DcomLaunch - ok
19:20:36.0421 3284 [ 47B1CCEC23AEC5AE6A2005D1A0D8ED65 ] DcPTP C:\WINDOWS\system32\DRIVERS\DcPTP.sys
19:20:36.0453 3284 DcPTP - ok
19:20:36.0546 3284 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:20:36.0687 3284 Dhcp - ok
19:20:36.0718 3284 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:20:36.0875 3284 Disk - ok
19:20:36.0890 3284 dmadmin - ok
19:20:37.0000 3284 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:20:37.0328 3284 dmboot - ok
19:20:37.0390 3284 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:20:37.0562 3284 dmio - ok
19:20:37.0609 3284 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:20:37.0765 3284 dmload - ok
19:20:37.0796 3284 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:20:37.0937 3284 dmserver - ok
19:20:38.0000 3284 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:20:38.0140 3284 DMusic - ok
19:20:38.0203 3284 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:20:38.0234 3284 Dnscache - ok
19:20:38.0296 3284 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:20:38.0453 3284 Dot3svc - ok
19:20:38.0515 3284 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
19:20:38.0703 3284 dot4 - ok
19:20:38.0734 3284 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
19:20:38.0890 3284 Dot4Print - ok
19:20:38.0921 3284 [ BD05306428DA63369692477DDC0F6F5F ] Dot4Scan C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
19:20:39.0078 3284 Dot4Scan - ok
19:20:39.0109 3284 [ 29E86AF2F3457D0441348020FE3CFBD0 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
19:20:39.0296 3284 dot4usb - ok
19:20:39.0312 3284 dpti2o - ok
19:20:39.0343 3284 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:20:39.0500 3284 drmkaud - ok
19:20:39.0546 3284 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:20:39.0703 3284 EapHost - ok
19:20:39.0734 3284 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:20:39.0890 3284 ERSvc - ok
19:20:39.0953 3284 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
19:20:39.0984 3284 Eventlog - ok
19:20:40.0093 3284 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
19:20:40.0125 3284 EventSystem - ok
19:20:40.0187 3284 [ 20FF28FB3B268E7C76B10841A9F81BA4 ] Exportit C:\WINDOWS\system32\DRIVERS\exportit.sys
19:20:40.0218 3284 Exportit - ok
19:20:40.0281 3284 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:20:40.0421 3284 Fastfat - ok
19:20:40.0500 3284 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:20:40.0562 3284 FastUserSwitchingCompatibility - ok
19:20:40.0593 3284 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:20:40.0750 3284 Fdc - ok
19:20:40.0781 3284 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:20:40.0937 3284 Fips - ok
19:20:40.0953 3284 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:20:41.0109 3284 Flpydisk - ok
19:20:41.0171 3284 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:20:41.0343 3284 FltMgr - ok
19:20:41.0406 3284 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:20:41.0421 3284 FontCache3.0.0.0 - ok
19:20:41.0453 3284 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:20:41.0609 3284 Fs_Rec - ok
19:20:41.0656 3284 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:20:41.0812 3284 Ftdisk - ok
19:20:41.0843 3284 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:20:41.0984 3284 gameenum - ok
19:20:42.0031 3284 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:20:42.0171 3284 Gpc - ok
19:20:42.0296 3284 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
19:20:42.0328 3284 gupdate - ok
19:20:42.0375 3284 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
19:20:42.0390 3284 gupdatem - ok
19:20:42.0468 3284 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:20:42.0640 3284 helpsvc - ok
19:20:42.0640 3284 HidServ - ok
19:20:42.0687 3284 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:20:42.0843 3284 HidUsb - ok
19:20:42.0890 3284 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:20:43.0046 3284 hkmsvc - ok
19:20:43.0046 3284 hpn - ok
19:20:43.0171 3284 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:20:43.0203 3284 HTTP - ok
19:20:43.0234 3284 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:20:43.0390 3284 HTTPFilter - ok
19:20:43.0406 3284 i2omgmt - ok
19:20:43.0421 3284 i2omp - ok
19:20:43.0484 3284 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:20:43.0656 3284 i8042prt - ok
19:20:44.0046 3284 [ BE4D946B5D8745DD7CD4CA9CA04F4989 ] IBUpdaterService C:\WINDOWS\system32\dmwu.exe
19:20:44.0328 3284 IBUpdaterService - ok
19:20:44.0656 3284 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:20:44.0937 3284 idsvc - ok
19:20:44.0984 3284 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:20:45.0125 3284 Imapi - ok
19:20:45.0218 3284 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
19:20:45.0375 3284 ImapiService - ok
19:20:45.0390 3284 ini910u - ok
19:20:45.0406 3284 IntelIde - ok
19:20:45.0453 3284 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:20:45.0640 3284 intelppm - ok
19:20:45.0671 3284 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:20:45.0828 3284 Ip6Fw - ok
19:20:45.0875 3284 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:20:46.0031 3284 IpFilterDriver - ok
19:20:46.0078 3284 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:20:46.0234 3284 IpInIp - ok
19:20:46.0296 3284 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:20:46.0453 3284 IpNat - ok
19:20:46.0484 3284 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:20:46.0671 3284 IPSec - ok
19:20:46.0687 3284 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:20:46.0765 3284 IRENUM - ok
19:20:46.0828 3284 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:20:46.0984 3284 isapnp - ok
19:20:47.0125 3284 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
19:20:47.0140 3284 JavaQuickStarterService - ok
19:20:47.0171 3284 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:20:47.0328 3284 Kbdclass - ok
19:20:47.0406 3284 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:20:47.0593 3284 kmixer - ok
19:20:47.0718 3284 [ 4E1060D2F3B745931CF83B3649BE8A57 ] KodakCCS C:\WINDOWS\system32\drivers\KodakCCS.exe
19:20:47.0734 3284 KodakCCS - ok
19:20:47.0796 3284 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:20:47.0812 3284 KSecDD - ok
19:20:47.0890 3284 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:20:47.0906 3284 lanmanserver - ok
19:20:47.0984 3284 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:20:48.0015 3284 lanmanworkstation - ok
19:20:48.0031 3284 lbrtfdc - ok
19:20:48.0093 3284 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:20:48.0250 3284 LmHosts - ok
19:20:48.0296 3284 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:20:48.0453 3284 Messenger - ok
19:20:48.0484 3284 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:20:48.0640 3284 mnmdd - ok
19:20:48.0687 3284 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:20:48.0875 3284 mnmsrvc - ok
19:20:48.0906 3284 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:20:49.0046 3284 Modem - ok
19:20:49.0078 3284 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:20:49.0265 3284 Mouclass - ok
19:20:49.0281 3284 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:20:49.0437 3284 mouhid - ok
19:20:49.0484 3284 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:20:49.0656 3284 MountMgr - ok
19:20:49.0671 3284 mraid35x - ok
19:20:49.0750 3284 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:20:49.0906 3284 MRxDAV - ok
19:20:50.0093 3284 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:20:50.0203 3284 MRxSmb - ok
19:20:50.0234 3284 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:20:50.0390 3284 MSDTC - ok
19:20:50.0437 3284 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:20:50.0593 3284 Msfs - ok
19:20:50.0609 3284 MSIServer - ok
19:20:50.0625 3284 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:20:50.0781 3284 MSKSSRV - ok
19:20:50.0796 3284 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:20:50.0953 3284 MSPCLOCK - ok
19:20:50.0968 3284 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:20:51.0109 3284 MSPQM - ok
19:20:51.0156 3284 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:20:51.0296 3284 mssmbios - ok
19:20:51.0343 3284 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
19:20:51.0500 3284 ms_mpu401 - ok
19:20:51.0578 3284 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:20:51.0609 3284 Mup - ok
19:20:51.0703 3284 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
19:20:51.0859 3284 napagent - ok
19:20:51.0937 3284 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:20:52.0109 3284 NDIS - ok
19:20:52.0156 3284 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:20:52.0171 3284 NdisTapi - ok
19:20:52.0203 3284 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:20:52.0359 3284 Ndisuio - ok
19:20:52.0421 3284 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:20:52.0609 3284 NdisWan - ok
19:20:52.0656 3284 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:20:52.0671 3284 NDProxy - ok
19:20:52.0703 3284 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:20:52.0859 3284 NetBIOS - ok
19:20:52.0921 3284 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:20:53.0078 3284 NetBT - ok
19:20:53.0156 3284 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
19:20:53.0312 3284 NetDDE - ok
19:20:53.0343 3284 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:20:53.0515 3284 NetDDEdsdm - ok
19:20:53.0546 3284 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:20:53.0687 3284 Netlogon - ok
19:20:53.0812 3284 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
19:20:53.0968 3284 Netman - ok
19:20:54.0046 3284 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:20:54.0062 3284 NetTcpPortSharing - ok
19:20:54.0125 3284 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:20:54.0281 3284 NIC1394 - ok
19:20:54.0390 3284 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
19:20:54.0421 3284 Nla - ok
19:20:54.0453 3284 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:20:54.0625 3284 Npfs - ok
19:20:54.0796 3284 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:20:55.0046 3284 Ntfs - ok
19:20:55.0062 3284 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:20:55.0218 3284 NtLmSsp - ok
19:20:55.0359 3284 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:20:55.0625 3284 NtmsSvc - ok
19:20:55.0640 3284 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:20:55.0781 3284 Null - ok
19:20:56.0406 3284 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:20:57.0078 3284 nv - ok
19:20:57.0125 3284 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:20:57.0281 3284 NwlnkFlt - ok
19:20:57.0328 3284 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:20:57.0484 3284 NwlnkFwd - ok
19:20:57.0531 3284 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:20:57.0703 3284 ohci1394 - ok
19:20:57.0750 3284 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:20:57.0906 3284 Parport - ok
19:20:57.0937 3284 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:20:58.0093 3284 PartMgr - ok
19:20:58.0140 3284 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:20:58.0296 3284 ParVdm - ok
19:20:58.0343 3284 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:20:58.0500 3284 PCI - ok
19:20:58.0500 3284 PCIDump - ok
19:20:58.0593 3284 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:20:58.0781 3284 PCIIde - ok
19:20:58.0828 3284 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:20:58.0984 3284 Pcmcia - ok
19:20:59.0000 3284 PDCOMP - ok
19:20:59.0015 3284 PDFRAME - ok
19:20:59.0031 3284 PDRELI - ok
19:20:59.0046 3284 PDRFRAME - ok
19:20:59.0062 3284 perc2 - ok
19:20:59.0078 3284 perc2hib - ok
19:20:59.0156 3284 [ C4AA89518E8A2934EAF503C9587FF157 ] pfc C:\WINDOWS\system32\drivers\pfc.sys
19:20:59.0156 3284 pfc ( UnsignedFile.Multi.Generic ) - warning
19:20:59.0156 3284 pfc - detected UnsignedFile.Multi.Generic (1)
19:20:59.0218 3284 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
19:20:59.0281 3284 PlugPlay - ok
19:20:59.0296 3284 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:20:59.0453 3284 PolicyAgent - ok
19:20:59.0515 3284 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:20:59.0687 3284 PptpMiniport - ok
19:20:59.0718 3284 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:20:59.0859 3284 ProtectedStorage - ok
19:20:59.0921 3284 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:21:00.0062 3284 PSched - ok
19:21:00.0093 3284 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:21:00.0250 3284 Ptilink - ok
19:21:00.0296 3284 [ B572ED0C3E6165643FA116AF20425A54 ] PxHelp20 C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
19:21:00.0296 3284 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
19:21:00.0296 3284 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
19:21:00.0312 3284 ql1080 - ok
19:21:00.0328 3284 Ql10wnt - ok
19:21:00.0343 3284 ql12160 - ok
19:21:00.0359 3284 ql1240 - ok
19:21:00.0375 3284 ql1280 - ok
19:21:00.0406 3284 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:21:00.0562 3284 RasAcd - ok
19:21:00.0609 3284 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:21:00.0765 3284 RasAuto - ok
19:21:00.0812 3284 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:21:00.0953 3284 Rasl2tp - ok
19:21:01.0062 3284 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:21:01.0218 3284 RasMan - ok
19:21:01.0250 3284 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:21:01.0406 3284 RasPppoe - ok
19:21:01.0437 3284 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:21:01.0593 3284 Raspti - ok
19:21:01.0656 3284 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:21:01.0828 3284 Rdbss - ok
19:21:01.0843 3284 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:21:02.0000 3284 RDPCDD - ok
19:21:02.0093 3284 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:21:02.0109 3284 RDPWD - ok
19:21:02.0171 3284 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:21:02.0343 3284 RDSessMgr - ok
19:21:02.0390 3284 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:21:02.0578 3284 redbook - ok
19:21:02.0625 3284 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:21:02.0781 3284 RemoteAccess - ok
19:21:02.0828 3284 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
19:21:02.0984 3284 RFCOMM - ok
19:21:03.0031 3284 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:21:03.0187 3284 RpcLocator - ok
19:21:03.0343 3284 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:21:03.0453 3284 RpcSs - ok
19:21:03.0531 3284 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:21:03.0703 3284 RSVP - ok
19:21:03.0765 3284 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
19:21:03.0921 3284 SamSs - ok
19:21:03.0968 3284 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:21:04.0125 3284 SCardSvr - ok
19:21:04.0218 3284 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:21:04.0390 3284 Schedule - ok
19:21:04.0437 3284 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:21:04.0515 3284 Secdrv - ok
19:21:04.0578 3284 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:21:04.0734 3284 seclogon - ok
19:21:04.0781 3284 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
19:21:04.0921 3284 SENS - ok
19:21:04.0937 3284 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:21:05.0093 3284 serenum - ok
19:21:05.0140 3284 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:21:05.0296 3284 Serial - ok
19:21:05.0359 3284 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:21:05.0515 3284 Sfloppy - ok
19:21:05.0671 3284 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:21:05.0906 3284 SharedAccess - ok
19:21:05.0968 3284 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:21:06.0000 3284 ShellHWDetection - ok
19:21:06.0015 3284 Simbad - ok
19:21:06.0062 3284 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:21:06.0218 3284 sisagp - ok
19:21:06.0265 3284 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys
19:21:06.0421 3284 SISNIC - ok
19:21:06.0437 3284 Sparrow - ok
19:21:06.0468 3284 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:21:06.0625 3284 splitter - ok
19:21:06.0687 3284 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:21:06.0703 3284 Spooler - ok
19:21:06.0750 3284 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:21:06.0828 3284 sr - ok
19:21:06.0921 3284 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
19:21:07.0000 3284 srservice - ok
19:21:07.0140 3284 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:21:07.0250 3284 Srv - ok
19:21:07.0312 3284 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:21:07.0390 3284 SSDPSRV - ok
19:21:07.0453 3284 [ 5FFB52404158ABC5D9FF4081BCD67033 ] SSHDRV62 C:\WINDOWS\system32\drivers\SSHDRV62.sys
19:21:07.0468 3284 SSHDRV62 ( UnsignedFile.Multi.Generic ) - warning
19:21:07.0468 3284 SSHDRV62 - detected UnsignedFile.Multi.Generic (1)
19:21:07.0515 3284 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:21:07.0531 3284 ssmdrv - ok
19:21:07.0687 3284 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:21:07.0921 3284 stisvc - ok
19:21:07.0968 3284 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:21:08.0125 3284 swenum - ok
19:21:08.0156 3284 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:21:08.0312 3284 swmidi - ok
19:21:08.0328 3284 SwPrv - ok
19:21:08.0343 3284 symc810 - ok
19:21:08.0359 3284 symc8xx - ok
19:21:08.0375 3284 sym_hi - ok
19:21:08.0390 3284 sym_u3 - ok
19:21:08.0453 3284 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:21:08.0625 3284 sysaudio - ok
19:21:08.0671 3284 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:21:08.0859 3284 SysmonLog - ok
19:21:08.0953 3284 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:21:09.0125 3284 TapiSrv - ok
19:21:09.0265 3284 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:21:09.0406 3284 Tcpip - ok
19:21:09.0515 3284 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
19:21:09.0562 3284 Tcpip6 - ok
19:21:09.0593 3284 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:21:09.0765 3284 TDPIPE - ok
19:21:09.0781 3284 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:21:09.0937 3284 TDTCP - ok
19:21:09.0984 3284 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:21:10.0140 3284 TermDD - ok
19:21:10.0265 3284 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
19:21:10.0437 3284 TermService - ok
19:21:10.0500 3284 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:21:10.0531 3284 Themes - ok
19:21:10.0546 3284 TosIde - ok
19:21:10.0625 3284 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:21:10.0765 3284 TrkWks - ok
19:21:10.0812 3284 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
19:21:10.0984 3284 tunmp - ok
19:21:11.0031 3284 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:21:11.0187 3284 Udfs - ok
19:21:11.0203 3284 ultra - ok
19:21:11.0359 3284 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:21:11.0625 3284 Update - ok
19:21:11.0718 3284 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:21:11.0796 3284 upnphost - ok
19:21:11.0843 3284 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
19:21:12.0015 3284 UPS - ok
19:21:12.0062 3284 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:21:12.0218 3284 usbehci - ok
19:21:12.0281 3284 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:21:12.0437 3284 usbhub - ok
19:21:12.0453 3284 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:21:12.0609 3284 usbohci - ok
19:21:12.0640 3284 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:21:12.0781 3284 USBSTOR - ok
19:21:12.0843 3284 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:21:13.0000 3284 VgaSave - ok
19:21:13.0015 3284 ViaIde - ok
19:21:13.0046 3284 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:21:13.0203 3284 VolSnap - ok
19:21:13.0296 3284 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
19:21:13.0390 3284 VSS - ok
19:21:13.0484 3284 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
19:21:13.0656 3284 W32Time - ok
19:21:13.0718 3284 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:21:13.0906 3284 Wanarp - ok
19:21:13.0906 3284 WDICA - ok
19:21:13.0984 3284 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:21:14.0125 3284 wdmaud - ok
19:21:14.0171 3284 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:21:14.0328 3284 WebClient - ok
19:21:14.0453 3284 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:21:14.0640 3284 winmgmt - ok
19:21:14.0687 3284 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:21:14.0703 3284 WmdmPmSN - ok
19:21:14.0781 3284 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:21:14.0937 3284 WmiApSrv - ok
19:21:15.0187 3284 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
19:21:15.0468 3284 WMPNetworkSvc - ok
19:21:15.0531 3284 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:21:15.0687 3284 wscsvc - ok
19:21:15.0734 3284 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:21:15.0890 3284 wuauserv - ok
19:21:15.0937 3284 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:21:15.0968 3284 WudfPf - ok
19:21:16.0015 3284 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:21:16.0046 3284 WudfRd - ok
19:21:16.0062 3284 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:21:16.0093 3284 WudfSvc - ok
19:21:16.0281 3284 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:21:16.0531 3284 WZCSVC - ok
19:21:16.0609 3284 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:21:16.0765 3284 xmlprov - ok
19:21:16.0828 3284 ================ Scan global ===============================
19:21:16.0875 3284 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
19:21:17.0000 3284 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:21:17.0125 3284 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:21:17.0171 3284 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
19:21:17.0187 3284 [Global] - ok
19:21:17.0187 3284 ================ Scan MBR ==================================
19:21:17.0218 3284 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:21:17.0703 3284 \Device\Harddisk0\DR0 - ok
19:21:17.0703 3284 ================ Scan VBR ==================================
19:21:17.0734 3284 [ AD0D9DED0D52821FBB8F3A5B99AEE9F4 ] \Device\Harddisk0\DR0\Partition1
19:21:17.0734 3284 \Device\Harddisk0\DR0\Partition1 - ok
19:21:17.0765 3284 [ 5546AFAB2D47C5BA5F8E4311C325B3D9 ] \Device\Harddisk0\DR0\Partition2
19:21:17.0765 3284 \Device\Harddisk0\DR0\Partition2 - ok
19:21:17.0781 3284 ============================================================
19:21:17.0781 3284 Scan finished
19:21:17.0781 3284 ============================================================
19:21:17.0796 3408 Detected object count: 3
19:21:17.0796 3408 Actual detected object count: 3
19:21:39.0203 3408 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:39.0203 3408 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:39.0218 3408 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:39.0218 3408 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:39.0218 3408 SSHDRV62 ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:39.0218 3408 SSHDRV62 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:52.0656 2872 Deinitialize success
Große Schwierigkeiten bereitet mir der Download von aswMBR (egal von welcher Internetseite), da dies immer mit der Meldung "Das Zeitlimit für den Download wurde erreicht" endet. |
|
20.04.2013, 16:07
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer Manager aswMBR bitte nochmal ausprobieren Du hast das falsche Log von MBAR gepostet
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.04.2013, 19:12
| #10 |
| | PC Performer Manager Mal eine kleine Zusammenfassung der Ereignisse: Der Ordner Anwendungsdaten in dem sich der PC Performer Manager befindet existiert nicht mehr. MBAR erstellt keinen Log Ordner, so wie in der Einleitung beschrieben, deshalb auch der falsche Post. Update zur neusten Version ist nicht möglich. AswMBR kann ich wie bereits beschrieben nicht herunterladen. Ich habe mir beim herunterladen der Virenprogramme einiges eingefangen (u.a. Delta Search ???). Siehe aktueller Log von MABM. Im Hintergrund öffnen sich ständig irgendwelche Downloadmanager. Spybot Search and Destroy läuft gerade und findet: 11 Einträge Sweet IM (AdwareC), 5 Einträge Babylon Toolbar (Adware), 1 Eintrag Fraud.Foxit.daws. TrojansC-03 1 Eintrag Right Media (Browser) 1 Eintrag Smoto.BetterInstaller TrojansC-05  Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.04.20.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 xxxxxx :: D63E0FC3CE2B498 [Administrator] 20.04.2013 13:29:47 MBAM-log-2013-04-20 (16-53-35).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 250411 Laufzeit: 3 Stunde(n), 19 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 6 C:\Dokumente und Einstellungen\xxxxxx\Lokale Einstellungen\Temp\pricepeep_130001_1001.exe (Adware.Shopper) -> Keine Aktion durchgeführt. C:\System Volume Information\_restore{01088E30-F386-4706-8EE0-6146068E81DD}\RP186\A0045121.exe (Adware.Shopper) -> Keine Aktion durchgeführt. D:\Driver\USB 2.0\VIA\USB20_VIA_Package.zip (Spyware.Zbot) -> Keine Aktion durchgeführt. D:\Driver\USB 2.0\VIA\_ISDel.exe (Spyware.Zbot) -> Keine Aktion durchgeführt. D:\Tools\Power Cinema\MShow\_ISDel.exe (Spyware.Zbot) -> Keine Aktion durchgeführt. D:\Tools\Power Cinema\VLM\_ISDel.exe (Spyware.Zbot) -> Keine Aktion durchgeführt. (Ende) |
|
20.04.2013, 19:18
| #11 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer ManagerZitat:
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.04.2013, 19:28
| #12 |
| | PC Performer Manager Tut mir Leid, da ist im erstellten Ordner (mbar) keine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) , sondern nur System-Log Textdokumment. Geändert von Alessandro77 (20.04.2013 um 19:34 Uhr) |
|
20.04.2013, 20:54
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer Manager Sry aber das ist Quatsch. MBAR legt da immer sein Logfile ab. Bitte sieh genauer nach. Ggf. Anleitung nochmal genau lesen und auch genau so umsetzen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.04.2013, 18:14
| #14 |
| | PC Performer Manager Ich habe aswMBR, MBAR (Malwarebytes Anti-Rootkit), TDSS - Killer und MBAM noch einmal neu installiert und die Scans durchgeführt. Die aktuellen Logs sind gepostet. aswMBR Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-27 18:19:11
-----------------------------
18:19:11.843 OS Version: Windows 5.1.2600 Service Pack 3
18:19:11.843 Number of processors: 1 586 0x207
18:19:11.843 ComputerName: D63E0FC3CE2B498 UserName: xxxxxxx
18:19:13.421 Initialize success
18:25:48.375 AVAST engine defs: 13042700
18:29:53.875 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:29:53.875 Disk 0 Vendor: ST380022A 3.30 Size: 76319MB BusType: 3
18:29:54.031 Disk 0 MBR read successfully
18:29:54.031 Disk 0 MBR scan
18:29:54.109 Disk 0 Windows XP default MBR code
18:29:54.125 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38005 MB offset 63
18:29:54.125 Disk 0 Partition - 00 0F Extended LBA 38303 MB offset 77834925
18:29:55.187 Disk 0 scanning sectors +156280320
18:29:55.421 Disk 0 scanning C:\WINDOWS\system32\drivers
18:30:22.640 Service scanning
18:31:04.546 Modules scanning
18:31:29.437 Disk 0 trace - called modules:
18:31:29.453 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
18:31:29.453 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89bcaab8]
18:31:29.453 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\0000005a[0x89b6ae98]
18:31:29.453 5 ACPI.sys[f75ad620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89bbf940]
18:31:30.328 AVAST engine scan C:\WINDOWS
18:31:36.328 AVAST engine scan C:\WINDOWS\system32
18:37:43.515 AVAST engine scan C:\WINDOWS\system32\drivers
18:38:16.171 AVAST engine scan C:\Dokumente und Einstellungen\xxxxxx
18:46:07.281 AVAST engine scan C:\Dokumente und Einstellungen\All Users
18:47:04.859 Scan finished successfully
18:49:24.781 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\xxxxxx\Eigene Dateien\Downloads\Sonstiges\MBR.dat"
18:49:24.781 The log file has been saved successfully to "C:\Dokumente und Einstellungen\xxxxxx\Eigene Dateien\Downloads\Sonstiges\aswMBR.txt"
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.04.26.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
xxxxxx :: D63E0FC3CE2B498 [administrator]
26.04.2013 19:49:09
mbar-log-2013-04-26 (19-49-09).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 25247
Time elapsed: 36 minute(s), 12 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 19:53:34.0281 1432 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:53:34.0781 1432 ============================================================
19:53:34.0781 1432 Current date / time: 2013/04/26 19:53:34.0781
19:53:34.0781 1432 SystemInfo:
19:53:34.0781 1432
19:53:34.0781 1432 OS Version: 5.1.2600 ServicePack: 3.0
19:53:34.0781 1432 Product type: Workstation
19:53:34.0781 1432 ComputerName: D63E0FC3CE2B498
19:53:34.0781 1432 UserName: xxxxxx
19:53:34.0781 1432 Windows directory: C:\WINDOWS
19:53:34.0781 1432 System windows directory: C:\WINDOWS
19:53:34.0781 1432 Processor architecture: Intel x86
19:53:34.0781 1432 Number of processors: 1
19:53:34.0781 1432 Page size: 0x1000
19:53:34.0781 1432 Boot type: Normal boot
19:53:34.0781 1432 ============================================================
19:53:36.0578 1432 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:53:36.0578 1432 ============================================================
19:53:36.0578 1432 \Device\Harddisk0\DR0:
19:53:36.0578 1432 MBR partitions:
19:53:36.0578 1432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A3AA6E
19:53:36.0593 1432 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4A3AAEC, BlocksNum 0x4ACFB14
19:53:36.0593 1432 ============================================================
19:53:36.0625 1432 C: <-> \Device\Harddisk0\DR0\Partition1
19:53:36.0687 1432 D: <-> \Device\Harddisk0\DR0\Partition2
19:53:36.0687 1432 ============================================================
19:53:36.0687 1432 Initialize success
19:53:36.0687 1432 ============================================================
19:53:42.0703 3420 ============================================================
19:53:42.0703 3420 Scan started
19:53:42.0703 3420 Mode: Manual; SigCheck; TDLFS;
19:53:42.0703 3420 ============================================================
19:53:44.0921 3420 ================ Scan system memory ========================
19:53:44.0921 3420 System memory - ok
19:53:44.0937 3420 ================ Scan services =============================
19:53:45.0234 3420 [ D5A6658CBFBBF9A0F8827E83C9FDE806 ] 6to4 C:\WINDOWS\System32\6to4svc.dll
19:53:47.0250 3420 6to4 - ok
19:53:47.0281 3420 Abiosdsk - ok
19:53:47.0296 3420 abp480n5 - ok
19:53:47.0390 3420 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:53:50.0703 3420 ACPI - ok
19:53:50.0734 3420 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:53:50.0937 3420 ACPIEC - ok
19:53:50.0937 3420 adpu160m - ok
19:53:51.0015 3420 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:53:51.0203 3420 aec - ok
19:53:51.0296 3420 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:53:51.0421 3420 AFD - ok
19:53:51.0437 3420 Aha154x - ok
19:53:51.0453 3420 aic78u2 - ok
19:53:51.0468 3420 aic78xx - ok
19:53:51.0703 3420 [ 7BFE59F5EFF8896D043CFDE731B262E9 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:53:52.0000 3420 ALCXWDM - ok
19:53:52.0031 3420 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:53:52.0250 3420 Alerter - ok
19:53:52.0296 3420 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
19:53:52.0421 3420 ALG - ok
19:53:52.0421 3420 AliIde - ok
19:53:52.0437 3420 amsint - ok
19:53:52.0593 3420 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
19:53:52.0640 3420 AntiVirSchedulerService - ok
19:53:52.0703 3420 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:53:52.0750 3420 AntiVirService - ok
19:53:52.0968 3420 [ 5A123AABB571AEA78AE63AF5E372F796 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:53:53.0281 3420 AntiVirWebService - ok
19:53:53.0296 3420 AppMgmt - ok
19:53:53.0359 3420 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:53:53.0562 3420 Arp1394 - ok
19:53:53.0578 3420 asc - ok
19:53:53.0593 3420 asc3350p - ok
19:53:53.0609 3420 asc3550 - ok
19:53:53.0750 3420 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:53:53.0765 3420 aspnet_state - ok
19:53:53.0796 3420 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:53:53.0984 3420 AsyncMac - ok
19:53:54.0046 3420 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:53:54.0234 3420 atapi - ok
19:53:54.0250 3420 Atdisk - ok
19:53:54.0296 3420 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:53:54.0515 3420 Atmarpc - ok
19:53:54.0578 3420 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:53:54.0812 3420 AudioSrv - ok
19:53:54.0843 3420 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:53:55.0031 3420 audstub - ok
19:53:55.0093 3420 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:53:55.0140 3420 avgntflt - ok
19:53:55.0218 3420 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:53:55.0234 3420 avipbb - ok
19:53:55.0281 3420 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:53:55.0296 3420 avkmgr - ok
19:53:55.0343 3420 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:53:55.0546 3420 Beep - ok
19:53:55.0671 3420 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
19:53:55.0937 3420 BITS - ok
19:53:56.0000 3420 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
19:53:56.0140 3420 Browser - ok
19:53:56.0171 3420 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
19:53:56.0390 3420 BthEnum - ok
19:53:56.0421 3420 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
19:53:56.0625 3420 BTHMODEM - ok
19:53:56.0703 3420 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
19:53:56.0906 3420 BthPan - ok
19:53:57.0031 3420 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
19:53:57.0109 3420 BTHPORT - ok
19:53:57.0140 3420 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
19:53:57.0375 3420 BthServ - ok
19:53:57.0406 3420 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
19:53:57.0593 3420 BTHUSB - ok
19:53:57.0640 3420 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:53:57.0843 3420 cbidf2k - ok
19:53:57.0843 3420 cd20xrnt - ok
19:53:57.0890 3420 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:53:58.0093 3420 Cdaudio - ok
19:53:58.0140 3420 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:53:58.0421 3420 Cdfs - ok
19:53:58.0468 3420 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:53:58.0687 3420 Cdrom - ok
19:53:58.0687 3420 Changer - ok
19:53:58.0734 3420 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:53:58.0937 3420 CiSvc - ok
19:53:58.0984 3420 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:53:59.0187 3420 ClipSrv - ok
19:53:59.0234 3420 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:53:59.0265 3420 clr_optimization_v2.0.50727_32 - ok
19:53:59.0265 3420 CmdIde - ok
19:53:59.0281 3420 COMSysApp - ok
19:53:59.0312 3420 Cpqarray - ok
19:53:59.0375 3420 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:53:59.0609 3420 CryptSvc - ok
19:53:59.0609 3420 dac2w2k - ok
19:53:59.0625 3420 dac960nt - ok
19:53:59.0687 3420 [ B1AD007F9A7DD8CFC981958D5C167D2D ] DcCam C:\WINDOWS\system32\DRIVERS\DcCam.sys
19:53:59.0750 3420 DcCam - ok
19:53:59.0812 3420 [ 5FD20284CAAF112201311619FF89FA44 ] DcFpoint C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
19:53:59.0859 3420 DcFpoint - ok
19:53:59.0906 3420 [ 867F7E6841B15D32481C3F1B83364E3A ] DCFS2K C:\WINDOWS\system32\drivers\dcfs2k.sys
19:53:59.0953 3420 DCFS2K - ok
19:53:59.0984 3420 [ 1B889AC45FAF088FF2AF690779368956 ] DcLps C:\WINDOWS\system32\DRIVERS\DcLps.sys
19:54:00.0031 3420 DcLps - ok
19:54:00.0187 3420 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:54:00.0484 3420 DcomLaunch - ok
19:54:00.0531 3420 [ 47B1CCEC23AEC5AE6A2005D1A0D8ED65 ] DcPTP C:\WINDOWS\system32\DRIVERS\DcPTP.sys
19:54:00.0593 3420 DcPTP - ok
19:54:00.0656 3420 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:54:00.0906 3420 Dhcp - ok
19:54:00.0937 3420 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:54:01.0156 3420 Disk - ok
19:54:01.0171 3420 dmadmin - ok
19:54:01.0281 3420 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:54:01.0656 3420 dmboot - ok
19:54:01.0718 3420 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:54:01.0921 3420 dmio - ok
19:54:01.0953 3420 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:54:02.0140 3420 dmload - ok
19:54:02.0187 3420 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:54:02.0453 3420 dmserver - ok
19:54:02.0515 3420 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:54:02.0734 3420 DMusic - ok
19:54:02.0796 3420 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:54:02.0890 3420 Dnscache - ok
19:54:02.0937 3420 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:54:03.0171 3420 Dot3svc - ok
19:54:03.0187 3420 dpti2o - ok
19:54:03.0218 3420 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:54:03.0484 3420 drmkaud - ok
19:54:03.0531 3420 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:54:03.0734 3420 EapHost - ok
19:54:03.0765 3420 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:54:03.0968 3420 ERSvc - ok
19:54:04.0046 3420 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
19:54:04.0109 3420 Eventlog - ok
19:54:04.0218 3420 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
19:54:04.0390 3420 EventSystem - ok
19:54:04.0468 3420 [ 20FF28FB3B268E7C76B10841A9F81BA4 ] Exportit C:\WINDOWS\system32\DRIVERS\exportit.sys
19:54:04.0531 3420 Exportit - ok
19:54:04.0593 3420 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:54:04.0781 3420 Fastfat - ok
19:54:04.0843 3420 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:54:04.0968 3420 FastUserSwitchingCompatibility - ok
19:54:05.0015 3420 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:54:05.0203 3420 Fdc - ok
19:54:05.0234 3420 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:54:05.0453 3420 Fips - ok
19:54:05.0484 3420 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:54:05.0656 3420 Flpydisk - ok
19:54:05.0734 3420 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:54:05.0937 3420 FltMgr - ok
19:54:06.0031 3420 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:54:06.0046 3420 FontCache3.0.0.0 - ok
19:54:06.0062 3420 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:54:06.0265 3420 Fs_Rec - ok
19:54:06.0328 3420 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:54:06.0562 3420 Ftdisk - ok
19:54:06.0593 3420 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:54:06.0765 3420 gameenum - ok
19:54:06.0812 3420 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:54:07.0015 3420 Gpc - ok
19:54:07.0156 3420 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
19:54:07.0218 3420 gupdate - ok
19:54:07.0265 3420 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
19:54:07.0296 3420 gupdatem - ok
19:54:07.0375 3420 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:54:07.0578 3420 helpsvc - ok
19:54:07.0593 3420 HidServ - ok
19:54:07.0640 3420 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:54:07.0843 3420 HidUsb - ok
19:54:07.0890 3420 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:54:08.0093 3420 hkmsvc - ok
19:54:08.0109 3420 hpn - ok
19:54:08.0234 3420 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:54:08.0343 3420 HTTP - ok
19:54:08.0390 3420 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:54:08.0609 3420 HTTPFilter - ok
19:54:08.0625 3420 i2omgmt - ok
19:54:08.0640 3420 i2omp - ok
19:54:08.0703 3420 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:54:08.0921 3420 i8042prt - ok
19:54:09.0265 3420 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:54:09.0531 3420 idsvc - ok
19:54:09.0578 3420 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:54:09.0765 3420 Imapi - ok
19:54:09.0843 3420 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
19:54:10.0046 3420 ImapiService - ok
19:54:10.0062 3420 ini910u - ok
19:54:10.0093 3420 IntelIde - ok
19:54:10.0140 3420 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:54:10.0359 3420 intelppm - ok
19:54:10.0406 3420 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:54:10.0609 3420 Ip6Fw - ok
19:54:10.0656 3420 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:54:10.0875 3420 IpFilterDriver - ok
19:54:10.0921 3420 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:54:11.0109 3420 IpInIp - ok
19:54:11.0187 3420 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:54:11.0406 3420 IpNat - ok
19:54:11.0453 3420 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:54:11.0671 3420 IPSec - ok
19:54:11.0687 3420 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:54:11.0796 3420 IRENUM - ok
19:54:11.0859 3420 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:54:12.0046 3420 isapnp - ok
19:54:12.0203 3420 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
19:54:12.0265 3420 JavaQuickStarterService - ok
19:54:12.0296 3420 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:54:12.0531 3420 Kbdclass - ok
19:54:12.0609 3420 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:54:12.0828 3420 kmixer - ok
19:54:12.0953 3420 [ 4E1060D2F3B745931CF83B3649BE8A57 ] KodakCCS C:\WINDOWS\system32\drivers\KodakCCS.exe
19:54:13.0015 3420 KodakCCS - ok
19:54:13.0078 3420 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:54:13.0156 3420 KSecDD - ok
19:54:13.0218 3420 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:54:13.0328 3420 lanmanserver - ok
19:54:13.0453 3420 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:54:13.0578 3420 lanmanworkstation - ok
19:54:13.0593 3420 lbrtfdc - ok
19:54:13.0656 3420 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:54:13.0859 3420 LmHosts - ok
19:54:13.0921 3420 [ 4A5FFDF0FE830C448830BD4B02B02B4B ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
19:54:13.0937 3420 mbamchameleon - ok
19:54:13.0984 3420 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:54:14.0203 3420 Messenger - ok
19:54:14.0234 3420 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:54:14.0437 3420 mnmdd - ok
19:54:14.0484 3420 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:54:14.0671 3420 mnmsrvc - ok
19:54:14.0703 3420 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:54:14.0906 3420 Modem - ok
19:54:14.0953 3420 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:54:15.0171 3420 Mouclass - ok
19:54:15.0187 3420 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:54:15.0406 3420 mouhid - ok
19:54:15.0453 3420 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:54:15.0671 3420 MountMgr - ok
19:54:15.0671 3420 mraid35x - ok
19:54:15.0765 3420 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:54:15.0984 3420 MRxDAV - ok
19:54:16.0171 3420 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:54:16.0328 3420 MRxSmb - ok
19:54:16.0375 3420 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:54:16.0593 3420 MSDTC - ok
19:54:16.0625 3420 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:54:16.0859 3420 Msfs - ok
19:54:16.0859 3420 MSIServer - ok
19:54:16.0890 3420 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:54:17.0093 3420 MSKSSRV - ok
19:54:17.0125 3420 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:54:17.0343 3420 MSPCLOCK - ok
19:54:17.0390 3420 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:54:17.0593 3420 MSPQM - ok
19:54:17.0625 3420 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:54:17.0812 3420 mssmbios - ok
19:54:17.0843 3420 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
19:54:18.0062 3420 ms_mpu401 - ok
19:54:18.0140 3420 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:54:18.0203 3420 Mup - ok
19:54:18.0296 3420 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
19:54:18.0609 3420 napagent - ok
19:54:18.0671 3420 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:54:18.0906 3420 NDIS - ok
19:54:18.0937 3420 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:54:19.0015 3420 NdisTapi - ok
19:54:19.0046 3420 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:54:19.0234 3420 Ndisuio - ok
19:54:19.0296 3420 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:54:19.0546 3420 NdisWan - ok
19:54:19.0593 3420 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:54:19.0703 3420 NDProxy - ok
19:54:19.0734 3420 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:54:19.0953 3420 NetBIOS - ok
19:54:20.0031 3420 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:54:20.0203 3420 NetBT - ok
19:54:20.0265 3420 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
19:54:20.0515 3420 NetDDE - ok
19:54:20.0562 3420 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:54:20.0750 3420 NetDDEdsdm - ok
19:54:20.0781 3420 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:54:20.0984 3420 Netlogon - ok
19:54:21.0093 3420 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
19:54:21.0359 3420 Netman - ok
19:54:21.0453 3420 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:54:21.0468 3420 NetTcpPortSharing - ok
19:54:21.0531 3420 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:54:21.0750 3420 NIC1394 - ok
19:54:21.0859 3420 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
19:54:22.0000 3420 Nla - ok
19:54:22.0031 3420 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:54:22.0250 3420 Npfs - ok
19:54:22.0437 3420 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:54:22.0718 3420 Ntfs - ok
19:54:22.0750 3420 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:54:22.0921 3420 NtLmSsp - ok
19:54:23.0062 3420 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:54:23.0531 3420 NtmsSvc - ok
19:54:23.0546 3420 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:54:23.0734 3420 Null - ok
19:54:24.0375 3420 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:54:25.0093 3420 nv - ok
19:54:25.0140 3420 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:54:25.0343 3420 NwlnkFlt - ok
19:54:25.0406 3420 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:54:25.0593 3420 NwlnkFwd - ok
19:54:25.0640 3420 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:54:25.0843 3420 ohci1394 - ok
19:54:25.0890 3420 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:54:26.0109 3420 Parport - ok
19:54:26.0156 3420 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:54:26.0359 3420 PartMgr - ok
19:54:26.0468 3420 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:54:26.0671 3420 ParVdm - ok
19:54:26.0718 3420 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:54:26.0921 3420 PCI - ok
19:54:26.0937 3420 PCIDump - ok
19:54:26.0984 3420 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:54:27.0156 3420 PCIIde - ok
19:54:27.0218 3420 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:54:27.0453 3420 Pcmcia - ok
19:54:27.0468 3420 PDCOMP - ok
19:54:27.0484 3420 PDFRAME - ok
19:54:27.0500 3420 PDRELI - ok
19:54:27.0515 3420 PDRFRAME - ok
19:54:27.0531 3420 perc2 - ok
19:54:27.0546 3420 perc2hib - ok
19:54:27.0609 3420 [ C4AA89518E8A2934EAF503C9587FF157 ] pfc C:\WINDOWS\system32\drivers\pfc.sys
19:54:27.0640 3420 pfc ( UnsignedFile.Multi.Generic ) - warning
19:54:27.0640 3420 pfc - detected UnsignedFile.Multi.Generic (1)
19:54:27.0703 3420 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
19:54:27.0734 3420 PlugPlay - ok
19:54:27.0750 3420 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:54:27.0921 3420 PolicyAgent - ok
19:54:27.0984 3420 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:54:28.0203 3420 PptpMiniport - ok
19:54:28.0234 3420 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:54:28.0500 3420 ProtectedStorage - ok
19:54:28.0593 3420 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:54:28.0828 3420 PSched - ok
19:54:28.0859 3420 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:54:29.0062 3420 Ptilink - ok
19:54:29.0109 3420 [ B572ED0C3E6165643FA116AF20425A54 ] PxHelp20 C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
19:54:29.0140 3420 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
19:54:29.0140 3420 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
19:54:29.0156 3420 ql1080 - ok
19:54:29.0171 3420 Ql10wnt - ok
19:54:29.0171 3420 ql12160 - ok
19:54:29.0187 3420 ql1240 - ok
19:54:29.0203 3420 ql1280 - ok
19:54:29.0265 3420 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:54:29.0484 3420 RasAcd - ok
19:54:29.0531 3420 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:54:29.0750 3420 RasAuto - ok
19:54:29.0796 3420 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:54:30.0015 3420 Rasl2tp - ok
19:54:30.0109 3420 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:54:30.0375 3420 RasMan - ok
19:54:30.0421 3420 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:54:30.0640 3420 RasPppoe - ok
19:54:30.0671 3420 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:54:30.0859 3420 Raspti - ok
19:54:30.0937 3420 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:54:31.0156 3420 Rdbss - ok
19:54:31.0187 3420 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:54:31.0390 3420 RDPCDD - ok
19:54:31.0484 3420 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:54:31.0578 3420 RDPWD - ok
19:54:31.0640 3420 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:54:31.0843 3420 RDSessMgr - ok
19:54:31.0906 3420 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:54:32.0125 3420 redbook - ok
19:54:32.0156 3420 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:54:32.0375 3420 RemoteAccess - ok
19:54:32.0421 3420 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
19:54:32.0640 3420 RFCOMM - ok
19:54:32.0703 3420 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:54:32.0921 3420 RpcLocator - ok
19:54:33.0062 3420 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:54:33.0171 3420 RpcSs - ok
19:54:33.0250 3420 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:54:33.0562 3420 RSVP - ok
19:54:33.0578 3420 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
19:54:33.0781 3420 SamSs - ok
19:54:33.0828 3420 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:54:34.0062 3420 SCardSvr - ok
19:54:34.0156 3420 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:54:34.0468 3420 Schedule - ok
19:54:34.0515 3420 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:54:34.0593 3420 Secdrv - ok
19:54:34.0640 3420 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:54:34.0843 3420 seclogon - ok
19:54:34.0890 3420 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
19:54:35.0109 3420 SENS - ok
19:54:35.0140 3420 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:54:35.0343 3420 serenum - ok
19:54:35.0406 3420 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:54:35.0625 3420 Serial - ok
19:54:35.0703 3420 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:54:35.0906 3420 Sfloppy - ok
19:54:36.0046 3420 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:54:36.0359 3420 SharedAccess - ok
19:54:36.0468 3420 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:54:36.0484 3420 ShellHWDetection - ok
19:54:36.0500 3420 Simbad - ok
19:54:36.0546 3420 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:54:36.0765 3420 sisagp - ok
19:54:36.0812 3420 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys
19:54:37.0015 3420 SISNIC - ok
19:54:37.0031 3420 Sparrow - ok
19:54:37.0062 3420 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:54:37.0265 3420 splitter - ok
19:54:37.0328 3420 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:54:37.0375 3420 Spooler - ok
19:54:37.0437 3420 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:54:37.0531 3420 sr - ok
19:54:37.0625 3420 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
19:54:37.0765 3420 srservice - ok
19:54:37.0906 3420 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:54:38.0062 3420 Srv - ok
19:54:38.0125 3420 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:54:38.0265 3420 SSDPSRV - ok
19:54:38.0328 3420 [ 5FFB52404158ABC5D9FF4081BCD67033 ] SSHDRV62 C:\WINDOWS\system32\drivers\SSHDRV62.sys
19:54:38.0375 3420 SSHDRV62 ( UnsignedFile.Multi.Generic ) - warning
19:54:38.0375 3420 SSHDRV62 - detected UnsignedFile.Multi.Generic (1)
19:54:38.0406 3420 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:54:38.0468 3420 ssmdrv - ok
19:54:38.0609 3420 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:54:39.0015 3420 stisvc - ok
19:54:39.0062 3420 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:54:39.0265 3420 swenum - ok
19:54:39.0312 3420 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:54:39.0562 3420 swmidi - ok
19:54:39.0578 3420 SwPrv - ok
19:54:39.0593 3420 symc810 - ok
19:54:39.0609 3420 symc8xx - ok
19:54:39.0625 3420 sym_hi - ok
19:54:39.0640 3420 sym_u3 - ok
19:54:39.0703 3420 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:54:39.0906 3420 sysaudio - ok
19:54:39.0984 3420 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:54:40.0203 3420 SysmonLog - ok
19:54:40.0328 3420 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:54:40.0640 3420 TapiSrv - ok
19:54:40.0796 3420 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:54:40.0937 3420 Tcpip - ok
19:54:41.0046 3420 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
19:54:41.0109 3420 Tcpip6 - ok
19:54:41.0140 3420 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:54:41.0343 3420 TDPIPE - ok
19:54:41.0359 3420 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:54:41.0546 3420 TDTCP - ok
19:54:41.0593 3420 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:54:41.0812 3420 TermDD - ok
19:54:41.0921 3420 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
19:54:42.0156 3420 TermService - ok
19:54:42.0218 3420 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:54:42.0250 3420 Themes - ok
19:54:42.0265 3420 TosIde - ok
19:54:42.0328 3420 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:54:42.0546 3420 TrkWks - ok
19:54:42.0593 3420 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
19:54:42.0828 3420 tunmp - ok
19:54:42.0875 3420 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:54:43.0078 3420 Udfs - ok
19:54:43.0093 3420 ultra - ok
19:54:43.0250 3420 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:54:43.0593 3420 Update - ok
19:54:43.0687 3420 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:54:43.0843 3420 upnphost - ok
19:54:43.0890 3420 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
19:54:44.0109 3420 UPS - ok
19:54:44.0156 3420 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:54:44.0375 3420 usbehci - ok
19:54:44.0437 3420 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:54:44.0625 3420 usbhub - ok
19:54:44.0656 3420 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:54:44.0843 3420 usbohci - ok
19:54:44.0890 3420 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:54:45.0093 3420 USBSTOR - ok
19:54:45.0156 3420 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:54:45.0359 3420 VgaSave - ok
19:54:45.0375 3420 ViaIde - ok
19:54:45.0406 3420 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:54:45.0625 3420 VolSnap - ok
19:54:45.0734 3420 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
19:54:45.0812 3420 VSS - ok
19:54:45.0906 3420 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
19:54:46.0078 3420 W32Time - ok
19:54:46.0125 3420 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:54:46.0359 3420 Wanarp - ok
19:54:46.0359 3420 WDICA - ok
19:54:46.0437 3420 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:54:46.0656 3420 wdmaud - ok
19:54:46.0703 3420 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:54:46.0937 3420 WebClient - ok
19:54:47.0062 3420 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:54:47.0250 3420 winmgmt - ok
19:54:47.0328 3420 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:54:47.0390 3420 WmdmPmSN - ok
19:54:47.0468 3420 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:54:47.0671 3420 WmiApSrv - ok
19:54:47.0937 3420 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
19:54:48.0468 3420 WMPNetworkSvc - ok
19:54:48.0578 3420 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:54:48.0828 3420 wscsvc - ok
19:54:48.0875 3420 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:54:49.0078 3420 wuauserv - ok
19:54:49.0125 3420 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:54:49.0203 3420 WudfPf - ok
19:54:49.0250 3420 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:54:49.0281 3420 WudfRd - ok
19:54:49.0312 3420 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:54:49.0375 3420 WudfSvc - ok
19:54:49.0562 3420 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:54:49.0875 3420 WZCSVC - ok
19:54:49.0937 3420 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:54:50.0156 3420 xmlprov - ok
19:54:50.0203 3420 ================ Scan global ===============================
19:54:50.0250 3420 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
19:54:50.0390 3420 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:54:50.0656 3420 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:54:50.0718 3420 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
19:54:50.0718 3420 [Global] - ok
19:54:50.0734 3420 ================ Scan MBR ==================================
19:54:50.0765 3420 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:54:51.0218 3420 \Device\Harddisk0\DR0 - ok
19:54:51.0218 3420 ================ Scan VBR ==================================
19:54:51.0250 3420 [ AD0D9DED0D52821FBB8F3A5B99AEE9F4 ] \Device\Harddisk0\DR0\Partition1
19:54:51.0265 3420 \Device\Harddisk0\DR0\Partition1 - ok
19:54:51.0296 3420 [ 5546AFAB2D47C5BA5F8E4311C325B3D9 ] \Device\Harddisk0\DR0\Partition2
19:54:51.0296 3420 \Device\Harddisk0\DR0\Partition2 - ok
19:54:51.0296 3420 ============================================================
19:54:51.0296 3420 Scan finished
19:54:51.0296 3420 ============================================================
19:54:51.0421 3956 Detected object count: 3
19:54:51.0421 3956 Actual detected object count: 3
19:56:53.0093 3956 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
19:56:53.0093 3956 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:56:53.0109 3956 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
19:56:53.0109 3956 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:56:53.0125 3956 SSHDRV62 ( UnsignedFile.Multi.Generic ) - skipped by user
19:56:53.0125 3956 SSHDRV62 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:56:57.0796 3052 Deinitialize success
MBAM Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.04.27.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 xxxxxx :: D63E0FC3CE2B498 [Administrator] 27.04.2013 14:16:46 mbam-log-2013-04-27 (14-16-46).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 250932 Laufzeit: 3 Stunde(n), 54 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
28.04.2013, 17:52
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer Manager Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu PC Performer Manager |
| alter, anti, anwendungsdaten, bedrohung, compu, computer, datei, destroy, dokumente, einstellungen, erschein, erscheint, frage, gefunde, gelöscht, langsamer, löschen, malwarebytes, manager, meldung, performer, search, seitdem, users, verdächtige |
Linear-Darstellung
